Recently, Spinbackup announced Cloud Cybersecurity for G Suite Version 1.0.Why was this significant?
DD: SaaS applications offer many benefits to businesses, including SaaS providers’ extremely strong security standards. However, there are many threats that SaaS users face on their own side, that their providers have absolutely no control or jurisdiction over. These include ransomware, suspicious third-party apps and unauthorized (and unsafe) data shares.
We created Cybersecurity for G Suite in order to help SaaS users address these client-side threats. This solution extends Spinbackup’s existing cloud cybersecurity capabilities, including automated daily security scans of third-party applications that have access to G Suite in order to identify all major risks. The solution also helps identify and reduce insider threats, through user audits of Google Drive items shared with third parties outside the organization to protect against data leakage; and 24/7 detection of abnormal user behavior and help proactively identify potential data thefts and leaks. The solution also features security alerts via integration with Gmail and Slack, so administrators can be notified quickly and efficiently about security threats; as well as audits of Gmail messages for credit card information being shared with external third parties.
New features added include third-party application audits and security scoring systems; blacklisting and automated removal of applications identified as risky; data audits (detects data shared with external third-parties); and blacklisting for shared data (automatic removal of data that may have been shared with a non-corporate email address.)
Cloud Cybersecurity for G Suite is available as part of Spinbackup’s Backup & Cybersecurity package, which supports automated, encrypted daily backup to Amazon cloud storage. This combined solution is a convenient option for organizations looking to streamline resources and simplify the task of backing up and securing their G Suite data and applications.
Elaborate on why Spinbackup is now targeting the cybersecurity space.
DD: A by-product of the recent rise in ransomware is that organizations now view data availability and protection as going hand-in-hand – two vital pieces of the information security puzzle. With our extensive experience in cloud-to-cloud backup – and since we store a tremendous amount of data which can be analyzed for security threats – we view our entrance into the cybersecurity space as a natural offshoot to our core expertise.
What value do you bring as an independent third party?
DD: It is a widely accepted best practice for organizations to always have their own backup with an independent entity, separate from their primary SaaS or cloud service provider. The recent GitLab outage is just the latest example of why companies of all types should never put all their eggs in one basket, regardless of how reputable a given service may be. GitLab was unable to initiate and access backup about half a dozen times, and some users lost several hours’ worth of data and work. Even if your service provider never experiences an interruption, it is better to be safe than sorry and there is no harm in having a second layer of protection. Many of today’s backup options leverage the cloud and are very affordable and completely automated, requiring minimal oversight.
What do you view as the most significant cybersecurity threat facing enterprises today? How do you address it?
DD: We believe ransomware is by far the most pressing threat. SaaS users may initially believe that using a SaaS provider naturally protects them from this kind of attack. Cloud file solutions like Google Drive create a second copy of local data which is stored in the cloud. But this does not mean your data is backed up and protected. If you’re infected with ransomware, the files on a local hard drive will be held at ransom (by encryption) and any backup copies in Google Drive will be overwritten when the computer is synced. This means the “backup” data is now essentially also being held for ransom.
Proper backup is the only true protection for SaaS users – and all organizations for that matter – to guard against ransomware attacks. Cloud-to-cloud backup, which enables data stored in one cloud to be backed up to another cloud, is one particularly attractive approach.
What other threats are worth mentioning?
DD: Another major security problem today is insiders – according to Verizon, insiders are responsible for up to 90 percent of security incidents. Departing employees have been known to delete corporate data in the cloud, either accidentally or on purpose. However, most insider-driven security breaches are not the result of ill intention. Rather, most are committed by innocent workers that are unaware they’re actually doing something wrong, and creating major risks.
Consider an employee who moves sensitive data from a SaaS application to their personal iPad, or even their personal email address, in order that they may work on it at home. Their aim is good – to be more productive – but practices such as these can be hazardous. In the simplest example, this employee may lose their device and it may fall into the wrong hands. Or, the employee may switch jobs and go to a competitor, and then have full access to this SaaS data via their personal email account.
Third-party apps that connect directly to SaaS data and applications are another major threat. Often, employees will download third-party apps – for functions like calendar or messaging, for example – in order to supplement the functionality of their SaaS apps. However, they often do this without express IT permission, a trend known as “shadow IT.” Their intentions may be good, but if any one of these apps is backed by a malicious party, that party now has a full-access pass to critical SaaS data and applications through their API.
How do you augment Google’s existing security capabilities?
DD: Like all of the major SaaS providers, Google does an excellent job addressing security and has extremely strong security standards, and they’re continually looking for opportunities to fortify even further. SaaS users can typically rely on their SaaS providers to handle installations, maintenance, upgrades and patches. We address the client-side threats – enabling organizations to recover data after a ransomware attack (without paying the ransom); isolating unsafe data shares and deleting them; identifying user suspicious behaviors and auditing and blacklisting third-party apps that pose a potential threat. Together, Google and Spinbackup provide a very comprehensive level of backup and security for G Suite users.
What are your primary recommendations for any company adopting SaaS-based applications?
DD: First and foremost, protect yourself. SaaS providers have made great strides in establishing secure operations, and many SaaS users believe the cloud environment to be much more secure than their own enterprise data center. These assumptions are true, up to a point. As John Howie, former COO of the Cloud Security Alliance recently noted, secure providers aren’t enough, largely because direct threats to users are growing. Against this backdrop, it is critical for SaaS users to augment their providers’ efforts and take the proactive steps needed to protect themselves from their own client-side data security hazards. From a backup perspective, while SaaS provider outages are rare, they can and do happen. This is why Howie and others recommend the adoption of multi-cloud strategies such as cloud-to-cloud backup, to mitigate the potential risk of relying solely on one provider.
Also, protect your people. Organizations should instill a culture of security and implement training on how employees can avoid certain practices that inadvertently create risk – from sharing passwords, to clicking on suspicious email links, to downloading and sending data to personal devices and email accounts. But given the speed at which most workers are moving today, it is important to supplement this training with automated protections and supports. SaaS users can also benefit from automated solutions that identify and delete risky data sharing practices, and alert IT to risky or unusual user behaviors. As we noted above, most security risks are created by innocent, unwitting employees who are not aware they are doing anything wrong. Technologies that help identify risky behaviors and shares actually provide a valuable level of employee protection.
What does the future hold for Spinbackup?
DD: In the future, we are going to augment human detection and response capabilities with more machine learning, to enable more automated protection against the most sophisticated security threats, like new forms of ransomware. Tools won’t just backup data, but automatically identify ransomware attacks and the impacted files. This will help expedite data recovery and minimize any potential business disruption and downtime.