Clumio, a California-based cloud-security start-up focusing on software-as-a-service (SaaS) for enterprise backup, has added Microsoft 365 to its secure backup-as-a-service, providing organisations running Microsoft 365 with a globally consolidated data protection service as the global coronavirus pandemic sees a rapid increase in ransomware attacks and email scams.
The two-year old company, which in December 2019 raised US$135 million in a Series C funding round and has been aggressively growing its remit since launch, is emblematic of the growing demand for SaaS as firms increasingly seek software solutions that do not require largescale installations or expensive onsite data centres.
Clumio claims to provide the first enterprise data protection service in the market to protect private cloud, public cloud and SaaS on a single platform. It offers a single service for VMware, VMware Cloud on AWS, AWS EBS, with features including always-on security, restores and compliance, along with air gap data protection that enables recovery from data loss and ransomware. This week, Clumio announced the addition of Microsoft 365 Protection, which it believes will fill a market-wide data protection gap for Microsoft 365 users.
This is because as data moves to the cloud, risks associated with data loss and ransomware attacks increase – and SaaS apps are not immune to that risk. Enterprises that standardize on Microsoft 365 could therefore benefit from a backup strategy to protect and ensure the compliance of their email data because the company, as the data owner, is responsible for data protection and backup.
“The addition of Microsoft 365 to our enterprise backup as a service will bolster companies’ data protection strategies regardless of where they are on their cloud journeys,” says Poojan Kumar, CEO and co-founder at Clumio. “Other backup vendors offer DIY or ‘wannabe’ SaaS solutions that leave customers open to ransomware and data loss and require the customer to absorb additional hardware and software infrastructure management tasks and costs. Clumio is arming companies with a single backup as a service solution for secure and compliant data protection – with predictable costs and no infrastructure to manage and unprecedented simplicity.”
The move comes at a time when the global Covid-19 has exposed enterprise data to increased levels of risk, with multiple coronavirus-related email scams already documented, including some that provide links to fake Microsoft 365 login screens that capture user credentials. According to research firm IDC, by 2021 ransomware will cause US$20 billion worth of damage globally, with a business becoming victim to ransomware every 11 seconds – in 2018, 69% of organizations suffered successful malware attacks within 12 months, 39% of which involved ransomware.
The problem is that Microsoft’s service protection responsibility is limited to infrastructure levels, including infrastructure availability, security and access controls. Meanwhile, the responsibility for all data protection – including data security, privacy and retention – falls to the user.
“Without data protection that also encompasses SaaS, companies are exposing themselves to data loss, security issues and compliance risks. Also, SaaS tools are not exempt from internal threats, such as the accidental deletion of data, or external threats such as ransomware attacks,” notes Archana Venkatraman, associate research director, cloud data management at IDC. “Today, data is dispersed across SaaS apps and multiple clouds. Embracing a cloud-native approach to bring data protection to where the data resides is much more effective than trying to bring the data to the infrastructure.”