Imagine arriving at the office (or logging into your home workstation) only to find that your email doesn't work. Then you realize you can’t access SharePoint, Teams, or even your accounting software. You check your credentials, but they aren't recognized. Your entire digital identity has vanished.
For most modern businesses, Microsoft Entra ID (formerly Azure AD) is the silent heartbeat of the organization. It manages the users, groups, permissions, and conditional access policies that keep your data secure and your people productive. But what happens if that heartbeat stops?
The High Stakes of Entra ID Data Loss
Many organizations mistakenly believe that because Entra ID is a cloud service, Microsoft is responsible for backing it up. While Microsoft ensures the availability of the service, the data and configurations within your tenant are your responsibility.
Without a proper backup, you are exposed to several critical risks:

• The "30-Day Cliff": Microsoft’s native recycle bin only holds deleted objects for 30 days. After that, they are purged forever.
• Mass Accidental Deletion: A simple PowerShell script error or a misconfigured sync tool can wipe out thousands of users or groups in seconds.
• Ransomware and Malicious Actors: Modern cyberattacks don't just encrypt files; they target identity. If an attacker gains admin access, they can delete your entire identity infrastructure to maximize leverage.
• Configuration Corruption: If someone accidentally changes a complex Conditional Access policy, locking out half your workforce, there is no "undo" button. You have to rebuild it from memory.

Why "Normal" Backups Aren't Enough
You might have a backup for your emails or your file servers, but Entra ID is a different beast. To be truly resilient, your identity backup must follow two golden rules:
1. It Must Be Separate from Your Standard Backup
If your identity backup is bundled with your primary data backup, you create a single point of failure. If your primary backup credentials are tied to the same Entra ID tenant they are protecting, a compromise of that tenant could lock you out of your backups exactly when you need them most.
2. It Must Be Completely Isolated from Production
A true backup is an "air-gapped" or "cross-cloud" copy. It should live in a completely separate environment, using different administrative credentials. If your production environment is compromised by ransomware, your backup must remain untouched and accessible from a clean, independent connection.
The Solution: Future-Proofing with Keepit
When it comes to securing the foundation of your Microsoft ecosystem, Keepit stands out as the premier solution.
Keepit provides a dedicated, third-party cloud specifically designed to protect SaaS data. Here is why it is the missing piece of your security puzzle:

• True Independence: Keepit operates its own independent infrastructure. Your Entra ID data isn't just moved to another folder in the same cloud; it is stored in a completely separate administrative domain.
• Blockchain-Verified Immutability: Once your data is backed up to Keepit, it cannot be deleted or altered by ransomware or rogue admins. It is locked and safe.
• Granular Recovery: You don't have to restore your entire directory to fix one mistake. Keepit allows you to find and restore individual users, groups, roles, and even specific attributes or App Registrations in clicks.
• Automated and Set-and-Forget: Keepit runs automatically in the background, ensuring that your identity "snapshots" are always up to date without adding to your daily IT workload.

Conclusion: Don't Wait for the Disaster
In the world of IT, it's not a matter of if a configuration error or security breach will happen, but when. Relying on Microsoft's default settings is a gamble where your company's continuity is the stake.
By implementing a separate, isolated backup through Keepit, you ensure that even if your production environment fails, your identity remains intact. You aren't just backing up data; you are backing up your ability to do business.

In a world where data is often described as "the new oil," the question of where that data actually resides has moved from a technical detail to a boardroom priority. As businesses flock to the cloud, many assume that "the cloud" is a borderless ether. In reality, every byte of data sits on a physical server, in a physical building, governed by the laws of a specific country.
This is the core of Data Sovereignty: the concept that digital data is subject to the laws and governance structures of the nation where it is physically located.
The Hidden Risks of Ignored Sovereignty
If your organization lacks a clear strategy for data sovereignty, you are exposed to risks that no firewall can block:

• Legal Conflict & Compliance Fines: Regulations like GDPR (Europe), CCPA (California), or the Dutch AVG have strict rules about data transfers. Storing data in a region with incompatible privacy laws can lead to massive fines.
• Foreign Government Access: Under laws like the US CLOUD Act, foreign governments can potentially subpoena data stored on servers owned by companies headquartered in their jurisdiction, even if the data is physically located elsewhere.
• Geopolitical Instability: If your data is stored in a region that suddenly faces political turmoil or sanctions, your access to that data could be severed overnight.
• Loss of Digital Control: Without sovereignty, you lose the "home field advantage." You are playing by someone else’s rules, and those rules can change without your consent.

The Sovereignty Gold Standard: Separation and Isolation
To achieve true data sovereignty, your backup strategy must go beyond simple duplication. It requires a fundamental separation from your primary production environment.
1. Separate from the Standard Backup
Most standard backups are stored within the same cloud ecosystem as the production data (e.g., backing up Azure data to another Azure region). This creates a jurisdictional monopoly. If that cloud provider faces a legal or regional challenge, both your production and your backup are equally vulnerable. A sovereign backup must be held by a different entity under a different legal framework.
2. Fully Isolated from Production
A sovereign backup must be "off-grid" relative to your production environment. It should reside in a separate, vendor-independent cloud infrastructure. This ensures that a compromise in your production environment—whether it’s a cyberattack or a legal seizure—cannot "bleed" into your backup.

Conclusion: Reclaim Your Digital Borders
Data sovereignty is about more than just compliance; it’s about ownership. In an era of global uncertainty, the only way to truly protect your business is to ensure that your data lives under your rules, in a location you trust, and on an infrastructure that is entirely separate from the risks of your production environment.

In the last decade, Software as a Service (SaaS) has gone from a trendy alternative to the undisputed king of enterprise IT. From startups to Fortune 500 companies, everyone is moving their operations to platforms like Microsoft 365, Salesforce, and Workday. It’s easy to see why: the benefits are immediate and undeniable.
However, beneath the shiny interface and "pay-as-you-go" convenience lies a growing risk that many organizations are dangerously unprepared for.
The Allure: Why Businesses Love SaaS
The explosion of SaaS isn't an accident. It solved the biggest headaches of traditional IT:

• Agility & Scalability: You can onboard a hundred employees tomorrow with the click of a button. There’s no need to buy new servers or wait for hardware shipments.
• Zero Maintenance: The "service" part of SaaS means the provider handles all the patching, security updates, and infrastructure management. Your IT team can finally focus on innovation rather than "keeping the lights on."
• Predictable Costs: Shifting from heavy upfront Capital Expenditure (CapEx) to a monthly Operational Expenditure (OpEx) makes budgeting smoother and lowers the barrier to entry for high-end tools.
• Work-from-Anywhere: SaaS is natively cloud-born, making it the perfect backbone for the hybrid and remote work era.

The Hidden Trap: The Risks You Didn't Sign Up For
While the software itself is managed by the provider, the data you put into it is a different story. Many businesses fall into a false sense of security, assuming that "in the cloud" means "safe forever." This leads to significant risks:
1. The Shared Responsibility Myth
Every major SaaS provider (Microsoft, Google, Salesforce) operates under a Shared Responsibility Model. They guarantee the infrastructure and the uptime of the application, but you are responsible for the data. If a user accidentally deletes a folder, or a rogue admin wipes a database, the provider is usually under no obligation to get it back for you.
2. The Lack of a "Time Machine"
SaaS platforms are built for collaboration, which means they are constantly syncing. If ransomware hits your local machine and syncs to the cloud, your cloud data is encrypted instantly. Most SaaS providers don't offer the granular, point-in-time recovery needed to "roll back" your entire environment to a clean state.
3. Data Silos and Loss of Control
When your data lives on someone else's servers, you are subject to their retention policies. If you stop paying your subscription, your data is often deleted within 30 to 90 days. If the provider has an outage, you are locked out of your own business intelligence.
Conclusion: Don't Let Convenience Become a Liability
SaaS is the engine of modern business, providing unparalleled speed and flexibility. But an engine without a brake is a hazard. By partnering with a dedicated, independent backup solution like Keepit, you can enjoy the benefits of the cloud with the peace of mind that your data—the lifeblood of your company—is always under your control, no matter what happens in the production environment.

In an era where "the cloud" has become the default operating environment for businesses worldwide, a dangerous misunderstanding persists. Many organizations believe that by moving to a hyperscaler like Microsoft or Google, they have outsourced their risk.
To peel back the layers of this misconception, we sat down with the CEO of ITValue4u, Nico van Houwelingen to discuss the "Shared Responsibility Model" and why the gap in cloud security is wider than most realize.
The Interview
Interviewer: Welcome. We’re here to talk about the hidden risks of the cloud. Most companies feel safe once they’ve migrated to a hyperscaler. Is that confidence misplaced?
Nico van Houwelingen: It’s not that the confidence is misplaced—it’s that it is often directed at the wrong things. Hyperscalers are brilliant at infrastructure. They guarantee that the "lights stay on" in the data center. But there is a massive difference between a platform being available and your data being recoverable. That is the core of the Shared Responsibility Model, and that’s where the danger lies.
1. The Myth of "The Cloud is the Backup"
Interviewer: Let’s dive into the specifics. What is the biggest danger you see in how companies interpret the Shared Responsibility Model?
Nico van Houwelingen: The most common danger is the assumption that high availability equals a backup. Hyperscalers replicate your data across multiple data centers so that if one server fails, you don't notice. But replication is not a backup. If a user accidentally deletes a file, or if ransomware encrypts your database, the hyperscaler faithfully "replicates" that deletion or encryption across all sites instantly. Without a separate backup, you are simply watching your data vanish in real-time, everywhere.
2. The 30-Day Retention Trap
Interviewer: But these platforms have "Recycle Bins," right? Isn't that enough of a safety net?
Nico van Houwelingen: It’s a safety net with a massive hole in it. Most hyperscalers have a default retention period—often just 30 to 90 days. We’ve seen many cases where a company discovers a data loss event months after it happened—perhaps a disgruntled employee deleted files before leaving, or a silent script error corrupted a folder. By the time they notice, the data has been purged from the provider's systems. It’s gone. Permanently.
3. The Single Point of Failure (The "All Eggs" Risk)
Interviewer: You often speak about the need for separation. Why is it a risk to keep your backups within the same cloud environment?
Nico van Houwelingen: This is a critical point. If your production data and your backups are both sitting in the same Entra ID tenant, you have a single point of failure. If an admin account is compromised or if there is a massive regional outage at the provider, you lose access to everything at once. You cannot use your backup to restore your business if the keys to the backup are locked inside the burning building. Your backup must be separate from your production environment and held by a different entity entirely.
4. Configuration and Identity Vulnerability
Interviewer: We talk a lot about files, but what about the infrastructure itself, like Entra ID?
Nico van Houwelingen: This is the invisible risk. Companies forget that their "identity"—their users, groups, and permissions—is also data. If your Entra ID (formerly Azure AD) is corrupted or wiped, no one can log in. You can have all the file backups in the world, but if you can't verify who your employees are, you can't restore anything. Under the Shared Responsibility Model, protecting your identity configuration is 100% your job, not Microsoft’s.
5. The Solution: Why ITValue4u Recommends Keepit
Interviewer: Given these risks, how should a CEO or IT Director sleep better at night?
Nico van Houwelingen: You need a solution that honors the principles of Data Sovereignty and Isolation. That is why we partner with Keepit. Keepit is the only vendor-independent cloud dedicated to SaaS data protection.
It provides exactly what the hyperscalers don't:

• Total Isolation: It runs on its own independent infrastructure, completely separate from Microsoft or Google.
• Immutability: Using blockchain technology, Keepit ensures your backups cannot be changed or deleted by ransomware.
• Ease of Recovery: It allows you to "teleport" data back into your production environment with a few clicks.

My advice is simple: Enjoy the benefits of the hyperscalers, but never let them be the sole custodians of your company's future. Secure your data separately, or you don't truly own it.
Does your organization have a "Plan B" that lives outside your primary cloud? Contact ITValue4u today to discuss how Keepit can bridge the gap in your Shared Responsibility Model.

In the world of enterprise IT, few names carry as much weight as those who have navigated the complex infrastructures of global powerhouses. At ITValue4u, our sales strategy is led by Jozua van der Deijl, a veteran of the industry. With a proven track record leading sales initiatives for corporate giants like Canon and Hitachi Data Systems, Jozua brings a "big picture" perspective to data management and security.
Today, we sit down with Jozua to discuss how he translates his experience with global corporations into winning strategies for modern cloud resilience.
The Interview
Interviewer: Jozua, your background at companies like Canon and Hitachi suggests a deep understanding of high-stakes data environments. How does that experience influence your approach at ITValue4u?
Jozua van der Deijl: In the corporate world, data isn't just an asset; it’s the lifeblood of the brand. At Hitachi, we were dealing with massive scales of data where downtime wasn't just an inconvenience—it was a multi-million dollar disaster. I’ve brought that "enterprise-grade" mindset to ITValue4u. We don't just look at software; we look at business continuity and risk mitigation on a holistic level.
1. The Shift from On-Premise to SaaS Risks
Interviewer: You’ve seen the transition from traditional on-premise storage to SaaS. What is the most successful way you’ve found to explain the new risks to executives?
Jozua: The most successful approach is stripping away the "cloud magic." A few years ago, everyone knew where the server was and who was responsible for it. Today, there’s a dangerous "out of sight, out of mind" mentality. I ask executives: "If your SaaS provider had a major regional failure today, do you have a copy of your data that isn't dependent on their infrastructure?" When they realize the answer is "no", the conversation shifts from a technical update to a strategic necessity.
2. Overcoming the "Budget Barrier"
Interviewer: Budgets are always tight. How do you successfully convince a CFO that they need an additional, separate backup solution for Entra ID or Microsoft 365?
Jozua: I frame it in terms of Insurance vs. Recovery Costs. I’ve seen companies spend weeks—and hundreds of thousands of Euros—trying to manually rebuild an identity environment or recover lost data after a ransomware attack. By comparing the modest cost of a dedicated solution like Keepit to the catastrophic cost of a total business standstill, the ROI becomes crystal clear. It’s about buying the certainty that you can reboot your business in hours, not weeks.
3. The Power of "Vendor Neutrality"
Interviewer: You emphasize that backups must be separate and isolated. Why is this such a successful selling point in your corporate strategy?
Jozua: Because it’s a fundamental rule of risk management: Diversify. during my time at Hitachi, we never advised putting all your eggs in one basket. If you use Microsoft for production and Microsoft for backup, you have a jurisdictional and technical monopoly. I show our clients that by using Keepit, they gain true "Cloud Sovereignty." Keepit’s independent data centers mean that even if the hyperscaler’s ecosystem is compromised, the backup is on a completely different, unlinked island. That level of separation is a massive "aha!" moment for my clients.
4. Addressing the Modern Identity Crisis (Entra ID)
Interviewer: Entra ID backup is often overlooked. How do you successfully highlight this specific danger?
Jozua: I call Entra ID the "Master Key." In a corporate environment, if you lose your keys, you can’t get into the building, the vault, or the files. I explain to my customers that their entire security architecture—who can access what—lives in Entra ID. If that configuration is lost or corrupted, their business is essentially "ghosted." Successfully positioning Entra ID backup is about protecting the logic of the company, not just the files.
5. Why Keepit is the "Winning Move" for ITValue4u Customers
Interviewer: Finally, what makes the Keepit-ITValue4u partnership so successful in the eyes of your customers?
Jozua: It’s the simplicity of the truth. Keepit is the only vendor-independent cloud specifically built for this purpose. It offers blockchain-verified immutability—meaning the data cannot be changed by anyone, not even us.
When I tell a customer that their data will be stored in a separate legal jurisdiction, on a separate physical infrastructure, and protected by blockchain, they know they are getting the same level of security they would expect at a company like Hitachi or Canon. We aren't just selling a backup; we’re selling the ability to say "We’re safe" to their stakeholders, no matter what happens in the cloud.
Is your SaaS strategy missing its safety net? Reach out to Jozua and the team at ITValue4u to ensure your corporate data is truly sovereign and secure.

Even with the rapid advancement of AI and security technologies, many organizations still fall victim to the same fundamental oversights. Cybercriminals aren't always looking for a "new" way in—they are looking for the "quietest" way in.
Here are the five most underestimated cybersecurity risks that continue to threaten business continuity today, and why ITValue4u is your essential partner in neutralizing them.
1. The "Entra ID" Blind Spot (Identity as a Target)
Most companies view Microsoft Entra ID (formerly Azure AD) as a utility, not a database. However, your identity infrastructure is the most valuable target in your organization. If an attacker compromises your Entra ID tenant, they don't just steal data—they become the "admin" of your entire digital existence.

• The Risk: Many firms have zero backup of their identity configurations, users, or permissions. If wiped, you cannot "log in" to recover anything else.

2. The Shared Responsibility Illusion
The biggest myth in the cloud era is that the provider (Microsoft, Google, Salesforce) is responsible for your data. In reality, they only protect the infrastructure.

• The Risk: Accidental deletion, internal rogue actors, or ransomware-driven data wipes are your problem to solve. Without a third-party, isolated backup, you are operating without a safety net.

3. Shadow AI and Unsanitized Data Inputs
As employees rush to use generative AI to increase productivity, they often feed sensitive corporate data, credentials, or proprietary code into public AI models.

• The Risk: This "Shadow AI" creates a data leak that is almost impossible to claw back. Furthermore, AI-driven phishing attacks are now so sophisticated that traditional "look for the typo" training is completely obsolete.

4. Configuration Drift in SaaS Environments
Security isn't a "set and forget" task. Over time, permissions are granted but never revoked, "temporary" guest access becomes permanent, and security policies are bypassed for convenience.

• The Risk: This "drift" creates a porous security perimeter. Attackers don't "break in"; they simply find a forgotten, misconfigured door and walk right through.

5. Lack of Backup Air-Gapping (The "Single Cloud" Trap)
If your production data and your backups live in the same cloud ecosystem, they share the same fate. A single administrative compromise or a catastrophic regional outage can destroy both your live environment and your "safety" copy.

• The Risk: True resilience requires isolation. If your backup isn't physically and logically separated from your production environment, it isn't a reliable backup—it's just a duplicate at risk.

Why ITValue4u is Your Strategic Ally
Identifying these risks is only the first step. Implementing the right measures to mitigate them requires deep expertise and a proven methodology. At ITValue4u, we specialize in closing the gap between cloud convenience and enterprise security.

• Tailored Advisory: We don't believe in "one size fits all." We analyze your specific footprint to identify where your identity and data are most vulnerable.
• Sovereign Solutions: We advocate for and implement world-class solutions like Keepit, ensuring your data is backed up on independent infrastructure, completely separate from your production cloud.
• Future-Proofing: Our team helps you navigate the complexities of Data Sovereignty and the Shared Responsibility Model, ensuring you remain compliant and resilient against the threats of tomorrow.

Don't wait for a breach to discover your vulnerabilities. Contact ITValue4u today for a comprehensive security consultation and reclaim control over your digital future