Why Your Chief Legal Officer Needs Cloud-to-Cloud Backup

The lawyer (or lawyers) at your organization care about company data. They understand why your organization is legally obligated to retain cloud data. As cloud applications are now used more frequently, the Chief Legal Officer is tasked with ensuring company data stored in the cloud is protected. This means the CLO needs to understand the need for third-party cloud to cloud backup.

Backups are not archives (and vice versa)

Here’s an important rule of thumb: archives are for discovery; backups are for recovery.

Archiving tools like Google Vault are designed to make it easy to prove a chain of events to regulators and investigators. Archiving and compliance software keeps an explicit record of which user took what action when, and can often reproduce versions of files and messages as they existed at a certain point in time. Unfortunately, most of these tools are explicitly limited to communications platforms like Gmail and Google Talk. Archiving tools are about documenting the “he said, she said” of online communications, and assigning responsibility for any changes or transfers of data. Archiving tools are not designed to recreate or reproduce actual lost, altered or corrupted data.

Few if any archiving tools can help your company if someone subpoenas your deleted Google Drive documents or wants to see an overwritten version of your Salesforce Sandbox.

Backup tools like Backupify, however, are designed to return lost data to the production application as quickly and seamlessly as possible. That means all data is held by a cloud to cloud backup even after it is deleted, and regardless of whether it’s a document or a message or a decorative Google Sites image. If you as CLO need to produce a file that isn’t an email, there’s often no better source than a backup tool.

It’s not a question of whether the CLO should choose an archiving tool or a backup tool for your cloud systems. A smart CLO will want both.

Your Terms of Service are no longer your own

If your company is using a cloud-based application to help deliver goods or services to your customers, the reliability of those cloud apps now directly affects any commitments you make to those customers. That means the availability of a cloud application—and the accessibility and integrity of the data in your cloud apps—can make or break your own service guarantees and contractual obligations.

If you’ve guaranteed in writing 90-day payment terms, or a 30-day project turnaround, or 24-hour product delivery, you need to be certain that your cloud-based financial records, your cloud-based order processing workflow and your cloud-based inventory management system won’t lose data at any time in the transaction cycle. And just because your cloud vendor’s Service Level Agreement hits all five key guarantees of availability doesn’t mean that one of your employees won’t delete the transaction data you need from inside those cloud applications.

A cloud to cloud backup means that lost data is back in place before you default on your own Terms of Service, SLA or contractual obligations. It’s the CLO’s job to ensure the organization can live up to the “commercially reasonable efforts” that a contract promises to make in meeting deadlines and standards. Any cloud CLO would be well advised to insist on a cloud to cloud backup of any SaaS application.