Today’s data protection market is more complex than many of us would at first believe. The reason is closely tied to the fact most businesses opt to work with SaaS-based solutions for productivity and collaboration, and in doing so, automatically assume every vendor will be ensuring user data is copied, protected and secure. It’s time to set the record straight: this is not the case, and this assumption can be incredibly dangerous in the long-term, with no one taking responsibility for some of an organisation's most critical data.
The lack of protection provided by vendors is no new revelation. It’s been a standard practice for quite some time as part of the “shared responsibility model”, but that doesn’t stop some from assuming otherwise. The newest company to openly state they are no longer responsible for user data recovery is Salesforce. As of the 31st of July, Salesforce customers have been required to protect their own data. Salesforce has communicated this well but, as many customers search for ways to protect their data quickly, this serves as an important reminder as to why we all need to take the time to read the small print, check what is (and is now) included and ensure we are prepared for the day that a disaster might strike unexpectedly.