Data loss can be catastrophic for companies of any size, particularly so for SMEs as a major data loss event can often deliver a killer blow to a smaller organisation’s very existence.
According to The Aberdeen Group, 47 per cent of SaaS data loss is a result of human error, proving that an apparently safe and sound critical document can be wiped out forever with one wrong keystroke.
Under attack
It’s not just natural disasters and human error that can leave an SME vulnerable to data loss. In Datto’s recent Global State of the Channel Ransomware Report, 28 per cent of MSPs surveyed reported ransomware attacks in SaaS applications, with 64 per cent of those occurring within Office 365.
Putting the house in order
It is imperative that SMEs have their own complete backup and retention solution in place to ensure that their workflows experience minimal disruption in the event of a large-scale data loss if they are to avoid becoming the next data loss casualty. When it comes to data loss for businesses, common causes are accidental deletion (human error), virus or malware, hard disk or storage damage, software corruption, and natural disaster.
Balancing convenience and flexibility with risk
The increasingly mobile workforce has also increased the likelihood of data loss, with users accessing and retaining data on a range of personal mobile devices that can be easily lost or stolen.
In order to prevent data loss from something such as mobile device theft, users must keep data backed up at all times (or better still, everything is set to automatically back up), and staff should be left in no doubt about the importance of backing up their work in the cloud.
Lock down sensitive data
Because organisations are obliged to protect sensitive information and prevent it from being inadvertently disclosed, Microsoft recently built a DLP (Data Loss Prevention) policy within its Office 365 Security and Compliance Centre. This enables companies to identify the sensitive information they retain across multiple locations within the corporate network, prevent the accidental sharing of sensitive information by blocking access to certain documents, and prevent them from being shared with unauthorised persons. Sensitive information is monitored and protected by applying DLP rules to it.
This protection can be applied to sensitive information such as credit card details, health records, contracts, and a range of other data sets.
DLP also helps SMEs communicate to their users how to stay compliant without interrupting their workflow. It does so by educating users about DLP policies without blocking their work. For example, should a user try to share a document containing sensitive information, a DLP policy-enabled system can be set up to send them an email notification as well as show them a policy tip in the context of the document library that allows them to override the policy if they have a business justification for doing so.
Don’t wait, automate!
Microsoft’s backup policies for Office 365 do not guarantee restoration of lost data. The company recommends that you regularly back up your content and data that you store on the service or on third-party apps and services.
Automation of company rules around the sharing and managing of data removes much of the organisational stress around the threat of unauthorised access and sharing of sensitive data and helps businesses meet their regulatory compliance obligations in a much more straightforward fashion.
James Bergl, Regional Director – APAC, Datto
