New research reveals significant data protection gaps in SaaS systems
HYCU, Inc., a leader in data protection solutions as a service on-premise, cloud and SaaS and one of the fastest growing companies, has published new global research highlighting critical data vulnerabilities in SaaS environments. The report “The State of SaaS Resilience in 2024” analyzes cyber resilience in the use of SaaS applications, based on an independent survey of 417 IT managers in Europe, the United Kingdom, the United States, Japan and Singapore.
The report identifies a series of critical issues that emerge with the increase in the use of SaaS applications. The sheer volume of SaaS applications in use in enterprises, the reliance on third-party risks, and the lack of awareness of the Model of Shared Responsibility are some of the elements highlighted in the report, in addition to the increase in ransomware threats. As the research highlights, IT managers still don't know the exact number of SaaS applications in use in their organization, with the majority of those surveyed estimating they use twelve of them. While research shows that on average mid-sized businesses use over 200 SaaS applications in their IT environment (1), these gaps are quickly becoming one of the most important challenges facing modern businesses today.
Key findings from the report include the following:
- Business leaders often they underestimate the scope of their SaaS data assets and they are not aware of the number of SaaS applications in use in the company.
- 41% of respondents rely on SaaS vendors to protect and restore their data, but cloud providers, SaaS vendors, or ISVs typically place the responsibility for data protection and recovery on the customer, according to “Shared Responsibility Model”.
- SaaS applications were the cause of attack for 61% of ransomware breaches reported by the interviewees.
- 71% of respondents believe IT is responsible for the majority of SaaS technology usage, although these are often purchased and used by different offices or lines of business.
- 90% of respondents said they were unable to recover data from encrypted SaaS environments within an hour, with the risk of costly business interruptions.
- 43% of respondents said they do not have personnel with the necessary skills to protect SaaS application data.
- Three-quarters of those surveyed said their companies would suffer a significant impact if EntraID (formerly Azure Active Directory), SSO and Identity Access Management (IAM) data suddenly became unavailable due to a cyber attack.
The report also summarizes best practices to help organizations protect their SaaS data and their businesses from the threat of cyberattacks.
"Today, the average enterprise relies on hundreds of SaaS applications for a variety of tasks, including business-critical workflows. Understanding how vulnerable SaaS data is to growing cyber threats is critical," said Subbiah Sundaram SVP Product at HYCU. "This new report from HYCU illustrates the need for companies to improve data protection in SaaS environments. As a leader in this space, HCYU is ready to help companies close the gaps that threaten their resiliency by providing enterprise backup and recovery solutions specifically designed for today's SaaS application-based environments."
A complimentary copy is available at The State of SaaS Resilience in 2024 or by requesting the report via email to rauricchio@grandangolo.it.
[1] Zylo, 2022 SaaS Management Index Report
