Research

Abstract:

It's more important than ever that business-critical data is available, but there is still a problematic misunderstanding about the responsibility for protecting SaaS data.

See fresh research into this market dynamic with the infographic, Data Protection for SaaS.

Research Objectives

Organizations are increasingly reliant on SaaS for many of their mission-critical applications and workflows. This means that a significant amount of business-critical data associated with these applications is now also cloud-resident. As a result, it is more important than ever that this data is available or at least recoverable. However, there is (still) a problematic misunderstanding about the responsibility for protecting SaaS data. While maintaining application uptime is the responsibility of individual SaaS providers, the onus for the availability and protection of data typically falls on IT organizations. This data protection gap exposes organizations to potential data loss, compliance and governance violations, and general operational risks.

In order to gain further insight into these trends, ESG surveyed 398 IT professionals at organizations in North America (US and Canada) personally familiar with and/or responsible for SaaS data protection technology decisions, specifically around those data protection and production technologies that may leverage cloud services as part of the solution.

This study sought to answer the following questions:

What steps, if any, do organizations take to protect the data associated with the SaaS applications they currently use?

Have organizations experienced any data losses or corruption with any of the SaaS applications they use over the past 12 months?

What are the most common causes of data loss or corruption for SaaS-based applications?

What benefits have organization realized as the result of using a solution to protect SaaS application solutions?

What are the biggest challenges organizations have experienced with the data protection solution(s) they use for SaaS applications?

What are the most important characteristics or considerations of a data protection solution, whether third-party or internally developed, for SaaS applications?

How do organizations characterize the mission criticality of the major SaaS applications they currently use?

What are the recovery time objectives (i.e., downtime tolerance) for the SaaS applications and workloads organizations protect today?

What are the recovery point objectives (i.e., transaction or data loss tolerance) for the SaaS applications and workloads organizations protect today?

Over the next 12-24 months, what level of IT priority do organizations expect to give to protecting SaaS applications, customizations, and associated data?

How do organizations typically fund the data protection solutions used to protect their SaaS-based applications?

Survey participants represented a wide range of industries including manufacturing, technology, financial services, and retail/wholesale. For more details, please see the Research Methodology and Respondent Demographics sections of this report.

Abstract:

Most organizations are not doing a very good job of protecting all their mission-critical data and applications. And, after suffering a ransomware attack, these victimized companies further report difficulties in recovering clean and recent data that might also have been compromised. Businesses have several options to protect their data and applications from attack but are slow in adopting perhaps the most viable and practical solution: air-gapped data protection infrastructure.

Abstract:

Ransomware attacks are frequent, disruptive, and costly, but paying a ransom to the perpetrators as a quick fix is a bad idea. Ransom payments usually don't guarantee the return of all the stolen data or prevent further attacks. Even the data that's returned may have been encrypted or compromised. That's why ransomware attacks must be prevented before they happen. And if they do occur, a foolproof data backup and recovery process must be in place to avoid suffering the consequences of paying a ransom and rewarding bad behavior.

Abstract:

Findings from a TechTarget’s Enterprise Strategy Group survey gauging the state of the ransomware preparedness market conclude that much work lies ahead for many organizations as they holistically address and resolve ransomware's ongoing threat to disrupt IT and business operations. Though most organizations are at a relatively low level of ransomware preparedness maturity, a notable gap exists in attack prevention and data recovery between the companies most prepared and the industry average.

Abstract:

Ransomware attackers disrupt business operations by targeting a variety of data sources and leveraging multiple types of infrastructure to get what they want: business’ money. But the most often targeted point of entry in successful ransomware attacks is not a bad link in an infected email. Rather, the most vulnerable points of attack lie in the software and misconfigurations. Therefore, organizations must plan for every contingency, look beyond safeguarding the obvious vulnerabilities, and protect all components of their IT environment.

Abstract:

From frequent attacks on critical systems to major data recovery issues and financial impacts, ransomware consequences refuse to be ignored.

See the data behind these trends and more with this ESG Infographic, 2022 Ransomware Landscape.

Abstract:

The ransomware threat is a top-of-mind issue for so many organizations; however, few feel totally prepared for an attack. Without an industry reference architecture or blueprint for ransomware protection, organizations are building their own strategies and processes to respond. But with ransomware protection included with so many different security and data protection solutions, many are confused about the scope of what is to be included, who is responsible for the implementation, and who needs to be involved in the conversation.

In order to connect the dots between those organizations that feel most prepared and the specific strategies and plans they are using to get there, with an eye on defining best practices, ESG surveyed 620 IT and cybersecurity professionals personally involved with the technology and processes associated with protecting against ransomware attacks at midmarket and enterprise organizations in North America and Western Europe.

For more information on this research, please visit www.esg-global.com/ransomware.

Abstract:

Building on existing trends favoring digital transformation initiatives, the pandemic sparked a further shift toward data-centric business models, with virtually all enterprises now using data to support the business and a remarkable one in five claiming data as their core business. To treat data like the business asset it has become, it must be de-risked, protected, made compliant, and leveraged. This will require IT professionals and vendors alike to develop intelligent data management strategies that not only preserve and protect data but also ready it for use in achieving business growth objectives.

Abstract:

Driven by data's rapid growth, the menace of cyber-threats and the enterprise push for digital transformation, among other factors, intelligent data management is fast becoming a priority for data protection and storage professionals. More than two-thirds rank it among their organizations' top five data protection and management priorities, a dramatic change from two years ago when only a third of organizations considered intelligent data management a top priority. Among digitally mature organizations, adoption is even higher, suggesting that interest in this approach will continue to grow as digital laggards achieve digital transformation maturity. One in five organizations believe intelligent data management will replace their overall data protection strategies. Learn why now is the time to shift to intelligent data management.