Skip to content

Make the APIs Work for You

Say you’ve taken the wise decision to have your corporate cloud data be backed up by the Keepit cloud solution: you’ve selected one of our many data centers, configured relevant connectors, and are now seeing how snapshots are blissfully parading into eternal archive as you log in to the Keepit web user interface. But perhaps you want a bit more assurance and perhaps you are not keen on logging into a separate web application several times a day to get that assurance.

Many of our customers have their own monitoring solutions and communication systems that they wish to enrich with information from their Keepit account. Luckily, we have a very elaborate API (Application Programming Interface) to allow for all sorts of queries on the state and history of your backups; while we do publish the full API documentation, some might find a small appetizer easier to comprehend.

If you’re already a Keepit customer and if you have an account and working connectors, then this blog post will guide you through creating a PowerShell API agent that prints the timestamp of the last completed backup on your screen. It is very simple: it will not integrate into any monitoring or alerting system, it will not print fancy messages in any messaging platforms, nor will it draw graphs on its own – but it is a small building block that you can extend and transform into whatever you might need.

Getting Access to the API

In order to make calls to the API, your script needs to have the proper credentials and those are obtained through the web user interface. So, log in with a user that has at least ‘Job Monitor’ privileges and create an API token by doing: Users -> Your user – Edit User (the grey cog wheel) -> Security -> Add API token. Give the token a name and decide when it should expire; the API token cannot outlive the user it is associated with. Click ‘Create’ – confirm your password and you will get an API token username and password. Those you need to store in a secure place.

You are now ready to make API calls. For this example, we will be using PowerShell, and the first API call to be made is the call to obtain your account GUID. Now, the account GUID is also available in the web user interface, but obtaining this via the API is a nice, small exercise to verify that the API token and your script is working. 

Launch your favorite text editor – it can be Notepad, Notepad++, VSCode, Vim, or whatever you fancy the most, create the file accountguid.ps1 and paste this code into it:

try {
        $username = '<API Token username>'
        $password = '<API Token password>'
        $basicauth = [Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes('${username}:${password}'))
        $headers = @{
            'User-Agent' = 'PowerShell-Keepit-API-Agent-1.0/jakob-dalsgaard'
            'Authorization' = 'Basic $basicauth'
        }
        
        $response = Invoke-WebRequest -UseBasicParsing `
          -Uri 'https://de-fr.keepit.com/users' `
          -Method:Get -Headers $headers -ErrorAction:Stop -TimeoutSec 10 
        
        $userlist = [xml]$response.Content
        $id = $userlist.user.id
        
        Write-Host $id
}
catch {
        $line = $_.InvocationInfo.ScriptLineNumber
        Write-Host 'Cannot query Keepit API due to: $_'
        Write-Host 'at line $line'
}

Make sure to get the backticks and single and double quotes correct – computers can be very pedantic. In this file, you need to put in the API Token username and API Token password where specified. On line 11, this example reads ‘de-fr.keepit.com’ – thus valid for a Keepit account on our German data center – please change this hostname to the hostname of the data center for your account (i.e., ‘dk-co’, ‘uk-ld’, ‘us-dc’, ‘ca-tr’ or ‘au-sy’). Then, in a command terminal, you execute the script by typing:

Powershell .\accountguid.ps1

Depending on your security setup, you might need to confirm that you really want to execute a script, but please do – and you should see the script print out your 20-character account GUID. This GUID can then be used, along with the API Token, to obtain the list of connectors available in your account.

Save the following code block as devices.ps1:

try {
        $username = '<API Token username>'
        $password = '<API Token password>'
        $userguid = '<Account GUID>'
        $basicauth = [Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes('${username}:${password}'))
        $headers = @{
            'User-Agent' = 'PowerShell-Keepit-API-Agent-1.0/jakob-dalsgaard'
            'Authorization' = 'Basic $basicauth'
        }
        
        $response = Invoke-WebRequest -UseBasicParsing `
          -Uri 'https://de-fr.keepit.com/users/${userguid}/devices' `
          -Method:Get -Headers $headers -ErrorAction:Stop -TimeoutSec 10 
        
        $devicelist = [xml]$response.Content
        foreach ($system in $devicelist.devices.cloud) {
                $name = $system.name
                $guid = $system.guid
                Write-Host 'Name: $name'
                Write-Host 'Guid: $guid'
                Write-Host
        }
}
catch {
        $line = $_.InvocationInfo.ScriptLineNumber
        Write-Host 'Cannot query Keepit API due to: $_'
        Write-Host 'at line $line'
}

Again, put in API Token username and password, the Account GUID, and correct the hostname. Then execute as:

Powershell .\devices.ps1

Your terminal will then be filled with a list of connector names and GUIDs, and among those you will have to select one that can be used in the final script that will be called latest.ps1– this script will print out the timestamp of the latest backup performed by one specific connector:

try {
        $username = '<API Token username>'
        $password = '<API Token password>'
        $userguid = '<Account GUID>'
        $connectorguid = '<Connector GUID>'
        $basicauth = [Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes('${username}:${password}'))
        $headers = @{
            'User-Agent' = 'PowerShell-Keepit-API-Agent-1.0/jakob-dalsgaard'
            'Authorization' = 'Basic $basicauth'
        }
        
        $response = Invoke-WebRequest -UseBasicParsing `
          -Uri 'https://de-fr2.keepit.com/users/${userguid}/devices/${connectorguid}/history/latest' `
          -Method:Get -Headers $headers -ErrorAction:Stop -TimeoutSec 10 
        
        $history = [xml]$response.Content
        $tstamp = $history.history.backup.tstamp
        if ($tstamp) {
            Write-Host $tstamp
        }
        else {
                Write-Host 'Backup not completed yet'
        }
        exit 0
}
catch {
        $line = $_.InvocationInfo.ScriptLineNumber
        Write-Host 'Cannot query Keepit API due to: $_'
        Write-Host 'at line $line'
        exit 1
}

Again, put in API Token username and password, account GUID, connector GUID, correct hostname, and then execute as:

Powershell .\latest.ps1

If your selected connector has completed a backup, you should now, in your terminal, see the timestamp of completion of the latest backup for this connector. It might look something like: 

2022-12-24T18:30:00Z

This would say that the latest backup completed on Dec 24, 2022, at 18:30 UTC. The timestamp is given in the ISO8601 format with the Z designator for UTC.

Further Integration

While such a neat PowerShell script is nice to have on the command line, it will bring much more value as part of a monitoring platform or other reoccurring automatic execution. For your business, it might make sense to execute this script once per hour and alert if no backup has been completed for 24 hours. You might want to explore our public API for more information and status.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

2 Reasons Why: M365 Data Backup for Healthcare Organizations

 

It’s easy to get a false sense of security and assume that your Microsoft 365 data is safe and secure because M365 automatically backs up your SaaS data for simple recovery, right?

 

Well, not so fast.

 

While M365 and most other SaaS platforms offer some sort of data protection and recovery features, it’s bare bones at best. For healthcare organizations, this opens Pandora’s box for compliance and continuity issues that can end up costing hundreds of thousands of dollars in fines. And on top of that, add the inability to serve patients and conduct daily business.

 

It’s critical to have timely and secure access to patients’ highly sensitive personally identifiable information (PII), protected health information (PHI), financial information, intellectual property, and credentials. However, given how this information has grown exponentially, data loss prevention has never been more necessary to ensure business continuity.

It’s crucial to understand that retention requirements far exceed what SaaS applications typically deliver natively, making it vital to close the gap with a reliable backup and recovery tool.

For healthcare organizations, compliance and continuity are the two main factors driving the need for third-party SaaS backup.

Regulatory Compliance
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) makes healthcare delivery organizations legally obligated to preserve certain types of information for periods that exceed a SaaS service’s built-in capabilities.

As the HIPAA Journal explains, each state has its own laws governing the retention of patients’ medical records. To complicate things further, those retention periods can vary considerably. 50 states with 50 retention requirements: Is this something your healthcare organization wants to (or can afford to) manage?

Individual U.S. state laws govern the retention of patients’ medical records, while HIPAA imposes requirements on how long HIPAA-related documents must be retained.

According to the HIPAA Journal, “In Florida, physicians must maintain medical records for five years after the last patient contact, whereas hospitals must retain them for seven years. In North Carolina, hospitals must maintain patients’ records for 11 years from the date of discharge, and records relating to minors must be retained until the patient has reached 30 years of age.”

The hard truth is that SaaS services do not deliver the level of backup and recovery required for healthcare organizations, and what they do provide isn’t seamless.

Business Continuity
Imagine the worst-case scenario where your mission-critical data is suddenly gone—it’s not hard to imagine since it happens to companies every day. Healthcare organizations rely on the information stored in SaaS systems to maintain their business continuity. If the information suddenly becomes unavailable, then significant disruption results.

Continuity Considerations
Things can (and do) go wrong with SaaS data: a simple misconfiguration can cause primary data sources to become unavailable, making accidental deletion a real risk, which may not be discovered until it’s too late to recover from the SaaS app – and may be unrecoverable even if you do find it quickly.

In fact, according to ESG Research, the most common reasons for data loss are service outages and accidental deletion, as seen here:

2 Reasons Why: M365 Data Backup for Healthcare Organizations
Compliance 26.10.22 9 Minutes
It’s easy to get a false sense of security and assume that your Microsoft 365 data is safe and secure because M365 automatically backs up your SaaS data for simple recovery, right?

 

Well, not so fast.

 

While M365 and most other SaaS platforms offer some sort of data protection and recovery features, it’s bare bones at best. For healthcare organizations, this opens Pandora’s box for compliance and continuity issues that can end up costing hundreds of thousands of dollars in fines. And on top of that, add the inability to serve patients and conduct daily business.

 

It’s critical to have timely and secure access to patients’ highly sensitive personally identifiable information (PII), protected health information (PHI), financial information, intellectual property, and credentials. However, given how this information has grown exponentially, data loss prevention has never been more necessary to ensure business continuity.

It’s crucial to understand that retention requirements far exceed what SaaS applications typically deliver natively, making it vital to close the gap with a reliable backup and recovery tool.

For healthcare organizations, compliance and continuity are the two main factors driving the need for third-party SaaS backup.

Regulatory Compliance
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) makes healthcare delivery organizations legally obligated to preserve certain types of information for periods that exceed a SaaS service’s built-in capabilities.

As the HIPAA Journal explains, each state has its own laws governing the retention of patients’ medical records. To complicate things further, those retention periods can vary considerably. 50 states with 50 retention requirements: Is this something your healthcare organization wants to (or can afford to) manage?

Individual U.S. state laws govern the retention of patients’ medical records, while HIPAA imposes requirements on how long HIPAA-related documents must be retained.

According to the HIPAA Journal, “In Florida, physicians must maintain medical records for five years after the last patient contact, whereas hospitals must retain them for seven years. In North Carolina, hospitals must maintain patients’ records for 11 years from the date of discharge, and records relating to minors must be retained until the patient has reached 30 years of age.”

The hard truth is that SaaS services do not deliver the level of backup and recovery required for healthcare organizations, and what they do provide isn’t seamless.

Business Continuity
Imagine the worst-case scenario where your mission-critical data is suddenly gone—it’s not hard to imagine since it happens to companies every day. Healthcare organizations rely on the information stored in SaaS systems to maintain their business continuity. If the information suddenly becomes unavailable, then significant disruption results.

Continuity Considerations
Things can (and do) go wrong with SaaS data: a simple misconfiguration can cause primary data sources to become unavailable, making accidental deletion a real risk, which may not be discovered until it’s too late to recover from the SaaS app – and may be unrecoverable even if you do find it quickly.

In fact, according to ESG Research, the most common reasons for data loss are service outages and accidental deletion, as seen here:

Still, accidents, misconfigurations, and other ‘innocent’ causes aren’t the only ways to lose data.

In recent years, ransomware gangs have set their sights on the healthcare sector and, unfortunately, have been successful in their efforts to disrupt and demand payment for the data’s return.

Fulfilling Regulatory Obligations
Few people like being told what to do, but it turns out that governments do have the authority to compel action.

In the U.S., federal and state laws impose strict requirements around data retention for different healthcare records and information types. Additionally, regulations are subject to change, adding more pressure to comply to avoid a regulatory audit and heavy fines. Failure to comply can lead to significant financial and legal exposure, such as lawsuits, fines, settlements, and certification losses, further increasing the risk of data breaches.

For Healthcare delivery organizations (HDOs) committed to minimizing or avoiding these risks, having a proper backup and recovery practice in place is key to compliance.

Third-party backup and recovery services help you stay compliant by ensuring your data remains immutable and tamperproof. Immutable data and metadata make it possible for you to document and recover not just all data but all data processing, ensuring that auditors have complete visibility of everything that has impacted the data.

If complying with laws (and avoiding potentially hefty fines) isn’t enough to secure the budget, there are other reasons to invest in SaaS backup, such as mitigating downtime and costs.

Protecting Business Continuity
In a presentation titled “Conti Ransomware and the Healthcare Sector,” the United States Department of Health and Human Services (HHS) relayed that:

the average length of a general ransomware incident is 19 days.
Cybersecurity provider Sophos reported that 25% of healthcare organizations disrupted by ransomware took up to a month to restore operations. Sophos’ research also suggests that:

the average remediation cost for healthcare organizations soared to USD 1.85M in 2021 (up from USD 1.27M in 2020).
Keeping services operational is essential for maintaining the revenue that sustains an organization. That’s why having reliable backups that can quickly and easily be restored is paramount.

Unfortunately, the reality is that data outages are a matter of when, not if, making your ability to recover key data (and fast!) a necessary part of business continuity planning. Additionally, the shorter the outage, the lower the recovery and remediation costs, making loss avoidance a compelling part of the value proposition.

Recovery processes and costs can also include Digital Forensics and Incident Response (DFIR) activities, whether mandated by cyber insurance coverage, necessary for root cause analysis, driven by a motivation to prosecute, or some other reason.

Third-party backups assist DFIR activities by providing trustworthy information that extends further back in time than what can be pulled from SaaS applications.

But being able to restore services quickly from a dedicated SaaS backup doesn’t just protect revenue and minimize recovery costs, it also means you avoid paying the ransom and lower your cyber insurance fees.

Protect Your SaaS Data Today
If you can recognize some of the data backup and recovery vulnerabilities discussed here within your own healthcare organization, the good news is that it’s easy and cost effective to address those challenges and help secure your organization’s data.

Unintentional and malicious data losses don’t offer the convenience of a “heads up,” so it’s a wise business decision to have a proper backup and recovery solution in place before you need it – and as such, it should be an integral part of your cybersecurity approach. Only backup allows you to go back in time and recover to before bad things happened!

If you’d like to learn more about compliance and continuity for healthcare organizations, access the

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Make the APIs Work for You

Say you’ve taken the wise decision to have your corporate cloud data be backed up by the Keepit cloud solution: you’ve selected one of our many data centers, configured relevant connectors, and are now seeing how snapshots are blissfully parading into eternal archive as you log in to the Keepit web user interface. But perhaps you want a bit more assurance and perhaps you are not keen on logging into a separate web application several times a day to get that assurance.Many of our customers have their own monitoring solutions and communication systems that they wish to enrich with information from their Keepit account. Luckily, we have a very elaborate API (Application Programming Interface) to allow for all sorts of queries on the state and history of your backups; while we do publish the full API documentation, some might find a small appetizer easier to comprehend.

If you’re already a Keepit customer and if you have an account and working connectors, then this blog post will guide you through creating a PowerShell API agent that prints the timestamp of the last completed backup on your screen. It is very simple: it will not integrate into any monitoring or alerting system, it will not print fancy messages in any messaging platforms, nor will it draw graphs on its own – but it is a small building block that you can extend and transform into whatever you might need.

Getting Access to the API

In order to make calls to the API, your script needs to have the proper credentials and those are obtained through the web user interface. So, log in with a user that has at least ‘Job Monitor’ privileges and create an API token by doing: Users -> Your user – Edit User (the grey cog wheel) -> Security -> Add API token. Give the token a name and decide when it should expire; the API token cannot outlive the user it is associated with. Click ‘Create’ – confirm your password and you will get an API token username and password. Those you need to store in a secure place.

You are now ready to make API calls. For this example, we will be using PowerShell, and the first API call to be made is the call to obtain your account GUID. Now, the account GUID is also available in the web user interface, but obtaining this via the API is a nice, small exercise to verify that the API token and your script is working.

Launch your favorite text editor – it can be Notepad, Notepad++, VSCode, Vim, or whatever you fancy the most, create the file accountguid.ps1 and paste this code into it:

try {
        $username = '<API Token username>'
        $password = '<API Token password>'
        $basicauth = [Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes('${username}:${password}'))
        $headers = @{
            'User-Agent' = 'PowerShell-Keepit-API-Agent-1.0/jakob-dalsgaard'
            'Authorization' = 'Basic $basicauth'
        }
        
        $response = Invoke-WebRequest -UseBasicParsing `
          -Uri 'https://de-fr.keepit.com/users' `
          -Method:Get -Headers $headers -ErrorAction:Stop -TimeoutSec 10 
        
        $userlist = [xml]$response.Content
        $id = $userlist.user.id
        
        Write-Host $id
}
catch {
        $line = $_.InvocationInfo.ScriptLineNumber
        Write-Host 'Cannot query Keepit API due to: $_'
        Write-Host 'at line $line'
}

Make sure to get the backticks and single and double quotes correct – computers can be very pedantic. In this file, you need to put in the API Token username and API Token password where specified. On line 11, this example reads ‘de-fr.keepit.com’ – thus valid for a Keepit account on our German data center – please change this hostname to the hostname of the data center for your account (i.e., ‘dk-co’, ‘uk-ld’, ‘us-dc’, ‘ca-tr’ or ‘au-sy’). Then, in a command terminal, you execute the script by typing:

Powershell .\accountguid.ps1

Depending on your security setup, you might need to confirm that you really want to execute a script, but please do – and you should see the script print out your 20-character account GUID. This GUID can then be used, along with the API Token, to obtain the list of connectors available in your account.

Save the following code block as devices.ps1:

try {
        $username = '<API Token username>'
        $password = '<API Token password>'
        $userguid = '<Account GUID>'
        $basicauth = [Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes('${username}:${password}'))
        $headers = @{
            'User-Agent' = 'PowerShell-Keepit-API-Agent-1.0/jakob-dalsgaard'
            'Authorization' = 'Basic $basicauth'
        }
        
        $response = Invoke-WebRequest -UseBasicParsing `
          -Uri 'https://de-fr.keepit.com/users/${userguid}/devices' `
          -Method:Get -Headers $headers -ErrorAction:Stop -TimeoutSec 10 
        
        $devicelist = [xml]$response.Content
        foreach ($system in $devicelist.devices.cloud) {
                $name = $system.name
                $guid = $system.guid
                Write-Host 'Name: $name'
                Write-Host 'Guid: $guid'
                Write-Host
        }
}
catch {
        $line = $_.InvocationInfo.ScriptLineNumber
        Write-Host 'Cannot query Keepit API due to: $_'
        Write-Host 'at line $line'
}

Again, put in API Token username and password, the Account GUID, and correct the hostname. Then execute as:

Powershell .\devices.ps1

Your terminal will then be filled with a list of connector names and GUIDs, and among those you will have to select one that can be used in the final script that will be called latest.ps1– this script will print out the timestamp of the latest backup performed by one specific connector:

try {
        $username = '<API Token username>'
        $password = '<API Token password>'
        $userguid = '<Account GUID>'
        $connectorguid = '<Connector GUID>'
        $basicauth = [Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes('${username}:${password}'))
        $headers = @{
            'User-Agent' = 'PowerShell-Keepit-API-Agent-1.0/jakob-dalsgaard'
            'Authorization' = 'Basic $basicauth'
        }
        
        $response = Invoke-WebRequest -UseBasicParsing `
          -Uri 'https://de-fr2.keepit.com/users/${userguid}/devices/${connectorguid}/history/latest' `
          -Method:Get -Headers $headers -ErrorAction:Stop -TimeoutSec 10 
        
        $history = [xml]$response.Content
        $tstamp = $history.history.backup.tstamp
        if ($tstamp) {
            Write-Host $tstamp
        }
        else {
                Write-Host 'Backup not completed yet'
        }
        exit 0
}
catch {
        $line = $_.InvocationInfo.ScriptLineNumber
        Write-Host 'Cannot query Keepit API due to: $_'
        Write-Host 'at line $line'
        exit 1
}

Again, put in API Token username and password, account GUID, connector GUID, correct hostname, and then execute as:

Powershell .\latest.ps1

If your selected connector has completed a backup, you should now, in your terminal, see the timestamp of completion of the latest backup for this connector. It might look something like:

2022-12-24T18:30:00Z

This would say that the latest backup completed on Dec 24, 2022, at 18:30 UTC. The timestamp is given in the ISO8601 format with the Z designator for UTC.

Further Integration

While such a neat PowerShell script is nice to have on the command line, it will bring much more value as part of a monitoring platform or other reoccurring automatic execution. For your business, it might make sense to execute this script once per hour and alert if no backup has been completed for 24 hours. You might want to explore our public API for more information and status.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

How Keepit puts User Experience first

Keepit is known for delivering a certain quality of User Experience (UX), which is reflected in customer feedback examples, such as: 

Keepit’s user-friendliness is a financial win-win’ and ‘I like to call Keepit a Steady Eddie. I know it’s working; I know it’s running, and I don’t have to sweat it.’.

Behind Keepit’s simple design and ease of use lies a deliberate approach, rooted in the idea that our whole system, from the deepest backend layers to the user interface, is built to support a solid User Experience.

However, in the software field, UX has been interpreted in various ways and caused confusion in how it differs from User Interface Design. So, what is UX to Keepit? And how does Keepit go about all this in practicality?

Foundation

UX goes beyond the immediate visual impression and beyond isolated interactions within the product. It is a silent ambassador that ensures a seamless experience throughout any touchpoint. A journey sprinkled with an undefined X factor that leaves our user with instant recognition without the need for explanation -a quality that flows through every vein of Keepit.

An experience starts before the product is even used by our customers. As Don Norman, the inventor of UX, puts it, ‘No product is an island […] It is a cohesive, integrated set of experiences […] Make them all work together seamlessly.’

Leveled circulation

On both conscious and unconscious levels, a human experience is perceived and processed as a sum of different events. The more you know about people, the better experience you will be able to design. To translate such a complex sum into a consistent Keepit experience, we use our Design System as a single documented source.

Here all Keepers will find Design Principles, components, guidelines, patterns, and themes. However, the UX circulates on more levels. To grasp this in a software context, mapping out different levels of the experience can help.

Interaction level

On this level, we work with both look and feel when interacting with the product, from visual design to Information Architecture to navigation. The focus is to design the experience of a certain interaction that a user has with Keepit to perform a task, such as restoring data in Keepit’s application.

However, a user interaction can also exist outside the product interface. One example is receiving support. Each of these interactions are single strokes of experiences that play a role in the relationship with our customer.

On the interaction level, our Design Principles, guidelines, and patterns play a central role. We operationalize this with a pyramid logic in layers, with a theme on the top level and dos and don’ts on the bottom level. Here is an example:

Design Principle: Keepit Sets Me Free

  • What users should feel: In every interaction, I as a user should feel the freedom of being in control. This means being offered the most relevant choices at the right time. The choices should lower my cognitive load so that I feel enabled to effortlessly succeed at my tasks.
  • Examples of what users should think: ‘I control the situation’ – ‘This is unbelievably easy’- ‘Keepit makes me better at my job’- ‘I get what I need when I need it’
  • Examples of what users should see: Recognizable patterns – An easy first entry to the system – Understandable language
  • What designers should do: Always give feedback – Build a strong visual hierarchy – Know and understand the user – Always remember what problem we are solving for the user
  • What designers should not do: Don’t make the user wait, don’t speak in system language, don’t overload the user with information

Journey level

Zooming into the journey level, we recognize that putting UX first is not isolated in the product interaction itself. The key word here is ‘journey’. Mapping out journeys enables us to discover user needs and pain points, in the quest of providing seamless and consistent experiences across Keepit’s channels.

There are methods to identify key needs and transform them into design challenges. Apart from organized methods, such as usability tests, analytics, and organized customer interviews, there are also more organic user dialogues. From support, through live events, from sales, and so on. In all these touchpoints there are chances to identify key user needs and discover how the Keepit product can solve real user problems.

The key point here is to identify where the needs and pain points are rooted; define the root problem and translate this into design challenges. Further down the road, when ideating on design solutions, the user experience should be consistent in every chosen design solution. Again, this is where the User Experience pyramid, with its design principles at the top, plays its role as a foundation for the other experience levels.

A level connecting the dots

This means that UX is related to the spirit of Keepit, across the whole company. Throughout the different areas of expertise of Keepit, UX connects the dots and remembers to keep the users’ needs at the core of what we do: to deliver simple and safe backup solutions that can set our customers free from the worries of losing data. Keepit’s UX delivers this X factor in its tone of voice, the product’s look and feel, user touchpoints, and customer dialogues.

Keepit’s UX goal is to deliver a consistent heartbeat of look and feel throughout the user journey, anytime, anywhere – pumping it through Keepit’s veins.

UX metrics

As designers, we recognize the challenge in measuring UX, since we are dealing with human behavior and attitude. Here we use deliberate approaches such as confirmation bias. When working on improvements to Keepit’s UX, our main goal is to gather insight, combined with quantitative results.

We want to understand the context and situation that the user is in when encountering Keepit, as well as how this context affects the user.

We also want to know what works, what doesn’t, and why. These insights are gathered through activities such as user interviews and observations. The outcome should be an understanding of user values, supported by quantitative data on average numbers or rates. Additionally, usability metrics give value to the work of measuring. Our different approaches have the common mission of delivering an excellent User Experience, based on data-informed decisions.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

5 costly problems you can only avoid by backing up your Zendesk data

Zendesk backs up your data for large-scale disaster recovery — a rare scenario — but it doesn’t provide granular restore of your data, nor does it protect against accidental deletion of or breaking changes to your automations.

How much the data is worth to you, and the depth of backup you are comfortable with, only you can decide. But since we’re talking about things like automations, macros, and triggers — workflow controls that your entire support organization relies on every day — you deserve to make that decision based on factual information.

If you work in IT: When something goes wrong, you may suddenly be asked to recover lost data with a quick RTO (recovery time objective). If you aren’t able to do that, it puts you in the unpleasant position of having to explain why not, not to mention the business impact of not being able to restore the data the business needs.

If you work in Support: An accidental delete or breaking change in your automations, triggers, macros, or views can tie up your support workflow, thereby risking the smooth functioning of your service organization.

How Zendesk backs up your data
Technically, Zendesk does have features to make your data in their system more available. But these are designed for a specific, very broad, purpose.

All Zendesk data is automatically backed up regularly. Not to protect your account data specifically, but the entire platform in case of a . So Zendesk can recover all accounts if there was, for example, a platform-wide hacker attack, but they don’t promise to recover information for your account specifically if an incident were to occur.

This may not seem like much of a problem; after all, Zendesk hasn’t publicly reported any large losses of customer data. But there are some significant potential problems that can still bite you despite Zendesk’s automated backups.

5 costly problems Zendesk won’t protect you from

1. Somebody accidentally breaks your workflow
Automations are one of the key reasons why companies love Zendesk. But what happens when you lose automations due to a simple mistake? A lot.

Take a look at a typical example of Zendesk automations:

  • All billing-related tickets are automatically routed to the finance team.
  • If a ticket is left untouched for more than four hours, it is automatically escalated.

Now imagine the havoc caused by losing any of these automations. If you didn’t have these automated processes to begin with, your support system would be far less effective. But if you do have them, your entire support system will suffer if you suddenly lose access to them. You would need to quickly recreate everything, get the processes up and running, and hope the customer forgives you.

In this scenario, if you have a third-party backup tool in place, your automated daily backups of your Zendesk automations mean you can simply restore to a time before the automation was deleted. Search for your automation in the system, and with a few clicks, your automation is restored.

2. You can’t restore data at a granular level
As I mentioned earlier, Zendesk has a disaster recovery feature they use in extreme cases. It is designed to recover huge amounts of data in bulk.

If a disaster happens and Zendesk performs a disaster recovery, you get your data back in a big downloadable blob of CSV or XML data. Recovering a single, important ticket or customer interaction would force you to look for a needle in a massive haystack.

On the other hand, if your data is backed up in a third-party system, you simply “Search.” “Preview,” and “Restore.” That’s it. You find the needle right there, within a minute.

3. You lose all deleted data after 40 days
When you delete an item in Zendesk, it goes in the recycle bin. But it only stays there for 40 days, then it is gone forever. It is very simple, yet far too few Zendesk users realize the finality of this functionality.

You delete so many things every day. Usually, you never think of them again, but every now and then, the wrong item is deleted. Or circumstances change, so you realize you need it back. But forget it — after that just-less-than-six-week window, it’s gone.

Not so with your data backed up with a third party. Everything is still there. You leave your options open.

4. When an employee leaves your company, all her data is automatically archived
Now and then, you probably see support agents leave the company. This is a normal part of the business. As a matter of fact, companies worldwide face a among their support agents.

When the agent is no longer an active user in Zendesk, what happens to all their views, tickets, and other data associated with their account? If you still need access to it, you have three options:

  • Continue to pay the fees for the person’s license after they leave. But with a license cost of $49 to $215 per agent per month, that will be an expensive option with a 30% turnover.
  • As a best practice, Zendesk recommends you reassign the tickets and downgrade the agent’s account and finally suspend the account. Please keep in mind that downgrading the agent’s account will automatically delete all macros and views permanently. Losing out on macros and views permanently could be a costly mistake.
  • When you back up the data with a third-party backup service, you continue to have access to all data. Your data is backed up daily, so you can simply go back to any point and restore or preview any data.

5. Zendesk’s enhanced disaster recovery is expensive
Zendesk will sell you an system that includes multi-zone data replication and a host of other features that help protect your data in event of a disaster. Please note that it is available only in enterprise plans ($215 per agent per month). Even worse, it doesn’t even protect your automations, triggers, macros, and views.

With a third-party backup you can save a lot of money for your organization and benefit from a comprehensive backup starting at a few dollars per agent per month.

A 60-second summary, with the Keepit glasses on
As I mentioned at the start, you will have to assess your risk tolerance if you conclude that suddenly losing your Zendesk data would be too costly, whether, through human error or malicious intent, the time to act is now. There are third-party solutions out there, so you just need to find the right one.

is one of them, designed for fast, easy recovery. And for your convenience, here are five quick benefits:

  1. Protect automations — automations, macros, and triggers are the lifeblood of Zendesk, and with Keepit, you can also protect these.
  2. Retain unlimited data — all your data is saved in four copies across multiple data centers.
  3. Keep backup costs down — With Keepit for Zendesk, you benefit from a comprehensive backup solution with unlimited hot storage and data archiving starting from $2.95 per agent per month.
  4. Keep it simple — with an easy interface, anyone can recover data with no training needed.
  5. Recover fast — get your data back in seconds. Search-Preview-Restore, using smart search and granular restore.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

More Than the Restore: Why Ransomware Recovery Is Hard

Many discussions about ransomware recovery focus on getting critical data back where it belongs. While this is absolutely necessary, it’s not always sufficient to allow full resumption of business-as-usual—the actual goal of disaster recovery.

In this session, we’ll discuss the key lessons we’ve learned as a SaaS data protection company about the holistic requirements for resuming normal operations after a large-scale attack or disaster, including restoration, remediation, retraining, and retrospection.

Backups are critical. We all know this is true—not just in an obvious “water is wet” way, but in a more serious “if you don’t drink enough water, you will die” way. At the same time, having a reliable backup system to capture your data and the ability to restore the right data in the right place at the right time is only part of what modern enterprises need.

Restoring data is not the same thing as recovering operations. Restoration is the first step along that path, but not the only one. You can sum this argument up with a single phrase: “restoring data is necessary but not sufficient by itself.”

Before you restore…
Re-read the first sentence above. Before we can proceed with talking about what else a full restoration will take besides just clicking the “restore” icon, I’m going to assume that you have a complete, valid, tested backup of your most important data. (And if you don’t, click to learn how Keepit can get you there!)

What you get when you restore
OK, now you’re all set, right? You’ve got a known-good backup, and you’ve tested your restore procedures. You’re comfortable with the software, you’ve ensured that everyone who needs to conduct restores has the correct permissions, and so on. If not, you probably at least know what areas of improvement you need to focus on (and quickly)!

The next step in the process is understanding exactly what you get when you execute a restore, assuming that it goes perfectly. This will obviously vary quite a bit depending on what you’re backing up in the first place. For example, there are certain Zendesk and Azure Active Directory objects that can be restored in place (that is, the restored object can overwrite the old one), but other objects will only be restored as new objects. Knowing exactly what a restore will give you, where it will go, and what, if any, manual steps might be required post-restore are all key parts of understanding the overall journey.

Now for the fun part
One crucial mistake we sometimes make when talking about restore planning is failing to think about, and plan for, what happens after the restore.

Resuming operations after a cyberattack involves many considerations that you may not have thought about during your restore planning, including the time required to install or reinstall patches and updates on users’ computers, the need to maintain an effective communications channel for your staff while your primary systems are being restored, and non-computer-related issues like making sure that you know where physical assets and people may have moved to during your outage.

There may be other unique considerations that apply to you, too. For example, in 2021, a large auto company suffered a cyberattack that prevented their dealers from ordering cars or parts—so once the company restored their systems, they had a lot of manual and unplanned work to clean up and reconcile their pending orders, update dealers with information on where their parts were, and so on.

None of that cleanup work could take place until the restore was complete and all the data they needed was present.

How to get started
The exact mechanics of how you go from “restore successful” to “we’re back in business” will vary according to many factors, including how large and/or complicated your organization is, how mature your operational processes are, how many additional regulatory requirements you have to deal with, and the nature of the problem from which you’re recovering.

There’s a huge continuum that covers the space from the simple (restoring a single critical file for one user) to the very complex (recovering operations after a large-scale disaster like a wildfire or hurricane).

Investigating, documenting, and practicing what your business needs to quickly get back to normal after the restore succeeds is perhaps the most important single thing you can do to protect your data and your business.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Why Customers Love Keepit’s Ease of Use

The Keepit Approach to the Five Quality Components of Usability One prominent aspect of Keepit’s cloud backup and recovery solution that customers rave about most is its simplicity and ease of use. Where other similar solutions often require weeks of training, the Keepit solution is plug and play, capable of being implemented and fully operational within minutes – and by everyone on the team. No extensive courses and diplomas are required. The intuitive ease with which Keepit locates and restores files also means our customers are actively incorporating it into their day-to-day internal support operations, rather than just using it for finding and recovering files that have simply gone astray. The ease of use comes from a dedicated design process, which puts usability up front and users in the driver’s seat. There are many different opinions on what the word usability means, so here at Keepit — as with many other things — we are inspired by what we observe in the workplace and then have our take on it that fits our product. The Keepit Design Hierarchy Creating and following a design hierarchy goes to the heart of how we build and continue to improve Keepit’s backup solution. For every design and feature we implement, Keepit follows a clear usability vision that strongly focuses on following a design code. The hierarchy in which we make design and usability decisions is built around Principles, Pillars, and Patterns. Starting with our Design Principles, everything we do is based on these principles: They are abstractions of how we design our products and help designers make the right decisions. Design Pillars are more focused on how we implement designs and how the user should experience the Keepit solution. Pillar example: “The right functionality, at the right time, to the right person.” This Pillar is used rigorously for each feature we create throughout the entire user flow. Is this the right functionality being presented to the user? Is this the right time to show this functionality? Will it work for the person who is going to use it? Finally, we have Patterns. Design Patterns are specific implementations of functionality. This could be how we implement breadcrumbs, how we handle truncation, checkboxes, dropdowns, and wizards, just to name a few. Defining Usability Usability is a quality attribute that assesses how easy user interfaces are to use. The word ‘usability’ also refers to methods for improving ease of use during the design process. The most popular definition of Usability has five components, as explained by the Learnability: How easy is it for users to accomplish basic tasks the first time they encounter the design? Efficiency: Once users have learned the design, how quickly can they perform tasks? Memorability: When users return to the design after a period of not using it, how easily can they re-establish proficiency? Errors: How many errors do users make, how severe are these errors, and how easily can they recover from the errors? Satisfaction: How enjoyable is it to use the design? There are many other important quality attributes, one of which is utility, which refers to the design’s functionality. In other words, does it do what users need? How Keepit Measures Usability Learnability in Keepit: Let us look at the first item: Learnability. The nature of a backup application is not something our users check in to merely to “get a dopamine kick” from watching cool facts about their running backups. Instead, backup is more “set it and forget it,” and usually, our users come to the platform for one of two reasons. One, is to make sure that everything is running as it should. Two, is to restore data that was lost. For many of our users, the fact that the application is so easy to learn and understand saves them much time, money, and the frustration of being unable to find the data that needs to be restored. Memorability in Keepit: Our approach is not just that things should be easy to learn but also that they must be easy to get back into after being away for a period of time. We do this with a consistent system: most things work in a predictable, similar way, following the same ideas. This increases the chance that something is memorable and easy to re-learn. There are, of course, many things we do to improve the memorability of Keepit, with consistency and recognizability of the applications they are backing up being just some of them. Efficiency in Keepit: All of this leads to Keepit’s Efficiency. We like to look at efficiency from the point of view that you should “take the time to look before you jump.” This means we do not consider “few clicks” a success criterion in itself, but rather, we consider “carefully placed” clicks as a step in the right direction – i.e., solving the problem with just the right number of clicks. Errors in Keepit: Naturally, we do everything within our power to ensure the number of mistakes made in relation to the task being solved is at a minimum and that a tight correlation exists between the number of errors the user is making and the solution’s efficiency. Every time the user makes an error, it sends them back into the flow, and they will have to redo actions, which again leads to an ineffective solution. Learnability and memorability directly impact the user’s errors, so everything is connected, as you can see. Satisfaction in Keepit: Finally, there is one more thing to address: satisfaction. Satisfaction is a tricky topic to discuss when talking about a solution that’s practical in nature and does not contain any real incentive to be a pleasurable experience. In the Keepit design, we have gone to great lengths to fight against the tendency of “functional design” that flourishes in the world of IT management tools. Instead, we have moved toward the concept of “emotional design” because IT administrators also deserve good tools. In functional design, where the idea that showing everything all at once means more control and empowered admins, Keepit believes showing the right thing, at the right time, to the right person offers the ultimate degree of control and empowerment. We also believe that creating a pleasurable and satisfying experience with administration tools like Keepit, where everything “just works,” frees up administrators to focus on other priorities. Final Thoughts Despite our mission to create the perfect solution that requires no previous knowledge to recover data, we are painfully aware that achieving perfect usability is a goal yet to be reached. But we strive every day to get there. That said, we recommend that our users regularly make sure they understand the flows and the emergency training so that in the case of an emergency, they know exactly what to do and when to do it, which we’ll save for a future blog post. At Keepit, we put a lot of effort into ensuring that the design leaves little room for mistakes and is easy to pick up again after a long vacation – even for an inexperienced administrator. Help The Keepit Design Team We are always looking for people who would like to provide feedback on our solution and help us create the best design in the world. Please if you are interested in becoming part of the user feedback forum.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

‘Security in the Cloud: The SaaS Backup Gap Challenge – and Solution.’

Though businesses have been gradually migrating to the cloud for the better part of the past decade, cloud security has only recently become a hot topic due to the drastic shift to remote work. 

 

When the COVID-19 crisis hit, many organizations had to scramble to enable their employees to work remotely. As a result, the adoption of SaaS applications spiked. For all of the benefits of migrating to the cloud, this frenzied adoption of SaaS apps has brought challenges that become more and more clear these days. 

 

For many businesses, the pace at which they migrated to the cloud was necessary for their business to survive – but it sometimes meant sacrificing security in order to get employees up and running as quickly as possible. 

Current cloud data security trends 

In many instances, organizations adopted applications and tools without the intent of ever using them in the cloud, often euphemistically calling them “bolt-on” solutions. 

 

As a result, they are not robust enough to meet the security demands of a cloud environment and are vulnerable to data leaks – and there are statistics that back this up: 

A recent cloud computing study found that 46% of companies use cloud-based applications built for the cloud – while just over half (54%) moved applications used on-premises to a cloud environment.

And over the last year and a half, at least 79% of organizations have been the victim of one cloud information breach. Even more strikingly, 43% of companies have reported ten or more violations in the past year and a half.

Addressing the assumption: SaaS vendor responsibility 

So, what makes SaaS data particularly susceptible to data loss – either as a result of human error or malicious intent? The answer: neglecting to back up SaaS data automatically! Only if you proactively choose to back up your SaaS data applications, will you be able to recover your cloud data in the event of system outages, deletions, and breaches.  

Many organizations make the dangerous assumption that their SaaS vendor is protecting their data and is compliant with regulations. But in fact, most have no (or very limited) data protection capabilities. Some offer data protection, but many fall short of meeting the range of cloud security challenges organizations face. The vendors only protect the applications (not the data being processed) – let alone the metadata. 

 

Consequently, as businesses integrate and move their work into the cloud, they encounter a fundamental challenge: The security protocols they’ve put in place on site aren’t at all what they’ll need in the cloud, where everything is software native and sophisticatedly integrated. The technology built to back up on-prem products is not geared to back up cloud products. It’s a bit like sending a text message to an old landline phone. 

How can you protect your company’s data? 

According to a 2021 study by Enterprise Strategy Group (ESG), only 13% of companies are in-house responsible for protecting all of their SaaS app data. Meanwhile, the study found that 35% rely solely on SaaS vendors to protect data, while 51% depend on both their SaaS vendor and an independent third-party solution to store backup outside of the production area. 

 

For many companies, their SaaS application data is a mission-critical resource at the core of their operations – and as such, these companies require the highest levels of security. So how should they protect this cloud SaaS data? The best solution is to turn to a true third-party backup and recovery provider to ensure your cloud data is safe and secure, regardless of what your SaaS vendor offers. 

 

Want to know more about Keepit’s security? Read our SaaS data security guide.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Shared responsibility: Why your Microsoft 365 is not backed up, and how to fix it

While most cloud service providers, including Microsoft 365, offer some degree of data backup, you might be surprised how minimal it actually is. This brings us to the discussion of shared responsibility and why it can’t be ignored if you want complete data protection and backup.    Because Microsoft 365 is so commonplace in business, it’s easy to assume that so long as you stick we them, you have the basics covered. That, unfortunately, is not correct when it comes to cloud backup and recovery. Here are two hard truths you need to take into consideration when you plan your SaaS data protection:
  1. Your cloud service providers are not responsible for the safe keeping of your data. 
  2. You are responsible for keeping your data and metadata safe.
  In this blog post, you will learn: 
  • What shared responsibility means.  
  • What cloud services like Microsoft 365 currently offer to retrieve lost data. 
  • How to make sure your cloud data is actually secure. 

What You Risk by Not Backing Up Your Cloud Data

Let’s start by looking at the exposure a company faces that does not participate in shared responsibility.    Depending on the nature of one’s business, several risk scenarios could arise if you rely solely on cloud service vendors for backup (and the vendors themselves recommend that you do not rely solely on their services):  
  • You lose access to critical intellectual property documentation such as patents. 
  • You may no longer be in compliance by losing access to certain required information. 
  • The entire company loses access to emails and other collaboration tools such as  SharePoint and other apps, thereby preventing employees from doing anything. 
  • Critical systems such as Salesforce, which are based on multiple automations that have been painstakingly built up over time, will need to be rebuilt. 
  When data loss happens to a large business it can result in thousands of unhappy employees and customers. For small to medium-sized businesses the consequences can be even more severe if they lack the IT resources and know-how to immediately address the problem.     The eventual outcomes range from customer inconvenience and disgruntled employees to severe legal problems and potential business catastrophe.  In other words, your business continuity is at stake.

Common Data Loss Threats  

Data loss threats don’t always originate from outside the organization, as demonstrated by a study conducted by the Enterprise Strategy Group (ESG) which showed that human error from within the organization is one of the single biggest contributors to data loss.    A breakdown of data loss causes is illustrated in the following graphic: If you lose data for any of these reasons, cloud vendors like Microsoft will not provide data backup because they adhere to the “shared responsibility” model that states it’s not their responsibility. More on that later. 

The “Backup Features” Currently Available in Microsoft 365 

In essence, cloud service customers have three functionalities that many think serve as backup of their data.  

Litigation Hold 

The purpose of litigation holds is to help if you are involved in a legal process and need to preserve information exactly as it is at a specific point in time. It is clearly not designed as a backup or recovery tool, because:  
  • Retrieving just a single email requires going through 8-10 demanding steps. 
  • Based on your licensing plan, your cost of storage may be significantly higher. 

Versioning 

Microsoft automatically saves versions of your documents at regular intervals, so you can just go back and open a previous version, right?     Technically yes, but:  
  • You only get the random actual documents. What you don’t get is structure—nothing is where you left it, and there are no folders. So, at scale, this quickly becomes unmanageable. 
  • If there is a ransomware attack, all versions may be encrypted. 
  • There is zero protection against dangerous and potentially crippling ransomware. 
  Speaking of ransomware attacks, check out our popular Disaster Recovery Guide for a seven-step guide on how to keep your business running in a disaster situation. 

Recycle Bin 

Just like the bins around your office, the Microsoft recycle bins are emptied regularly. How frequently depends on the application. For example:    
  • In Exchange: mail items disappear after 30 days, and calendar items after 20 days. 
  • In Teams: channels, teams, and group items go away after 30 days. 
  • In OneDrive and SharePoint, they’re removed every 93 days. 
  • In SharePoint backup, items disappear after 14 days.  
  As useful and convenient as they are for users, these features can lull employees into a false sense of security because if the worst happens, they are not reliable.     Now that you know what’s at stake, let’s dive into the issue of shared responsibility. 

A Crash Course in Shared Responsibility

What is Shared Responsibility?

Although no official dictionary definition exists, in a nutshell, shared responsibility means you and each cloud vendor take shared ownership for accessing your data in the cloud.     Don’t be surprised to learn that Microsoft is not responsible for protecting your data. They are very clear on this issue. You can read a summary of their shared responsibility policy for Microsoft 365 in this short article, and here’s the bottom line (in Microsoft’s own words):    ‘You own your data and identities. You are responsible for protecting the security of your data and identities, on-premises resources, and the cloud components you control (which varies by service type)’.   Regardless of the type of deployment, the following responsibilities are always retained by you: 
  • Data 
  • Endpoints 
  • Account 
  • Access management 
  As you can see in the table below, the division of responsibility between you and Microsoft, depends on your hosting. (For the purpose of this blog post, pay attention to the SaaS column.)  Source: Microsoft 
  As you can see, Microsoft assumes some responsibility for its piece of the cloud service, but it’s up to the customer to protect the critical data that represents the lifeblood of its business.     Microsoft 365 does have some built-in features to retrieve deleted data such as versioning, litigation hold, and recycle bins, however, these also have limitations and are nowhere near viable alternatives to genuine backup. 

Who Uses the Shared Responsibility Model? 

Originally, AWS developed the concept, and today it’s used more or less identically by all cloud services. So, shared responsibility doesn’t just apply to specific vendors or types of services but to cloud computing in general.     If you want to dig deeper and explore how some of the main cloud service providers refer to shared responsibility, follow the links below to learn what each says on their respective websites.   

What Microsoft Recommends Instead: The 3-2-1 Backup Principle 

So, if Microsoft is not responsible for your cloud data, what steps do they recommend?    Simply put, they recommend keeping your eggs in different baskets. The most effective way to safeguard your data is to use the 3-2-1 backup principle, which goes like this:  Store your data separately from your day-to-day operations.     You must keep one copy of your data off site. Years ago, offsite storage was mainly to protect against fire and theft. Today, it’s more complicated than simply separating data geographically. And you can’t fully rely on cloud access, which could be taken offline to protect the providers’ own business interests.    If you want to learn more about what Microsoft recommends what to do if you experience a ransomware attack, you can find a good summary here.      Let’s move on to some actionable advice on what you can do next to bridge the huge security gap left by shared responsibility. 

How to Find a Backup Solution That Works 

If you decide to heed the advice of Microsoft, Google, and the other cloud service providers, and find a reliable third-party backup solution, here are some important considerations: 
  1. Find out who is actually responsible for data loss in applications such as OneDrive, Groups and Teams, SharePoint, and Exchange within your organization. Is there a dedicated person or team, or is the responsibility spread across the organization? 
  2. Make sure backup copies are stored outside of Microsoft 365’s domain. Always have offsite, immutable, backup copies that are stored separately from your primary data. Never store in the same logical infrastructure as your primary data. 
  3. Look for comprehensive coverage for your SaaS data, in order to include as much data and metadata as possible in your backup. 
  4. Look for fast and granular recovery so you can recover from a single item, all the way up to the tenant level to achieve precision recovery at scale.  
  5. Look for a third-party tool that is compliant and offers long-term retention and a variety of security controls. 

How to Find the Right Microsoft 365 Backup Vendor

There are great solutions available, and like everything else, you need to find the one that best meets your needs. To help you in that regard, here are the most important considerations:    Microsoft 365 coverage 
  • Does it support all of Microsoft 365, with all associated data types, such as Teams private chat, channel chat, versioning, and public folders, etc.? 
Data recovery 
  • Can you restore all business-critical data in place? 
  • Is all data restored in its original format? 
  • Is all data restored — from a single item up to tenant level? 
Role-based access control and compliance 
  • Can you configure backup admin permissions? 
  • Is the audit log tamper-proof? 
  • Can you limit access rights across specific data connectors? 
Data storage 
  • Are data centers independent from the SaaS provider? 
  • Are there options for data residency? 
  • Are redundancies built in? 
  • Can you store copies of your data in two separate data centers? 
Pricing 
  • Is the license model clear and transparent? 
  • Is data consumption included? 
  • Are there any hidden costs (for example, for departed users)? 
Search capabilities 
  • Can you search universally across all snapshots in a single view? 
  • Can you preview documents live? 
  • Can you control search and restore delegation? 
  • Can you perform point-in-time navigation or restore? 
Simplicity 
  • Can you easily manage and unify backup sets of cloud apps? 
  • Can you share public links to end users, and download all the data types and levels? 
  • Is the interface intuitive? 
Backup configuration 
  • Is the backup deployment simple and configurable? 
  • Can you scale across any size organization? 
  • Are the retention policies flexible across the instance? 
  • Can you segment Microsoft 365 data to meet business requirements? 
Security 
  • Is the storage engine tamper-proof? 
  • Are there SSO and MFA options? 
  • Are the data centers ISO27001 certified? And what about the software development and operations organization?
Backup management  
  • Is the solution 100% cloud-based with no maintenance required? 
  • Are new users automatically added to the backup? 
  • Can you automate notifications and backups? 
  • Is there an open API allowing for third-party integration? 
 

In summary: 

We’ve covered the concept of shared responsibility, touched on what the cloud service providers cover, and where your responsibility lies. We’ve also shared some advice on what you should look for in a backup and recovery solution. I hope you come away from reading this blog post feeling better equipped to perform your cloud data risk assessments. If you have any questions, you are of course welcome to reach out.  

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Introducing the Keepit mobile app

I promised myself I wouldn’t spend any time in this post talking about how the world has changed because of COVID or how people now want / expect / need to be able to do the critical parts of their job from wherever they are, not just from a corporate device on a managed corporate network. So, I won’t.

Instead, let me focus on one specific use case: backup and recovery of Office 365 data. Of course, that’s a huge part of what we do at Keepit, and our customers love it. So do analysts. We all know that disasters can strike at any time—ransomware, human errors, and technical failures can leave you in need of recovery at any time of the day or any day of the year. In the old-school world, starting a recovery meant “drive to the data center, put a tape in the tape library, and then run backup software.” With a cloud-native data protection solution like Keepit, there’s no more driving and no physical tapes, but you still have to start the restore.

That’s where our mobile app comes in! You can check the status of your backup and restore jobs and start recoveries from anywhere your mobile device can get a connection! Let’s take a look at how this works.

Checking Job Status

The Connectors page shows you what’s going on with the current set of supported connectors. Right now, the mobile app supports our Microsoft 365 and Google Workspace connectors, and we’re adding support for our other popular connectors. The connector status page shows you the current size and run state of your connectors. You can see in the example below that I have a current backup using the M365 connector and a separate OneDrive-only backup that just finished its first update.

Restoring Data

One of the unique ways Keepit makes your restores faster is by giving you multiple ways to restore data. You can restore data to its original location (“in-place restore,”) to an alternate location, or via a sharable URL. For the fastest possible restore, just create a shared restore link and send it to whoever needs instant access to the data. The recipient can use that link to browse the backup data you’ve chosen to give them and download only what they need, to whatever device or environment works best for them—without having to wait for you or Office 365 to complete the entire restore.

The Keepit mobile app supports both in-place and shared-URL restores. Tapping the connector lets you quickly create a link that points to the most recent snapshot, but if you want to browse the contents of the snapshot, you can do that too—tap the connector, choose “Open Connector,” and browse until you find the data you need. You can filter and sort the results to make it easier to quickly locate your data items. Once you’ve found what you’re looking for, you can restore it in-place or generate a link to send to the recipient for direct access.

The Future

We’re excited to be the first cloud SaaS data protection solution with a full-featured mobile app, and we have a lot of exciting things planned for the future. (Vic, let’s talk about what you’d like to publicly disclose here). We’re always looking for feedback from our customers, too—you can get the app from the Apple App Store or Google Play Store, and we’d love to hear what you think!

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.