User error is the leading cause of data loss from software-as-a-service (SaaS) applications among US and UK companies, according to survey results released Thursday by EMC subsidiary Spanning. It found that SaaS adoption is accelerating, and that application data protection is a main concern, yet misconceptions about backup and recovery responsibilities are likely to frustrate some companies.
The survey compares trends in SaaS adoption, data protection, and compliance in the US and UK. Over 1,000 IT professionals responded, and over half in both regions said that SaaS email or messaging services are already deployed or about to be deployed at their organizations.
Accidental deletion was the leading cause of data loss for over 40 percent of respondents in both countries, ahead of malicious insiders and hackers, and roughly two-thirds of those surveyed had suffered data loss at their organization due to user error. However, SaaS vendors, which are not typically responsible for guarding against user error, are the most commonly relied upon for SaaS application backup and recovery. About one-third of organizations use or plan to use a cloud-to-cloud backup provider, like Spanning.
Data loss has occurred at nearly a third of organizations due to migration errors, and at over a quarter due to accidental overwrites, but concern about external attacks, which occurred at 44 percent, is the top concern when moving critical business applications to the cloud.
The most striking difference discovered between the US and UK is that 80 percent of those in the US are confident in their SaaS data protection, compared to only 45 percent in the UK.
Spanning VP and general manager Jeff Erramouspe said that only 7 percent of those in the US and 8 percent in the UK are not using any form of SaaS data backup and recovery. “When it comes to SaaS data protection, however, the survey shows misplaced confidence,” Erramouspe said. “SaaS providers are not responsible for recovery of data lost due to user error, yet that continues to be its leading cause. It demonstrates the need for cloud-to-cloud backup and restore solutions.”
A November report by IDG and Iron Mountain indicated the same issue with SaaS providers not protecting data to the extent expected by their customers, but suggested that those providers needed to expand their data protection measures to keep enterprise customers happy.
Half of IT professionals in the US and 40 percent in the UK said that EU data privacy regulations are a costly compliance burden. Close to two-thirds of respondents say that storing data in a cloud provider’s EU data center will ensure full compliance, while the study notes a more cautious approach to data sovereignty in the UK.
The new EU-US Privacy Shield agreement was reached in February, replacing the 16-year-old Safe Harbor system.