Prestigious International Awards Program Honors Outstanding Information Security Products and Companies 

LOS ANGELES, Calif., Oct. 5, 2023 – CyberSecurity Breakthrough, a leading independent market intelligence organization that recognizes the top companies, technologies and products in the global information security market, today announced that Keepit, the market leader in cloud data protection and management, has been selected as winner of the “Overall Risk Management Solution Provider of the Year” award in the 7th annual CyberSecurity Breakthrough Awards program. 

Keepit’s breakthrough cloud protection for Azure AD helps businesses back up and recover critical identity and application objects in the cloud that are not protected by Microsoft. Coverage of Azure AD cloud objects include: Users, Groups, Roles, App Registrations, Enterprise apps, BitLocker Recovery Keys, Sign-In Logs and more. 

Keepit keeps customer data in a separate, dedicated infrastructure, with the backed-up stored data fully isolated from the SaaS vendor’s cloud. Customer data is held in two separate physical data centers across six regions worldwide. 

 Utilizing the Keepit platform, it takes only moments to backup Azure AD and requires virtually no training or administration to operate. Recovery of data is fast, precise, and granular. Keepit provides the highest security standards as the platform is built on unique architecture which keeps data and metadata immutable and ensures compliance. In anticipation of future cyber resilience standards and requirements, Keepit is evolving into a comprehensive platform to support all SaaS application data types. 

“Azure AD is the brain to the Microsoft 365 body, but it also sees 50 million password attacks per day. Our protection helps users access and recover business-critical identity and access management objects when they need it,” said Frederik Schouboe, co-CEO and co-founder of Keepit. “It’s an honor to receive this recognition from CyberSecurity Breakthrough. We’re committed to providing fine-grained, incremental coverage that protects against any size incident with unmatched ease of use, minimizing downtime and serving as a solution that organizations rely on to protect their cloud-based data.” 

The mission of the CyberSecurity Breakthrough Awards is to honor excellence and recognize the innovation, hard work and success in a range of information security categories, including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Email Security and many more. This year’s program attracted thousands of nominations from over 20 different countries throughout the world.  

“Azure AD is the heart of an organization’s IT, serving as one place for managing user identities and permissions – making it a prime target for hackers,” said Steve Johansson, managing director, CyberSecurity Breakthrough. “Keepit addressing this head-on with a breakthrough solution that allows companies to close critical gaps in their cloud security strategy that they haven’t been able to close properly up until now. We extend our sincere congratulations to Keepit for bringing home the 2023 CyberSecurity Award for “Overall Risk Management Solution Provider of the Year!’” 

In addition to Azure AD, Keepit offers unrivaled backup and recovery for Microsoft 365, Dynamics, Power Platform, Azure DevOps, Google Workspace, Salesforce, and Zendesk. 

About CyberSecurity Breakthrough

Part of Tech Breakthrough, a leading market intelligence and recognition platform for global technology innovation and leadership, the CyberSecurity Breakthrough Awards program is devoted to honoring excellence in information security and cybersecurity technology companies, products and people. The CyberSecurity Breakthrough Awards provide a platform for public recognition around the achievements of breakthrough information security companies and products in categories including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Web and Email Security, UTM, Firewall and more. For more information visit CyberSecurityBreakthrough.com. 

Tech Breakthrough LLC does not endorse any vendor, product or service depicted in our recognition programs, and does not advise technology users to select only those vendors with award designations. Tech Breakthrough LLC recognition consists of the opinions of the Tech Breakthrough LLC organization and should not be construed as statements of fact. Tech Breakthrough LLC disclaims all warranties, expressed or implied, with respect to this recognition program, including any warranties of merchantability or fitness for a particular purpose.

75% of organizations have been victims of at least one successful ransomware attack in the past year, disrupting them operationally and financially.  

These attacks have become a constant battle between ever more sophisticated attackers and the IT and cybersecurity professionals tasked with keeping them at bay. 

In fact, a new survey (co-sponsored by Keepit) tells us that 65% of those IT and cybersecurity professionals name ransomware among the top 3 threats to their organization’s viability, and 13% of those even name it the biggest threat. 

If you are responsible for protecting your organization’s data, are you prepared for the next ransomware attack? If you are concerned about gaps in your strategy, you’re not alone. Many feel their organizations do not have the proper preparation in place to handle the increase in frequency and impact of attacks. So read on, learn where attacks are being targeted, and how to increase your level of preparedness. 

The statistics are fresh and based on a new Enterprise Strategy Group survey of 600 European and North American IT and cybersecurity professionals personally involved with protecting against and recovering from ransomware attacks. 

Get all the latest numbers on ransomware attacks in the full report. Download it for free.

What ransomware attackers go after

We have reliable data both on which parts of your IT environment are at risk, and which data classes the attackers are most likely to go after. So, let’s take them each in turn.

The parts of your IT environment most at risk

Attackers can enter your network at many different points, placing a significant burden on IT departments. But with this data, you will have a better idea of where to strengthen your defenses.  

 
The element most affected by ransomware attacks – indicated by 38% of survey respondents whose organization experienced a successful ransomware attack – is their key IT infrastructure. Anyone who controls even a small part of your IT infrastructure has tremendous power over you. They no longer even need to kidnap your files. For example, if they can disrupt, or gain control over, your Active Directory, they can shut your operations down for all practical purposes. 

For obvious reasons, your storage systems are also an attractive destination for attackers. Whether on-prem or in the cloud, there is a lot of gold in your data assets.  

But the survey respondents tell us that there are also plenty of other targets under assault in their IT environments. These include networks and connectivity, cloud-based data, IoT operations infrastructure, and last but not least data protection infrastructure.

Especially the last one deserves a special mention. Ransomware attacks are increasingly targeting backup copies of data – something that 74% of survey respondents were concerned about.  

This is why at Keepit we have gone to great lengths to create backup solutions that eliminate this very risk to the data protection infrastructure by insulating your backup in our independent cloud. With our true third-party protection, your data is stored in separate, isolated, immutable storage that is physically and logically separated from the rest of your IT environment. So the risk of attackers being able to reach your backups is greatly reduced.  

While the industry is slowly realizing the importance of such “air-gapped” and immutable solutions, this is not common practice within the backup solutions industry just yet. 

The data classes most at risk

The data class most targeted by the attackers—cited by 58% of the respondents whose organization had experienced a successful ransomware attack —is the one that you are required by law to protect: regulated data. This hurts in any way you can imagine, both for you and those that entrust you with their data. 

 
But a close second is sensitive infrastructure configuration data. Affecting the infrastructure at its core is a very effective way for attackers because it makes it easier for them to steal or damage data and to evade detection.  

In essence, this is how many attackers first gain entry. Once inside, they “climb the ladder” to compromise an account with admin privileges. And then, they can start breaking things such as configuration settings and access rules, and start stealing.  

We recently saw a brazen example of just such an attack. In this case, attackers caused major disruptions and financial losses by compromising both on-prem and cloud-based systems. The attacker: 

1. Entered the target network by compromising an on-premises account 
2. Leveraged that account to compromise the on-prem Active Directory 
3. Used that access to pivot to and compromise Azure AD 

 
All of the target’s Azure storage and compute resources were deleted. If you don’t have a backup of your Azure AD data, building your settings and access control up from the ground again will be difficult and time-consuming, leaving you vulnerable to further attacks in the interim. 

Other data classes the survey respondents indicated are usually targeted are intellectual property data and mission-critical data. Any attack on mission-critical data is frustrating and costly as companies struggle to restore data and operations. But temporary or permanent loss of sensitive intellectual property information is not only hurtful in the short-term until operations are resumed, but can be enormously damaging in the long-term. 

All these four types of data are highly desired by the attackers. You can see exactly how much, and a lot more, in the report itself.

As you can see, your IT infrastructure has a major bullseye on its back that bad actors constantly try to hit. Unfortunately, sometimes they will succeed. So, you had better have the right plan in place to deal with the consequences when it happens. 

How the ransomware attacks hurt

When asked in the survey how all those successful ransomware attacks have impacted the respondents’ businesses, the two standout examples were data loss and data exposure.

But the list of painful effects is long. Some worth mentioning are operational disruptions, direct impact on employees, customers and partners (such as access to personally identifiable information), and financial, compliance and reputational damage. 

If you want to know in more detail what pains to expect and prepare for, I recommend that you look through the the official report.

Storytime: Scary ransomware stories from the real world

Now that you know what the attackers are after, where they hit you and what the main effects will be, let’s get a bit more tangible and look at some recent examples of successful attacks. 

Ransomware attackers sure are creative, so you need to be able to anticipate their moves. And for that, it is useful to follow the related news and learn what has worked (for the attackers) in the past.

Here is some recommended reading to bring yourself up to date:

• An attack on one of Toyota’s key suppliers disrupted their production. During the shutdown, Toyota lost a third of its global output and suffered a significant financial loss. Read the story here. 
  
• Third-party, unauthorized access was made at Bridgestone Americas, prompting a shutdown of the computer network and production at its factories in North and Middle for about one week. Read the story here.
  
• A ransomware attack hit agricultural equipment manufacturer AGCO, causing it to shut down manufacturing facilities. It took 17 days to return to full operation. Read the story here.

What to make of all this

Attacks will happen, and some of them will succeed—you can’t stop them all. But with the right preparation, you can take a lot of the power out of the attackers’ hands by being able to immediately restore the data you’ve lost and clean up after the attack. So it’s all about resilience and management.  

 
Arm yourself with the right insight. The above information is a great start – you now know which data classes and elements of your IT environment to prioritize — but it only scratches the surface. Download the full report to get the full picture.

Prevention will only take you so far, so move beyond a simple defensive strategy. How much downtime and data loss can your business really afford? Ensure you can handle the disruption and keep your business operational through the storm. To help mitigate the operational disruptions and avoid the data loss that is so common-place today, you need to invest in a solid plan to protect your business-critical data. 

Now is the time to secure your data and improve your resilience levels – before the next ransomware attack hits you.

New Service Offers Unrivaled Protection for Azure DevOps Users

COPENHAGEN, DENMARK  – June 29, 2022 – Keepit, the market leader in cloud data protection and management, today announced the launch of its new backup and recovery service for Microsoft Azure DevOps. Keepit is the world’s only independent, vendor-neutral cloud dedicated to software-as-a-service (SaaS) data protection with a blockchain-verified solution, and the Azure DevOps service adds to the company’s already industry-leading coverage for Microsoft’s cloud services.

“Azure DevOps has limited disaster recovery coverage. If a company loses its Azure DevOps data, it loses access to development operations, which means it loses the ability to track, document and deliver what software it’s building. Those losses can have a severe impact on the development team’s productivity and ability to deliver to its customers,” said Paul Robichaux, Keepit’s senior director of Product and a Microsoft Most Valuable Professional (MVP).  

DevOps is a set of practices that combines software development (Dev) and IT operations (Ops) and is characterized by key principles of shared ownership, rapid and continuous deployment, workflow automation, and rapid feedback. It is a way of thinking, collaborating and driving effectiveness and efficiency in software development, with a goal of delivering software more quickly while maintaining high quality. 

Azure DevOps (ADO) is Microsoft’s solution for implementing DevOps and supports a culture and set of processes that bring together developers, project managers, and individual contributors. Tools available as part of the Azure DevOps suite include Azure Boards, a standalone service that helps teams plan, track and discuss work across the entire software development process, and Azure Pipelines, which provides build and release services to support continuous integration and delivery of applications. With its simple, fast and flexible Azure DevOps backup and recovery service, Keepit safeguards these workloads against large-scale disasters and provides its customers with the following: 

• The most comprehensive protection and quickest recovery for Azure DevOps Boards and Pipelines data and metadata​ 
  
  -Protection for Azure boards, including work items, boards, backlogs, team sprints, queries, and delivery plans 
  
  -Restoration with full metadata, including comments, custom fields, and attachments 
  
  -Rapid restoration of critical continuous integration and continuous development/deployment (CI/CD) automations and Pipelines to a known-good state​ 
• Immutable storage of data in Keepit’s ISO 2700-certified private cloud, providing​ long-term archive or escrow copy of sensitive ADO data 
• Granular protection that delivers speedy recovery, including for accidental deletions or changes, to minimize disruption to mission-critical activities. 
• Compliance with various data protection regulations. 

Robichaux added, “Keepit’s fine-grained, incremental coverage protects against both ‘Oops’ scenarios and large-scale incidents. Our Azure DevOps backup and recovery service will enable businesses to protect their software development operations as an add-on to the coverage we offer for Microsoft’s cloud services. We are excited to include this in our already robust stable of offerings for our clients.” 

With its unmatched ease of use, fast restore features that minimize downtime, and cost-effectiveness, Keepit continues to be the solution that organizations rely on to protect their cloud-based data. For more information on Keepit’s backup and recovery for Azure DevOps, visit keepit.com. 

What this Azure AD name change means and 6 reasons for backup

In the ever-evolving landscape of technology, we often witness transformations that impact the apps and services we rely on daily. One such transformation is happening today: Microsoft has just announced that Azure Active Directory (Azure AD) is now named Microsoft Entra ID.

While the name may be different, there are no changes to the actual product; Entra ID continues to be Microsoft’s identity and access management service that enables your employees access to external resources, such as Microsoft 365, the Azure portal, and thousands of other SaaS applications. The essence and value that Entra ID provides remains unchanged. Regardless of the name, it still needs to be backed up.

With the introduction of cloud computing, the edge of a network no longer exists, and the latest hacking techniques rely on compromising identity first. As a prime target for hackers, Azure AD — now Entra ID — sees 50 million password attacks per day, which amounted to attacks on almost 10% of the 550 million Entra ID users in 2022. According to Microsoft’s VP of Identity Security, Alex Weinert, Entra ID accounts are also 50 times more likely to be compromised than consumer Microsoft accounts.

What is Entra ID? And what’s the relationship between Entra ID and Microsoft 365?

Microsoft 365 uses Entra ID to manage user identities behind the scenes. Simply put, Entra ID is the brain to the Microsoft 365 body. It’s the control plane that allows access, gives orders, and makes sure Microsoft 365 runs well via policies and configurations.

Loss of access to Entra ID can result from a variety of mishaps, such as bad actors hacking your Entra ID and locking you out or an authorized user deleting a policy or admin accounts. If users can’t access their identities because their identities can’t get authorized in Entra ID, they’re not able to use their Microsoft 365 applications. If users can’t access anything, they can’t work, which grinds operations to a halt while the issue is addressed.

Do I need to back up Entra ID?

According to Microsoft, protecting identity systems such as Entra ID is the number one priority for any business — more important than protecting human life — as it ensures you and your users can maintain access to critical applications and systems.

What are the potential impacts of losing access to Entra ID

Recently, a company got locked out of all their Microsoft services due to faulty conditional access policies in Entra ID (formerly Azure AD). As a result, the admins were unable to log in to Microsoft and the unavailability of Microsoft portals prevented the company from registering a support ticket to report and resolve the issue. One can only imagine how long it took to resolve and get back to normal operation.

Here’s another example of the importance of Entra ID: A Carlsbad company suffered losses of more than $500,000, endured three full days of downtime, and invested six months in rebuilding after a disgruntled former employee deleted more than 1200 of the company’s Microsoft 365 user accounts.

In April 2023, Microsoft detected attacks on hybrid AD environments too. In this example, a “nation-state attacker” entered a network, compromised on-prem AD, used that access to pivot to and compromise Azure AD (now Entra ID), and then deleted all of the target’s Azure resources. Currently, the threat primarily originates from nation states, but in the future, it could shift to criminal organizations and eventually to low-end script kiddies.

That’s why it’s important to have a backup plan ready just in case things go haywire.

What can and can’t be recovered in the Entra ID recycle bin?

When we talk about the native recovery in Entra ID, it’s important to note that not all objects go through the Entra ID recycle bin when they are deleted.

Some objects are “soft deleted” and get put into the recycle bin. They include:

• Microsoft 365 groups
• App registrations
• User and guest accounts

Here’s something important to know: When these cloud objects are soft deleted, they stay in the recycle bin for 30 days, but after that, they are ‘hard deleted” and vanish forever as they are permanently and irreversibly deleted. No chance of getting them back.

For all the other objects, they undergo immediate ‘hard deletion,’ indicating that they bypass the recycle bin and can’t be recovered natively. Microsoft shares that “hard-deleted items must be re-created and reconfigured. It is best to avoid unwanted hard deletions.” In other words, to maintain efficiency and business continuity, it’s advisable to steer clear of any unintended hard deletions if you don’t have a backup. Immediately hard-deleted objects include:

• Distribution groups
• Enterprise applications / Service principals
• Intune device policies
• Conditional access policies
• BitLocker recovery keys
• Security groups

Keep in mind that many Entra ID objects have intricate setups or unique connections with other systems, and unfortunately, the recycle bin doesn’t capture all those details. This means if you accidentally delete or alter those objects, there’s no way to recover them.

Oh, and don’t forget, the recycle bin is only for deleted objects — it can’t bring back an object to its previous state if you’ve made changes to it. Yikes. That means any change overwrites the object.

What are the risks of not backing up Entra ID?

While it’s open to debate whether backing up Entra ID is universally applicable to every organization and situation, it’s a wise approach for most enterprises. We’ve collected a couple of compelling reasons why backing up Entra ID can benefit your organization:

1. Loss of security / configuration policies
Entra ID allows administrators to define and enforce various configurations, policies, and access controls. Not having a backup means the loss of these settings, which can result in inconsistencies, misconfigurations, and unauthorized access. It takes significant time and effort to recreate and reapply these configurations manually, leaving the environment exposed to potential security risks.

With a backup of Entra ID, organizations have more control over the restoration process as they can easily recover permanently deleted cloud objects like device configurations, security policies, and access controls in a fast and efficient way.

2. Limited recovery options
Entra ID provides native features for data recovery, such as recycle bin and soft delete options. However, these options have limitations, such as time-bound retention and the inability to restore specific attributes or configurations.

A proper backup of Entra ID ensures more comprehensive recovery options and greater control over the restoration process.

3. Failure to meet compliance requirements
Organizations are often subject to various regulatory requirements, such as GDPR or industry-specific regulations. Failure to have a backup of Entra ID can lead to non-compliance with data protection and privacy regulations, resulting in potential legal issues, financial penalties, and reputational damage.

A backup of Entra ID ensures continuous chain of custody and provenance of security policies. This allows organizations to prove to regulators exactly which policies were in place at any time and document changes and deviations, if any.

4. Data loss
Entra ID stores security policies, application settings, and other cloud-only configurations. If this data is lost due to accidental deletion, malicious activity, or system failure, it can lead to severe consequences, including user access issues, operational disruptions, and compliance violations.

If you have a backup before the incident, you can use it to easily recover your lost data and bring it back into your Entra ID environment right away.

5. User productivity impact
Without a backup, recovering security and device policies can be a difficult and time-consuming task. This process may restrict activity or even prevent users from logging in to apps.

Restoring security policies and configurations manually can result in significant downtime and decreased productivity for users who are unable to access the resources they need.

6. Microsoft system outages
If Entra ID experiences a prolonged outage or catastrophic failure, organizations without a backup will have limited options for recovery, leading to extended periods of system unavailability and business disruption.

No backup can prevent Microsoft from having a system outage: That’s simply a risk all organizations face. However, if you have a backup, you can use it to recover your data once the service outage is resolved.

Evaluate your need for Entra ID backup

If you’re uncertain about the need to back up Entra ID for your organization, a helpful approach is to consider the potential risks associated with Entra ID data loss. Evaluate your comfort level with the level of risk involved to determine the best course of action.

We’ve created an Entra ID risk assessment sheet to help you gauge your exposure and risk tolerance. Use the assessment to determine your Entra ID backup requirements and the need for backup.

Download and create your own Entra ID security risk assessment here.

“Keepit’s European-based data centers were a key consideration during Porsche Holding’s research and selection process as we sought a cloud backup and recovery solution,” said Michael Bojko, system engineer at Porsche Informatik.

And what you can do to protect your critical SaaS data

Cybersecurity is a critical concern for all organizations. The rapid growth of technology and the increasing sophistication of cyberthreats have made it essential to have experts in the field of cybersecurity to protect against the potential risks. Add on to this the ever-expanding compliance demands from legislation such as the NIS2 Directive and CCPA, it becomes even more challenging to navigate.

The demand for cybersecurity and IT job roles is increasing at a pace that outstrips companies’ ability to recruit. Given that cybersecurity is a vital aspect of any enterprise that handles sensitive and confidential data, it is crucial to locate and retain specialized talent in this field, but how big is the problem?

A recent report by the World Economic Forum (WEF) has highlighted a significant shortage of security experts worldwide. They believe this shortage contributes to a growing list of global risks, including cyberattacks, data breaches, and other forms of cybercrime.

The Importance of Data Protection and Management

With the rise in cybersecurity threats, it is essential for businesses to prioritize data protection and management. This includes securing data, preventing data loss, and complying with regulations and standards. Data protection and management solutions also help businesses maintain their reputation and customer trust, as well as improve their operational efficiency.

According to WEF, the rapid pace of technological change has made it challenging for security experts to keep up with the latest developments, leading to this shortage of experienced professionals. WEF shares that this shortage of security experts is a major concern for organizations as it makes them vulnerable to a range of cyber threats. Cyber criminals are becoming increasingly sophisticated, and organizations need to be equipped with the necessary tools and expertise to protect themselves.

What is the cybercrime situation now?

The number of incidences and the costs associated with cybercrime are on a steep rise – WEF projects $10.5 trillion by 2025. Cybercrime is big business: The Conti ransomware group, according to Reuters, has targeted over 1,000 victims, garnering more than $150 million in the process. Their prolific success led to the U.S. offering a $15 million reward for information.

Cybergangs are organized and functioning like legitimate companies – the Wired’s article “The Workaday life of the World’s Most Dangerous Ransomware Gang” tells how the Conti ransomware gang has a CEO and even an HR department. These groups sure aren’t matching the image of the hacker in a mask, in a dark room, working on a laptop computer: They’re sophisticated, skilled, and clearly very successful by these dollar figures above.

In the face of this, companies are scrambling to protect themselves and their data, with more and more businesses understanding the risks and therefore are placing data security high on their agenda (and bolstering their security with bigger budgets). And they had better hurry: The threat environment is likely to only get worse. The World Economic Forum (WEF) Global Risks Report 2023 explores some of the most serious risks coming over the next two and 10 years.

What’s the expected global risk from cybercrime and cyber insecurity?

Of the global risks expected to have the greatest impact over the next two and the next 10 years, “widespread cybercrime and cyber insecurity” comes in at number eight for both timespans.

In the second visual, “cybercrime and cyber insecurity” moves all the way up to the fourth position for businesses, highlighting the heightened importance of data protection and security to companies. It’s worth mentioning that in all of these, it’s the only result within the Technological category, and perhaps the one with the most agency: Companies taking action and intervening with a data protection plan can mitigate their exposure. (More on this below.)

Increased State Intervention: Is data backup now akin to compulsory auto insurance? 

Compliance becomes an ever increasingly important part of data protection. The trend already appears to be solidified with the European Parliament recently putting forth legislation via the NIS2 Directive which adds on increased responsibility, heightened fines toward the company and C-suite of which the latter may be subject to suspensions for failures to comply. Read blog post about the NIS2 Directive here.

“Risks from Cybersecurity Will Remain a Constant Concern”

And here we get to the crux of the issue: According to the WEF, “These problems are compounded by a scarcity of security experts.”: A challenging situation made more difficult. According to Cybersecurity Ventures, there’s a total of 3.5 million unfilled cybersecurity jobs.

How are companies expected to combat the increasing risk from cybercrimes and the increased demands from state and government while at the same time there are reports of an all-too-small pool of security candidates to hire from? One SaaS data protection provider effectively addresses these concerns by providing a service that follows data protection best practices.

How Keepit can help businesses compensate for the shortage of security experts

Keepit is a software-as-a-service company that provides dedicated data protection for companies relying on cloud SaaS data. By increasing cybersecurity and resiliency and increasing the impact of a company’s existing workforce (all with an impressive ROI: Read the blog post here), Keepit supports business growth into the future by ensuring compliance and data protection. TechTarget suggests enterprises should “support [their] existing talent” as a means of addressing the cybersecurity skills gap, specifically to “automate routine tasks.”

Keepit provides an intuitive interface and simplified processes, an easy-to-use data protection solution that can enable personnel with less cybersecurity expertise to manage and maintain the system effectively. This can save companies the cost and time of hiring and training specialized cybersecurity experts while increasing cybersecurity posture.

Compensate for the shortage of security experts by having an automated data protection and management system in place. This reduces the need for manual intervention, which can be time-consuming and requires specialized skills.

Where should you start? Learn more about data management and protection

Keepit enables companies to have peace of mind, regardless of any new legislation or cybercrime events.

In this podcast Keepit’s Paul Robichaux and podcast host Thomas Stensitzki talk about the principle of “shared responsibility” between SaaS vendors like Microsoft, Google and Salesforce, and their customers. The two discuss how to protect cloud data and ensure business continuity. And they also touch on the differences in data regulations for businesses operating in the EU and USA.

And don’t worry: Although the brief introduction is in German, the rest of the podcast is in English.

Podcast featuring Keepit’s own Paul Robichaux

Paul Robichaux is Senior Director of Product Management at Keepit and a Microsoft MVP (Most Valuable Professional) – a title he has been awarded every year since 2003. Paul has worked in IT since 1978 and held a number of CTO and senior product development positions in the software industry. Paul is a prolific contributor to the Microsoft community: He is the author of an impressive amount of books and articles about Microsoft technologies, including the best-selling Office 365 for IT Pros, a contributing editor for Practical 365, and produces a continuous stream of videos, podcasts, and webinars.  He is based in Alabama, USA. Find Paul on LinkedIn and Twitter.

To hear the full podcast on Thomas’ Tech & Community Talk click here

Contributed article by Keepit’s own Niels van Ingen

Niels van Ingen, industry veteran and COO at Keepit, shares his perfective on why shared responsibility for cloud data backup and recovery is the only way forward. He says to look at Microsoft’s own documentation, which states, “it’s critical to understand the Shared Responsibility model and which security tasks are handled by the cloud provider and which tasks are handled by you.

For all cloud deployment types, you own your data and identities. You are responsible for protecting the security of your data and identities, on-premises resources, and the cloud components you control (which varies by service type).” 

To dive into the full article on vmblog.com, click here to learn “Why Shared Responsibility for Data Backup and Recovery Is the Only Way.” 

And 5 reasons why you should back up Azure AD in the cloud 

Imagine a busy city with multiple roads leading to various destinations, such as a hospital, a shopping mall, and a stadium. Just like a traffic light controlling the flow of vehicles to and from these destinations, Active Directory (AD) and Azure Active Directory (AAD) control the flow of and access to information from apps and services such as Microsoft 365, Salesforce, Google Workspace, and others. Organizations rely heavily on AD and AAD to ensure a smooth flow of and access to their data.

However, just like how a city can experience traffic jams, frustrations, accidents, and general chaos when the traffic light is out, when AD or AAD are not accessible, the flow of and access to control-plane information can cause severe business disruption. This post will explore the importance of data protection for Azure AD.

The evolution of identity management: From Active Directory to Azure AD and the need for different backup solutions

But first, how did we come to rely so heavily on AD and AAD? Active Directory was introduced in 1999 as a solution for on-premises identity management, providing a centralized repository for user and device information and allowing administrators to manage these resources effectively and efficiently.

As the use of cloud-based services grew, the need for an identity management solution that could integrate with cloud-based resources became more important.

This led to the creation of Azure Active Directory, which was designed to serve as the bridge between on-premises and cloud resources, not only creating a seamless and secure identity management solution for cloud computing, but also offering a range of features and capabilities (including single sign on, multi-factor authentication, and conditional access) to help organizations meet their security and compliance requirements.

Microsoft Azure Active Directory and Active Directory seem to be a bit shrouded in mystery. For many, the distinction between them is not always clear, and this distinction becomes even more blurred when it comes to the topic of backing up and protecting the data within each.

Instead of covering all the differences between AD and Azure AD, this post will mainly focus on backup for Azure AD, and it will explore five ways in which AAD requires a different backup solution from the traditional backups used for on-premises AD. Before we can do that though, we need to quickly establish — roughly — what the difference is.

What’s the difference between AD and AAD?

As Stephen Covey put it, “the main thing is to keep the main thing the main thing.” That quote might make more sense if you consider the key difference between cloud and on-prem AD to be the main thing… and in this case, the main difference between the two is that Active Directory is designed for managing user access and application infrastructure for an on-premises world; Azure Active Directory is for managing user access to cloud applications in a cloud-based environment.

Even more simply? Sure: AD is on prem, AAD is cloud based.

If you’re interested in exploring the differences further, here’s what Microsoft has to say: Compare Active Directory to Azure Active Directory.

Every object in either AD or Azure AD has one permanent home. That’s the primary copy of the object, and the copy to which changes are applied. If you are on-prem-only, or cloud-only, then there’s only one copy of each object.

In hybrid mode, though, no matter where the object is homed, there will be two copies of it: the primary copy and a synchronized copy on the “other side.”

The distinction of where (which environment) your identity objects are homed is paramount. Active Directory backup via on-premises solutions is exactly that: making a backup of on-prem data by copying it to/from an on-premises solution. Azure Active Directory, as a cloud-based application utilizing cloud-based data (and metadata), creates and manages cloud data in the cloud.

Why it matters: Comprehensive data coverage requires the ‘right’ backup

“Some” Azure AD data and metadata only exist in the cloud environment. You could copy these objects to an on-prem storage location (which is roughly as useful as putting backup tapes on top of the server they’re made from), but these objects must be restored to the cloud.

Therefore, with clear gaps in coverage, the data and metadata are not covered holistically. This means your data may not be fully protected when you back up your cloud data with an on-premises Active Directory-oriented tool as your Azure AD backup solution.

In other words: what’s homed on premises and what’s homed in the cloud are physically separate. You introduce new problems for yourself when you cross the streams, including speed of access, data fidelity and quality, and security.

Let’s dive into five reasons why on-prem AD backup is not a viable option for comprehensive backup of Azure AD.

5 things you should consider if you’re backing up AAD on premises

1. Some attributes in Azure Active Directory are not available on premises

If you take an on-prem AD account and sync it to the cloud, the sync process (and Azure AD) adds some attributes to it. Some of these may be synced back to on prem (a process called writeback) but some will not. Backing up Azure AD captures these; backing up the on-prem AD won’t.

2. Azure AD may have user objects or attributes that do not exist on premises

You can define your own users, groups, roles, et cetera, that exist only in the cloud. If you do not back these up independently, they will not be preserved nor well protected, and your only recourse is to recreate and define these custom entries every time.

And yet not everyone sees the value in protecting these objects when their identity management (IdM) anchor is on prem. Even if an organization’s IdM anchor is on premises, objects and attributes like Intune and conditional access policies are important for several reasons, often forming a key part of organizations’ zero trust security, and, as such, need to be protected against loss or damage. (Read our article on the zero trust principle here.)

Still not convinced of the value of protecting control-plane objects? Here are five reasons highlighting the case for securing data protection:

• Cloud-based management: Intune and Azure AD conditional access are both cloud-based services that can be accessed and managed from anywhere. They cannot be accessed from on-prem systems, so if you lose the copy in the cloud, it’s gone.
• Security: Azure AD provides additional layers of security, such as multi-factor authentication and identity protection, that can help to protect against potential security threats such as compromised credentials or unauthorized access.
• Compliance: Intune and conditional access can help organizations meet compliance requirements, such as HIPAA by providing features such as device compliance and role-based access control.
• Scalability: Azure AD allows organizations to scale their IdM infrastructure as needed, without the need for additional hardware or software.
• Remote work: Intune and conditional access can help organizations to secure and manage remote workers’ devices, even if they are not connected to the on-premises network.

Now are these objects and attributes vital to operations? You can decide for yourself. But, considering the impact that could result from losing these in one data loss scenario or another (and the resource investment required to manually recreate and administer them, not to mention the security concerns of not ensuring the right users have the permissions to access company data), adequate data protection of these should be a business imperative.

3. Azure AD will have configuration/state objects that don’t exist on prem

Enterprise apps, app registrations, Conditional Access (CA) policies, and many other policy- and security-related objects exist only in the cloud. Microsoft’s native protection for these objects is mostly non-existent — delete a conditional access policy, for example, and it’s just gone. Let’s drill down into two important-to-protect Azure AD features:

• Conditional Access: Azure AD Conditional Access is a feature that allows you to set policies that determine how users are granted access to resources based on conditions such as device compliance, location, and user identity. It allows you to control who can access your resources and under which conditions. This feature can be used to protect against security threats, such as compromised credentials, by requiring multi-factor authentication or other forms of authentication.
• Intune: Intune is a mobile device management (MDM) and mobile application management (MAM) service that is integrated with Azure AD. This feature allows you to manage and secure mobile devices, desktops, and apps, including those used by remote workers. It allows you to set policies for devices and apps, such as requiring a passcode or encrypting data, and to remotely wipe a device if it is lost or stolen.

What about the Active Directory Recycle Bin? As these AAD-only configurations/state objects only exist in the cloud, there’s no available recycle bin for these policy objects, so there’s no undo. It’s akin to an immediate hard delete, meaning there is no 30-day or 90-day grace period as there is with soft deletions.

How to recover from hard deletion? Microsoft shares that “hard-deleted items must be re-created and reconfigured. It’s best to avoid unwanted hard deletions.”

Let that sink in for a moment: “It’s best to avoid unwanted hard deletions.” This advice is nigh impossible to follow as common data loss scenarios, like accidental deletions), are a question of when, not if. It highlights how the Recycle Bin was never intended to be a replacement for dedicated backup. Read our post on why backup is a risk-management imperative here.

4. Record preservation

How long does Azure AD store reporting data? That’s a very good question: According to Microsoft, activity reports are stored as follows:

The recovery features for soft deletions are typically limited to 30 days retention, so if you want to recover on day 31, it’s too late! The data is gone, as Microsoft shares here in its Azure Active Directory fundamentals:

So, the question is this: Are these objects that are automatically hard deleted important to your business operations? And a natural follow-up question is this: Is the 30-day restore period for soft-deleted objects enough protection for your data? (Often, mandatory minimum data retention periods are determined by governments.)

Note: It’s important to mention that changes are not covered by the recycling bin, such as editing or overwriting, even to objects that would normally be soft deleted . Any change, intentional or otherwise, replaces the previous version with no option of reverting or recovering. When these changes are done accidentally, we euphemistically refer to them as an “oops,” but they are quite serious and actually one of the leading causes of data loss, so this gap in coverage should concern those tasked with ensuring data protection.

The writing on the wall is that native coverage is insufficient for recoverable, comprehensive coverage and that the solution to this coverage gap is having your own third-party backup. This extends your ability to recover these objects for as long as your backup exists. 

Explore this in more depth here: Azure Active Directory recoverability best practices from Microsoft.

What’s Next? Choosing a Backup Solution for Azure Active Directory

Now that we’ve highlighted the need for dedicated cloud data backup for Azure AD, let’s explore what Keepit provides with its Azure AD service offerings (one of which — Azure AD Standard — is offered completely free of charge). 

Leading AAD data protection for your cloud security strategy

Keepit helps you recover business-critical identity and application objects that Microsoft doesn’t protect. Extend your retention period and strengthen security with protection of policies as well as full auditing and traceability of changes. Protect against day-to-day data loss and improve IT efficiencies with the ability to roll back changes and speed up troubleshooting.

Azure Active Directory Backup Coverage 

The Azure AD connector protects the following Microsoft 365 Azure Active Directory objects: Users, Groups, Administrative Units, and Roles. It also protects Audit logs (and Sign-in logs with audit logs enabled). 

For an exhaustive coverage list, visit our AAD support site here. 

Interested in Backing up (and Restoring) Azure AD with Keepit for Azure AD? 

To learn more about how you can protect your business-critical data and ensure disaster recovery resolve with Keepit for Azure AD – the leading protection for your cloud security strategy – click here. 

New Solution Offers Unmatched Backup and Recovery for Power BI Users

COPENHAGEN, DENMARK  – February 01, 2023 – Keepit, the market leader in cloud data protection and management, today announced the launch of its backup and recovery solution for Power BI, Microsoft’s business intelligence solution platform for aggregating, analyzing, visualizing, and sharing data. With the release of Keepit for Power BI, Keepit is extending its lead as the premier data protection service for Microsoft’s cloud solutions. Power BI is the first of the Microsoft Power Platform services to be added to Keepit’s solutions, with support for Power Apps and Power Automate planned for later in 2023. 

Keepit is the only SaaS data protection specialist that fully covers Power BI. Because Microsoft doesn’t provide native backup options for reports, dashboards, workspaces, and datasets in Power BI, businesses that rely on Power BI in their decision-making risk losing data if something goes wrong  – such as accidental deletions,  alterations, malicious deletion, file corruption or ransomware attacks – including losing data and metadata required for compliance reasons and to maintain business continuity.  

Keepit’s protection for Power BI is secure and simple, and recovery of data is swift. With ultra-fast smart search and restore features, Keepit’s Power BI customers can restore multiple terabytes per day and get Power BI data back into its original location, along with original metadata and relationships. Restore capabilities include:

• In-place restore: Get data back to where it originally resided  
• Download: Download individual data objects or complete folders    
• Shareable Links: Provide users with a secure link to their data.

“Microsoft is currently investing heavily in the Power Platform, and Power BI is a major part of that platform,” said Paul Robichaux, Keepit’s Senior Director of Product Management and Microsoft MVP. “Power BI is a market leader in the business intelligence space, and the business intelligence space is growing exponentially. With Keepit for Power BI, organizations can protect the data they use to drive their business decisions against data loss and downtime. Keepit is thrilled to add this product to our market-leading range of Microsoft cloud data protection solutions.” 

To try Keepit for Power BI for free, visit the Keepit website.