Who Is Responsible for Salesforce Data Loss?

Like Comment

Gone are the days when Salesforce was simply a CRM platform. Top enterprises are launching amazing, data-driven programs on top of Salesforce related to digital transformation, artificial intelligence, and the Internet of Things. In order to help companies drive these initiatives and house their valuable data, Salesforce provides an incredibly high-functioning, secure platform that includes: 

  • Over ten global data centers
  • Real-time and near real-time replication of data
  • Secure, encrypted connections
  • Four copies of data, distributed across data centers
  • Global, 24/7 monitoring

Furthermore, Salesforce provides customers the option to purchase Salesforce Shield for an additional layer of security that includes event monitoring, field audit trail, data & platform encryption, and usage audit-ability.

While all of this should be reassuring, security of the cloud is different from security in the cloud. Which is to say that you — as a customer — are not off the hook completely.

Your Salesforce data protection responsibilities

When it comes to the security of your data, nearly all SaaS providers today subscribe to the shared responsibility model. This means that they are responsible for providing always-available application services that are hosted on a resilient infrastructure and maintaining data copies to withstand infrastructure failures or site wide outages. On the other hand, the customer feeds the SaaS application with its own data, meaning they are responsible for all data stored in the cloud, endpoints (devices), and account and access management.

shared responsibility model

Governments and regulators also place the onus of protecting data on the data owner. The customer must conform to data policies, standards, or laws relevant to its business processes. Abroad, legislation like the European Union’s GDPR, and in the United States California’s CCPA, as well as industry-focused governance like HIPAA in healthcare, FINRA in financial services, and FERPA in education, place liability for data safety and integrity on the company that collects the data, not the SaaS provider that stores it on their servers. 

It is the organization’s responsibility to safeguard data from any threat--internal or external--and ensure that their cloud providers deliver bulletproof security and compliance guardrails.

How to minimize your risk of Salesforce data loss

While it is clear that organizations are responsible for safeguarding their data stored in the cloud, the majority have not taken significant protective measures. Within the Salesforce ecosystem, 88% of organizations do not have a comprehensive backup and recovery strategy, and 69% acknowledge they are unprepared for data loss or corruption. Perhaps most alarming: 50% of respondents did not believe a backup was their responsibility. 

When you combine those statistics with how prevalent SaaS data loss actually is, it’s clear that having a backup and recovery solution is a must. Without a comprehensive backup and recovery strategy, Salesforce data loss or corruption could have a devastating impact across your organization with increased labor costs, data recovery fees, regulatory compliance fines, and a potential loss in productivity. That’s one reason why Salesforce themselves recommend looking into an AppExchange partner backup solution.

In our next blog, we’ll break down the key requirements of a backup and recovery solution and highlight what questions to ask of potential vendors. In the meantime, learn more about why backup and recovery is so important, especially for SaaS customers.

Why Back up Salesforce?

Alleviate the stress of errors and accidents and run your org with confidence
To view more OwnBackup content click here

OwnBackup

OwnBackup is the leading cloud data protection platform for Salesforce, proactively protecting you from losing access to mission-critical SaaS data, so you never have to worry about data loss disrupting your business—or your life. Offering comprehensive backup, visual compare, recover and archiving capabilities, OwnBackup protects critical cloud data for nearly 4,000 businesses worldwide. Built for security and privacy, OwnBackup exceeds the General Data Protection Regulation (GDPR) requirements for backed-up data and is the top-ranked backup and restore ISV on the Salesforce.com AppExchange with over 390 5 star reviews and counting. With the recent acquisition of RevCult, a global Salesforce security and governance platform, OwnBackup now offers a holistic approach to data protection, helping customers identify and limit primary security issues that lead to loss and corruption in addition to its backup and restore capabilities.

6 Contributions
1 Followers
0 Following