The Big Office365 Misconception
Many people make unqualified assumptions about Office365. One of the worst is assuming all your email and data in Office365 are backed up and easily recoverable. If that were true, why would Microsoft and others be selling backup services for Office365?
The misunderstanding falls between Microsoft’s perceived responsibility and the user’s actual responsibility of protection and long-term retention of their Office 365 data. The backup and recoverability that Microsoft provides and what users assume they are getting are often different. Meaning, aside from the standard precautions Office 365 has in place, you may need to re-assess the level of control you have of your data and how much access you truly have to it.
Microsoft Office 365 offers geo redundancy, which is often mistaken for backup. Backup takes place when a historical copy of data is made and then stored in several locations, so if data is lost, accidentally deleted or maliciously attacked, for example — there will be an easily accessible copy elsewhere. Geo redundancy, on the other hand, protects against site or hardware failure, so if there is some type of infrastructure crash or outage, your users will remain Always-On and oblivious to these underlying issues.
6 Reasons Why Backing up Office365 is Critical
As a robust and highly capable Software as a Service (SaaS) platform, Microsoft Office 365 fits the needs of many organizations perfectly. Office 365 provides application Availability and uptime to ensure your users
never skip a beat, but an Office 365 backup can protect you against many other common use cases.
By talking with hundreds of IT professionals across the globe who have migrated to Office 365, six pitfalls in data protection remain:
Accidental Deletion
Geo redundancy can’t protect against every type of data loss. For example, if you delete a user, whether you meant to or not, that deletion is replicated
across the network.
The native recycle bins and version histories included in Office 365 can only protect you from data loss in a limited way, which can turn a simple recovery into a big problem after Office 365 has geo-redundantly deleted the data forever.
There are two types of deletions in the Office 365 platform, soft delete and hard delete. An example of soft delete is emptying the Deleted Items folder. It is also referred to as “Permanently Deleted.” In this case, permanent is not completely permanent, as the item can still be found in the Recoverable Items mailbox.
A hard delete is when an item is tagged to be purged from the mailbox database completely. Once this happens, it is unrecoverable, period.
Unless there is a backup solution at work in the background.
Retention Policy Gaps and Confusion
The fast pace of business in the digital age lends itself to continuously evolving policies, including retention policies that are difficult to keep up with, let alone manage. Just like hard and soft delete, Office 365 has limited backup and retention policies that can only fend off situational data loss, and is not intended to be an all-encompassing backup solution.
For example, after an employee leaves your company, Microsoft only keeps that ex-employee’s data for 90 days, depending on the specific settings. Microsoft is only in charge of upholding the retention policy stated in the service agreement, and anything more would be considered breaking contract. Backing up data associated with ex-employees is critical, and IT admins are often mistaken on the level of coverage they have until that critical data disappears.
With an Office 365 backup solution, a longer, more accessible retention policy is obtainable to protect and store all your data in a single location, making recovery fast, easy and reliable.
Internal Security Threats
The idea of a security threat brings to mind hackers and viruses. However, businesses experience threats from the inside, and they are happening more often than you think. Organizations fall victim to threats posed by their very own employees, both intentionally and unintentionally.
Access to files and contacts changes so quickly, it can be hard to keep an eye on those in which you’ve installed the most trust. Microsoft has no way of knowing the difference between a regular user and a terminated employee attempting to delete critical company data before they depart. In addition, some users unknowingly create serious threats by downloading infected files or accidentally leaking usernames and passwords to sites they thought they could trust. A certain level of education is needed to combat these issues, but human error and malice will always pose a threat without proper safeguards like a backup in place.
External Security Threats
Malware and viruses, like ransomware, have done serious damage to organizations globally just this past year. Not only is company reputation at risk, but the privacy of internal and customer data as well. Reputation damage control is not easy after a breach
External threats can sneak in through emails and attachments, and it isn’t always enough to educate users on what to look out for — especially when
the infected messages seem so compelling. Exchange Online’s limited backup/recovery functions are inadequate to handle serious attacks. Regular backups will help prevent an external attack from getting out of hand.
Legal and Compliance Requirements
Sometimes you need to unexpectedly retrieve mailboxes or other types of data amid legal action. Something you never think it is going to happen to you until it does. Microsoft has built in a couple safety nets, (in the form of In Place Hold and Litigation Hold settings) but again, these are not a robust backup solution capable of keeping your company out of legal trouble. For example, if you accidentally delete a user, their on-hold mailbox is also deleted.
Legal requirements, compliance requirements and access regulations vary between industries and countries, but fines, penalties and legal disputes are
three things you don’t have room for on your to-do list.
Managing Hybrid Email Deployments and Migrations to Office365
Organizations that adopt Office 365 typically need a window of time to serve as a transition window between on-premises Exchange and Office 365
Exchange Online. Some even leave a small portion of their legacy system in place to have added flexibility and additional control. These hybrid email deployments are common, yet pose additional management challenges. The right Office 365 backup solution should be able to handle hybrid email deployments, and treat exchange data the same, making the source location irrelevant.
Conclusion
Go ahead and take a closer look. There’s the gap you may not have been aware of before.
You already made a smart business decision by deploying Microsoft Office 365, now find a backup solution that offers you both complete access to your Office 365 data and complete control of your Office 365 data to avoid the unnecessary hazards of data loss.