Put in the simplest terms, a cloud exit strategy, also known as a reverse migration, is the process of creating a plan to ensure a company can effectively transition out or—or between—various cloud services. 

Naturally, this should be a focus area for all companies moving to the cloud or engaged with outsourcing in general, either between cloud vendors in connection with retendering, or back to on-premises insourcing.

Regulations driving the need

Certain regulated industries have, in comparison to other industries, a more mature risk-based approach to exit strategies as the regulatory bodies overseeing them have more broadly developed requirements. In the financial industry, for instance, it is mandatory that financial institutions develop and implement comprehensive exit plans that are not only well documented but also, where appropriate, sufficiently tested. 

Companies in other industries could adopt the same approach. The reason for the financial regulators to focus on these issues and to require financial institutions to do this is in order to protect the overall stability of the financial systems due to the important role they play in our society. 

Financial institutions will, among other things, ask the cloud vendor to provide certain clauses in the cloud agreement that support the financial institution’s exit strategy. To cater to this, Keepit has developed amendments to our standard offering to customers that will provide additional services in connection with an exit.

Top 3 considerations for cloud exit strategy amendments:

• Clearly set out the obligations of the existing service provider in the case of a transfer of the outsourced function to another service provider or back to the customer, including the treatment of data
• Set an appropriate transition period during which the service provider, after the termination of the outsourcing arrangement, would continue to provide the outsourced function to reduce the risk of disruptions 
• Include an obligation of the service provider to support the customer in the orderly transfer of the function in the event of the termination of the outsourcing agreement 

Managing data and costs

Depending on how simple and transparent the cloud vendors’ price models are, the customer could also focus on the costs in connection with such a transition, for instance, in the form of egress charges.  Keepit has a super simple price model with no egress or ingress charges, but that is far from the standard in the market. Generally speaking, services based on public clouds charge for egress and ingress.  

The actual migration of data in connection with an exit is more difficult to define in advance, but the vendor should be willing to assist and support the migration against payment for the services rendered. It is important to keep in mind that “data” in this context is not just the files themselves – the word document or the XLS. “Data” is also all the metadata surrounding the files – the business and technical context of the data processing. Keeping and transferring metadata can be a challenge. 

However, by having a backup and recovery solution built on blockchain-verified, immutable technology, Keepit enables organizations to document cloud data processing of data transitions from one primary vendor’s service to the next – provided, of course, that you keep an independent backup of the datasets. 

Takeaways on data regulations and data portability

On a general note, and separate from the above, exit rights in the form of data portability rights have been, at least partly, regulated in the European General Data Protection Regulation (GDPR), where data portability requirements allow individuals to obtain and reuse their personal data for their own purposes—across different services. The right allows the data subjects to move, copy, or transfer personal data easily from one vendor to another, safely and securely, without affecting its usability. 

Although the right is intended for data subjects (the individuals), it has, to some extent, transgressed to companies focusing on the availability to move data from one vendor to the next, which has created a demand for tooling to support such data portability needs. Keepit allows the customer to move the data and to provide certain tooling to do that at no additional charge. 

Finally, having a third-party backup of your data does counter the risk of lock-in with the specific vendor as you have your data available through the backup vendor. Although not the primary reason to ensure a backup, we do see this as an additional benefit to having third-party backup. 

Read more about Keepit and hear what some of the companies that rely on Keepit have to say at www.keepit.com/customers/ 

Introduction

Salesforce is the undisputed market leader when it comes to customer relationship management (CRM) platforms, with a 23.9% market share, as per IDC (figure below). 

More than 150,000 companies across the globe trust Salesforce for managing their data ecosystems – doing everything from gathering and converting leads to opportunities, managing information to understand and engage customers, extracting insights from the data, to sharing information across the organization. 

It’s clear that Salesforce is very much at the heart of your value chain, but how safe is the most important asset of your organization, your data? Let’s explore this question. 

How Effective Is Native Salesforce Backup and Recovery Service?

According to industry analysts (and even a Salesforce best-practices blog), using the native backup and recovery capabilities can have the following drawbacks: 

• It takes 6 to 8 weeks for data backup recovery time objective (RTO) 
• Salesforce Data Recovery Service is very expensive, costing $10,000 per restore per organization 
• Backup does not cover vital Salesforce metadata. You’ll miss out on custom fields, page layouts, reports, dashboards, and custom code backup. 
• Salesforce ended its Data Recovery Service in July 2020, citing quality issues, but it was revived in March 2021 after customers demanded a native backup service. 
• Salesforce suggests using third-party backups as part of the data backup strategy. 

Why Do You Need Third-Party Backup?

In addition to the drawbacks above, there are many reasons why Salesforce data should be backed up with a third-party backup and recovery solution. Let us explore some of the main reasons: 

1. Salesforce recommends it: 
   
   “There are a number of data backup solutions offered by our partners on our AppExchange. Some of these are more comprehensive in that they allow you to automate backups of both your data AND your metadata and provide a mechanism by which to restore that data easily. You can search for these by visiting the AppExchange directly and searching for keyword backup. We recommend that customers vet multiple offerings and audit the reviews provided by other customers before selecting one of these offerings.” 
2. Accidental deletion
   
   Consider this statement directly from Salesforce best practices to back up data: 
   
   “Even with the best of intentions, users and administrators have been in situations where they have either deleted large amounts of data, or have modified records, only to later realize that a mistake was made. With tools like the Data Loader, it is very easy to mass delete or update records. And a simple mistake in your source file or field mapping could spell disaster for your data. It is recommended that you keep a regular backup of your data and to do a manual point-in-time backup before you proceed with any major data project within your organization.”
   
   Accidental deletion remains the top cause of Salesforce data loss, leading to nearly 70% of the data loss incidents. 
3. Cybersecurity attacks 
   
   Being at the heart of the value chain and hosting huge volumes of sensitive customer data, Salesforce is a prime target for cybersecurity attacks. 
   
   Unfortunately, in 2019, a cloud-based e-commerce platform and children’s clothing company, Hanna Andersson, had its data exposed due to a malware that infiltrated Salesforce. The breach compromised a considerable chunk of customer data, including credit card information and personal identifiers. The hackers gathered data from about 10,000 consumers nationwide and sold it to criminals on the dark web.
   
   Bearing the sophistication of cyberattacks in mind, it is important to consider what the impact of a security breach is on your organization, and what your data protection plan is to mitigate these attacks.
   
   A third-party cloud backup is a key component of data protection best practices. With reliable backups and quick recovery in case of a disaster, you will not only have peace of mind that you can recover data (and metadata) when you need it, but also that you maintain data compliance.  
4. Unpredictable (and high) costs
   
   Professional service costs are high, as high as $10,000 per restore, per organization. A third-party backup provider can offer superior services for a predictable, all-inclusive price per user, per month. 
5. Limited data backup retention period 
   
   Is your customer data part of your long-term strategy? Salesforce backup is limited to a maximum retention period of 90 days. In contrast, a third-party backup provider can provide the flexibility to retain data, from one year and up to 99 years.  
6. The infrequency of backups and lacking automation 
   
   Salesforce Data Export Service allows you to back up every seven days (or 29 days, depending on the Salesforce edition). Additionally, datasets greater than 512 MB are exported into multiple zip files.
   
   When compared to this, a third-party backup provider offers you complete, automated daily backups with data and metadata in a time- and user-friendly fashion. Further, they provide tracking and monitoring of the latest backup and your backup history. 
7. Lackluster user experience and poor recovery options
   
   When you need to recover objects, dealing manually with multiple 512 MB zip files is resource intensive. A third-party backup can provide you with these additional features: 

• Drill down to specific objects  
• A search option to instantly search and recover deleted or modified data  
• Granular restore 
• Compare and restore metadata 
• Restore permanently deleted records  
• Navigate snapshots of previous data versions and recover 

Ultimately, as an IT Leader, it comes down to data protection and data availability. Can your business afford to lose mission-critical data for 6 to 8 weeks? Can your budget handle unpredictable costs up to $10,000? Can you perform time consuming, manual reconfigurations due to loss of metadata with Salesforce backup? 

Instead of worrying about when data loss will happen, by using a third-party backup provider, you can recover data and metadata in minutes – at a predictable price point – regardless of what happens. 

Keepit Backup and Recovery for Salesforce

Keepit for Salesforce saves you time, is cost effective, scalable, provides ease-of-use through a simple user interface, and gives you peace of mind that your data is securely backed up, recoverable, and available whenever you need it. With Keepit, we ensure this through: 

• Automated daily backups every 12 hours 
• Easy user interface which is clutter-free, intuitive, and increases productivity 
• Set and forget operation – set up in a few clicks and the backup will be running in the background 
• Unlimited storage and archiving at no extra charge 
• Technology scalable to millions of users with long backup retention from 12 months to unlimited  
• Point-in-time restores 
• Blockchain-verified technology for protecting your data  
• World-class security with dual data centers and 4 copies of data in private data centers 

Keepit for Salesforce saves you time, is cost effective, scalable, easy to use through a simple user interface, and gives you peace of mind that your data is securely backed up, recoverable, and available whenever you need it. With Keepit, we ensure this through:

• Automated daily backups every 12 hours
• Easy user interface which is clutter-free, intuitive, and increases productivity 
• Set and forget operation – set up in a few clicks and the backup will be running in the background 
• Unlimited storage and archiving at no extra charge 
• Technology scalable to millions of users with long backup retention from 12 months to unlimited  
• Point-in-time restores 
• Blockchain-verified technology for protecting your data  
• World-class security with dual data centers and 4 copies of data in private data centers 

Visit our website to learn more about backing up your Salesforce data

Data sovereignty asks: Can you tell your data subjects exactly where their cloud data is stored?

The cloud, somewhat intangible and sometimes referred to as “up there” is actually very much grounded, geolocated within the borders of countries. Data sovereignty and data center strategy are important considerations for organizations as everything in the cloud is stored in data centers. But where? This should be an easy answer – and it is central to the discourse on data sovereignty.  

As cloud computing becomes the norm, so does the knowledge that a data protection strategy following best practices needs to be implemented in the cloud to ensure, among many things, data sovereignty. 

Not knowing where data is stored can be dangerous and may lead to exposing a company to unwanted risk: loss of company trust, litigation, compliance headaches, stagnation in business growth, fines, and permanent, unrecoverable data loss. 

What Is Data Sovereignty (if nothing more than difficult to spell)?

Data sovereignty is much more than a buzzword – it is rife with important requirements for organizations to protect and manage their (and their data subjects’) data in line with local and international laws, thereby complying with the general governance of the jurisdictions where the data has traveled across and is stored – not only where the company is located. 

Complying with the foreign legal requirements associated with data transmission across borders “is an important matter because the location of data storage directly affects the applicability of local privacy legislation” (Data Sovereignty: A Review). Not knowing where your data is also means you are unaware of the laws to which you are subject. 

Even while knowing where your data is stored, it can be complicated (and it may constitute a high risk) to store data in regions where there may be different or unique requirements—or instability in the local political spheres that may result in outages—impacting data availability and ultimately data security.

By now, many of us have experienced the changes that followed the European Union’s implementation of the GDPR, where the fundamental right for data protection of data subjects is protected, resulting in an increased awareness (and requirements) regarding the handling of data. Learn more about compliance and GDPR here.

Simplifying the Situation

In the convoluted world of data sovereignty and data compliance, there are steps that organizations can take to add simplicity and predictability to their data management strategy. For instance, storing data in data centers that offer no-transmission guarantees means no surprises in terms of litigation due to the confidence of knowing exactly where data is stored. One way of achieving this is with a third-party backup service deploying a global data center strategy focused on (and committed to) guaranteeing no data leaves the customer’s chosen data center region. 

These services are offered by companies specializing in cloud SaaS (software as a service) backup and recovery. These providers may offer the added benefit of deploying a multi-regional data center approach with the ability to store targeted data in the regions required by the customer. 

It is important to find a service that can document and guarantee this – which is precisely what Keepit, a leader in SaaS data backup and recovery, does and continues to do through continual expansions of data center locations. Read Business Wire’s article on Keepit opening two new Canadian data centers.

“Superior Data Center Strategy”

Keepit, in their latest data center additions—this time in the Canadian market—has a global footprint that spans six regions: US, UK, Germany, Denmark, Canada, and Australia. Aside from the legal and compliance benefits, there are many other gains to be had from deploying a dedicated SaaS data protection solution. 

Learn more about how you can always be in control of your data with Keepit Backup and Recovery.

If you have children, you’re probably familiar with the feeling you experience when you suddenly realize how much they’ve grown over a period of time. Day by day, those changes may seem small, but when looking across years or decades, they add up. So it is with Office 365, which has grown to have more than 345 million paid seats and generates a large part of the nearly US$100 billion that Microsoft will book for cloud revenue this year. I’m old enough to remember Microsoft’s proud announcement that Exchange Server itself had crossed the US$1 billion/year revenue mark back in 2004.

“But what does that have to do with why I should back up my Microsoft 365 data?” you ask. Good question. In fact, it’s a great question, and one that leads to lots of other questions (thus the structure of this post as a sort of informal Q & A). 

This steady, sustained, and impressive revenue growth came about because organizations value the collaboration and communication features in Office 365 highly enough not just to subscribe, but to stay on the platform. Every minute that your users are using Office 365 applications and services, they’re creating and editing the data that your business needs to operate.

“What’s the worst that could happen?”

Lots of people tend to think that bad things only happen to other people. It’s natural to assume that the extensive data protection measures in Microsoft’s platform will keep your data safe—but that’s not entirely true. In future articles, I’ll dig into specific parts of the Microsoft data protection world and talk about their strengths and weaknesses, but for now, let’s say that it’s more accurate to say that Microsoft’s native data protection measures may protect you against some types of catastrophic data loss, but there are still lots of things to watch out for. 

First, not all data items are created equal; that email in your sent items folder accepting the meeting request for Bob’s retirement party isn’t worth as much as the Excel file that has your end-of-quarter sales data. To make this problem worse, let’s not forget that not all workloads are equally well protected. Some services have recycle bins, and some do not. Some provide support for document versioning, and some don’t.

Second, consider which threats you really need to protect against. Aliens probably aren’t going to attack Microsoft’s entire network and burn down all their data centers—the biggest risk you actually face isn’t Microsoft permanently losing your data (although it does sometimes happen).

Instead, there are some bigger risks you face, including, but not limited to, these:

• Service outages: A Microsoft outage will keep you from getting access to your data. The multiple outages in Azure multi-factor authentication that blocked users from logging on to the service in 2019, 2020, and 2021 are great examples. 
• Oops: A mistake by your own users or administrators, or by Microsoft’s service team, will delete some important data. (KPMG IT blunder erases 145,000 users’ data). 
• Malicious deletion: A security breach or problem will cause you to lose access to your data, either because ransomware has removed or encrypted it or because something else in the chain gets broken.

We sum these potential causes up with a simple phrase: mishaps, mistakes, and malice.

As you can see, the native data protection features included with the service may not help in all these scenarios, especially because you may have important data in workloads that don’t have much protection. Having an independent cloud-based backup with no dependencies on Microsoft’s services can preserve your ability to access your data even during an Azure AD or other outage.

“Is Microsoft responsible for my data?”

In a word: No, as you can see from this Microsoft article. Microsoft essentially says that they’re responsible for security (which in this case I’ll say means the confidentiality, integrity, and availability)of the infrastructure used to run Office 365, but that in the end you are the owner of, and responsible for, the data itself. 

If you carefully read the Office 365 or Azure service descriptions, you won’t find any promises by Microsoft that say things like “we promise to protect your data” or “we’ll never lose your data.” Instead, when you examine their security best practices for various parts of their estate, you’ll see recommendations to back up your data, test your backups, maintain good personnel security, and so on—all things that Microsoft may also be doing, but on which you probably shouldn’t bet your company.

“Do I really need a third-party backup tool?”

It’s an old cliché that aviation regulations are “written in blood.” When it comes to backups, it might be less dramatic and more fair to say that backup best practices are written in tears, lost dollar bills, or maybe in shredded resumes.  

The risk of you unrecoverably losing all of your M365 data may seem small, but the impact of such a loss would be very high for most of us. This is especially true when you consider that a worrying number (86%) of ransomware operators haven’t been restoring data even after the ransom’s been paid!  

The risk of unrecoverably losing some of your data, though, grows in line with multiple factors: how much data you have, how much of it is high-value, how many people have write access to it, and how emerging security threats hold that data at risk. Having an immutable copy of your important data stored securely in an independent cloud is terrific insurance against both large- and small-scale risks. 

“What do I do now?”

If you haven’t ever lost data because of malice, mistakes, or mishaps, maybe you’re not convinced of the value of robust, cloud-independent backup for your data. Sadly, though, most of us have indeed lost data for some (or maybe all!) of these reasons.  

Either way, the first step in deciding how to best protect your SaaS data is to take an honest and comprehensive look at the potential losses you’d face from not having timely access to your critical data. The built-in reports in the Microsoft 365 admin center will help tell you who your most active users are and who has how much data in OneDrive, SharePoint, and Exchange Online. Couple that with your own knowledge of your business and you’ll get a good start on deciding where the potential catastrophes might lie. 

Next, think clearly about the risks you face, both from the standpoint of your IT organization’s capability and maturity but also from the overall standpoint of your business. Many organizations have increased their spending on security—which is often beneficial!—but haven’t done anything to improve their ability to protect against mishaps or mistakes, much less to carefully plan and test a recovery strategy.

If, after doing these things, you realize that some or all of your Microsoft 365 data is valuable enough for your company to protect to continue day-to-day operations, then you can read more about how Keepit Backup and Recovery for Microsoft 365 can help protect your data on our product page.

Copenhagen, Denmark  – May 11, 2022 –  Keepit, the market leader in cloud backup and recovery, and the world’s only independent, vendor-neutral cloud dedicated to SaaS data protection with a blockchain-verified solution, today announced that the company has received a Top Rated award from research and review platform TrustRadius.  

The award is based on the rating scores Keepit’s customers give the Keepit product and services. In addition to the scores, customers are able to elaborate on their ratings in detailed comments. The most praised characteristics of Keepit’s services on TrustRadius are: ease of use; the speed and granularity of recovery times; the return on investment and value for money; customer support; and the retention policies.  

‘Buyers have many options when it comes to selecting SaaS Backup Software,’ said Megan Headley, VP of Research at TrustRadius. ‘Keepit earned a Top Rated award based directly on feedback from its customers. Reviewers on TrustRadius highlight Keepit’s easy implementation, worry-free operation, and breadth of functionality.” 

Keeping it simple pays off 

For Keepit, the award is a testament to the value of keeping a dedicated focus on the user experience – not just from a product interface perspective but also from all the services surrounding the product. Particularly, technical support and customer success management have been key areas of continuous improvement and refinement for the company, as well as transparency in the initial sales and onboarding processes. 

With a business strategy dedicated to the customer experience, the award is received with gratitude and pride:  

“For Keepit, this is one of the most valuable categories of awards we can receive,” says Keepit CEO Frederik Schouboe. “Our philosophy has always been to ‘keep it simple’ based on the understanding that a security solution will only work if it is properly implemented and incorporated in the day-to-day operations of an organization.  And that only happens if the solution is intuitive and efficient. An award based on customer praise which keeps repeating simplicity, ease of use, and ease of implementation as valued features is the ultimate stamp of approval for a company like Keepit.” 

Company Strengthens its Canadian Presence with Local Data Centers Offering First and Only No-Transmission Guarantee

Copenhagen, Denmark – March 30, 2022 – Keepit, the market leader in cloud backup and recovery, and the world’s only independent, vendor-neutral cloud dedicated to SaaS data protection with a blockchain-verified solution, today announced the opening of its first two data centers in Canada. Keepit is partnering with Equinix – one of the world’s leading, green-by-design digital infrastructure companies to run the data centers, enabling Keepit to provide a data storage solution that follows Canadian laws and regulations for businesses operating inside and outside of Canada.  

“Our superior data center strategy is what allows Keepit’s customers to instantly recover and restore lost or compromised data,” said Keepit CTO Jakob Østergaard. “Equinix data centers are recognized globally for exceptional levels of security. And since each location has full copies of user data, with two mirrored physical locations, our clients can rest assured that their data will always be available to them, regardless of their Software-as-A Service (SaaS) vendor’s status. Keepit can confidently guarantee that our infrastructure ensures all customers’ data will remain in situ, with no middleware transmissions outside regions. We are proud to be the first and only vendor that can make that claim.” 

Keepit’s new data center investment aligns with the proliferation of the data Backup-as-a-Service (BaaS) and recovery sector, which has largely been fueled by the exponential uptick in data volumes that resulted from the increased adoption of connected technologies and digital transformation drives. 

The opening of the data centers highlights Keepit’s commitment to providing the fastest, most secure, and most efficient service to its expanding Canadian customer base, while also demonstrating the significant growth of its global network. Additionally, it will greatly increase the company’s ability to offer seamless, low-latency data backup and recovery services across leading platforms such as Microsoft 365, Google Workspace, and Salesforce.  

Keepit’s unique infrastructure is architected around multiple separate, mirrored data centers in each region, with each center operating in active-active mode; thereby, data is continually replicated between the centers. In the event of a single system failure, or even the unlikely event of the loss of a full data center, the platform’s operations will remain unaffected and Keepit’s clients’ data will remain reachable and available to be restored. 

Keepit’s existing Canadian partners, such as XenTegra, understand the importance of providing Canadian businesses with data sovereignty via local data centers, and of data being stored separately from the primary environment and independent from the SaaS vendor’s storage locations.  

As a global information technology solutions advisor and reseller company focused on digital workspace technologies and cloud computing, XenTegra is enjoying good momentum in Canada: