SaaS vendors typically operate on a shared responsibility model, which means obligations are shared between the vendor and the customer, on aspects relating to security & others. SaaS vendors own all the underlying elements that provide the cloud service including all primary components such as physical infrastructure, network controls, operating system that hosts the application, controls for the application offered as a service, hardware components and many others. However, ‘data’, the critical component that powers the business and is central to the service’s relevance is the organisation’s responsibility. Responsibility includes accountability for data stored, classification of data, managing compliance requirements, securing, and protecting data, apart from other obligations required of data owners.
But you’re ok, you’re using a virtual segregation – right? Wrong.
We strongly believe that virtual segregation is not sufficient in terms of 3-2-1-1, and therefore if you’re storing you 365 backups within Azure you’re not compliant with the NCSC recommended security strategy.
Join us to discover how you can quickly and easily become compliant, and significantly mitigate the risk of data loss.