Software-as-a-service (SaaS) solutions have become one of the most popular technologies among modern enterprises. Since they are often subscription-based, they provide business customers with greater flexibility than other, more permanent services.
Despite the benefits of SaaS solutions, they do come with risks, particularly when it comes to exposing or compromising business data. “The minute you implement a SaaS application, there is a possibility of risk,” says Marco Morsella, head of product at AvePoint. “For enterprises of any size, the key is to provide the right security and permission settings across different teams and workspaces.”
Many organisations have recently made the switch from on-premises infrastructure to the cloud. Many of these may have deployed collaboration tools like Microsoft 365 to streamline productivity and facilitate internal and external data sharing. “But there aren’t any best practices like data governance or compliance,” says Morsella. “This adds more risk and exposure to internal and external threats like data loss or accidental sharing.”
Beyond this though, there are further threats, including ransomware, malware, phishing and external hacking. According to Morsella, businesses should ensure they have set up best practices based on their security posture, and that they are providing training to improve employee awareness about phishing and malware.
“The catch is that a lot of collaboration tools that organisations are using don't necessarily account for all those risks,” he explains. “They do to a certain extent – for example, Microsoft 365 backs up data for 30 days – but businesses often need a third-party vendor to fill in the gaps and help mitigate that external risk.”
In order to fully secure their IT operations and data, Morsella believes businesses need more granular backup and restoration capabilities to ensure business continuity in the event of a catastrophe. “Technology moves quickly and new features are added all the time, but these very popular solutions don't necessarily focus on how your data is being backed up or protected,” he says. “Businesses need to understand that a backup strategy is critical. This is where AvePoint focuses its efforts, augmenting the native capabilities of providers like Microsoft.”
Multi-cloud environments are a big part of modern business operations, but with this comes further management complexity and risk. “We pride ourselves on being that single pane of glass that reaches across multiple SaaS applications,” says Morsella. “We make it easier to manage operations across Microsoft, Google, Salesforce and more. Working with one central vendor like AvePoint that has widespread capabilities is crucial.”
While there are some industries that may require greater levels of regulation, compliance and security, Morsella believes that data protection is essential for any business. “Every organisation needs some sort of data protection and backup strategy,” he says. “This will depend on the surrounding industry landscape and its regulations, though. For example, AvePoint works with many public sector clients that may be subject to standards like FedRAMP or zero trust. These different frameworks require more intense and highly regulated data protection, which we can also support.”
Ultimately, AvePoint can support any business in any industry with any data management and protection need. “We have a broad reach across different-sized companies and aren’t just confined to larger enterprises,” says Morsella. “We offer an array of backup, migration and governance solutions that can support any organisation.”
This article was originally published in the Autumn 2022 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.