Table of Contents Hide
Many businesses face a dilemma when it comes to Office 365 data safety. You may think your data is already safe just because it’s located in the cloud. As good as it may sound, this, however, is not the case. Your Office 365 still needs protection. Accidental deletions, security threats and policy-related gaps can lead to data loss. In this post, we are going to discuss the top six reasons to get a solid backup solution.
Reason 1: The Shared Responsibility Model
Shared Responsibility Model plays a huge role in Microsoft 365 data protection. The concept of Shared Responsibility is put forward by Microsoft. The Model implies a division of data protection tasks between the user and provider. The provider should continuously deliver the Microsoft 365 platform to its customers worldwide. This means that the Office 365 infrastructure and applications should run smoothly for every customer around the globe. The users, on the other hand, have the sole responsibility to protect their data located in Microsoft data centers from all possible threats. This means that Microsoft is not responsible for data loss that could be caused by accidental deletions, ransomware attacks, insider threats or retention policy gaps.
Illustration: Benzoix / Vecteezy
Microsoft Defender — is an inti-virus solution that offers advanced threat protection. It can guard your emails and your SharePoint Online, Teams and OneDrive attachments in real time. Microsoft Defender can detect and stop a phishing attack before it takes place.
Data encryption — Microsoft 365 allows you to protect your Exchange online emails, SharePoint Online files and Teams items by using a ciphertext encryption. With Encryption, you can transfer private data in an unreadable state, allowing only certain individuals to access it by using a decryption key.
Single item recovery — If you have deleted your Exchange online email message, you can search for it and recover it if the retention period for the item has not yet expired. You can recover messages that were automatically deleted due to the retention policies, and you can also recover messages that were deleted by pure accident.
eDiscovery tools — are a collection of innovative tools that can boost your data protection. The main components of eDiscovery tools are:
- Advanced search — protect your content by quickly finding the needed items in your Exchange Online, OneDrive, SharePoint Online sites and Teams. After you find the items, you can download them to your machine.
- Role-based access — you can assign permissions to one person or a group of people to manage certain technical or high-level security tasks. Limiting the number of people that can access your data can improve your Office 365 security.
- Legal hold — if you need to preserve some information for legal purposes, you can place a legal hold on it. A legal hold prevents your data from being deleted. The solution allows you to set up communication with a case custodian. A case custodian is an administrator who is responsible for managing specific information. You can send a legal hold notification to request a custodian to place a legal hold on a document or account.
- Case management — You can monitor and manage activities associated with specific cases. You can allow only the assigned staff to access information on the case. And, you can give permission only to certain employees to view the case contents.
- Analytics — Analytics allows you to put similar documents into groups. That way you can organize data and decrease the number of documentation to be reviewed. When you are reviewing a set of documents, each document is assigned a theme. The e-discovery tools can help you find other documents with similar themes. This is helpful when you try to analyze a case, research an issue or a certain topic.
Clearly, Microsoft offers amazing features to protect your data. However, it doesn’t guarantee protection for your data when it comes to data loss. You should put in some effort to keep your business data safe, and you can do it by running frequent backups. Backups can ensure that your data is available no matter what your data loss scenario is. Therefore, you should find an efficient backup solution for your business to ensure availability and recoverability of your data 24/7. A modern Office 365 backup solution is lightweight, user-friendly, easy to install and affordable. It is capable of:
- Running incremental backups
- Performing granular recoveries
- Backing up your data onsite and offline
- Scheduling your backup jobs
- Displaying and monitoring your backups
- Setting up data retention policies
- Quickly searching your backups for specific items
- Encrypting your data at rest or during transfer
- Proving a role-based access control
- Automating backup processes
Reason 2: 24/7 Recoverability
Having even the slightest downtime can be crucial for some businesses. Those businesses include law and accounting firms, medical clinics, banks and IT companies. If you need your data to be available around the clock, you should create an Incident response plan. This plan should help to deal with a data loss crisis whether it’s due to ransomware attack or other security threat. Your incident response plan should include two critical markers—RTOs (Recovery Time Objectives) and RPOs (Recovery Point Objectives). Your RTOs should state how much time you can afford to lose if your machine and Microsoft 365 account become compromised. Your RPOs determine how much data you could possibly lose without it being disastrous for your business. If you can afford zero downtime, you need a rigorous backup plan to make your business up and running no matter the situation. An efficient backup software can easily recover your Exchange Online, OneDrive for Business and SharePoint Online data from your Office 365 backups. To ensure that good backups are available when you need them, you should backup your Microsoft 365 data on a regular basis.
Reason 3: Accidental Deletions
Accidental deletions are often the reason for data loss. An employee can delete an email or document and then realize that the deleted data was important. Another type of deletion takes place when the retention policy for a certain item expires and the item gets permanently deleted. This often happens, when an employee leaves the company. The former employee’s account can be automatically removed by the admin and end up in the recycle bin. From there it gets hard-deleted upon the expiration of the retention policy. Microsoft 365 has a 30-day retention period for the soft-deleted items. This means that items in the recycle bin can be recovered within this period. If it’s past a 30-day time-frame, the items cannot be recovered.
However, if you still need to retrieve your data, the only option you have is to recover from a backup. Thus, if you have backed up your data, you have nothing to be afraid of. You can use an advanced search to find the lost item quickly. And, then, you can use a granular recovery to retrieve just that specific item without running a full backup.
Reason 4: Ransomware Attacks
Ransomware attacks can be detrimental to your business. That’s why you should always protect your OneDrive for business, Exchange Online Mailboxes and SharePoint Online sites from data loss due to ransomware invasions. Microsoft 365 has a limited native protection against cyber threats. It uses Microsoft Defender to protect your Exchange Online mailboxes from cyber attacks. Microsoft Defender can detect cyber invasions in real time and prevent the malicious actors from logging into your systems. Nevertheless, Microsoft Defender cannot make your data a hundred percent secure; your data is still vulnerable to the outside threat. Needless to say, backups remain the best option to ensure your data availability in case of a cyber invasion. Running regular incremental backups can get you prepared for a potential cyber attack. Incremental backups work by copying only blocks of data that have changed since the previous backup. Thus, they can save you plenty of time and storage space. Then, when the time comes, you can use your backups to recover your data in full and get your business back on track with minimum downtime.
In addition, Microsoft 365 advises employees follow cyber security best practices by adhering to the following cybersecurity tips:
- Avoid clicking the link that screams: “Open me now!”
- Be careful of the unknown senders
- Watch out for impersonal greetings with no name
- Look for spelling errors and changed domain names
- Don’t open a suspicious link or attachment
- Report the potential threat to the manager
- Delete a compromised email
Reason 5: Insider Threats
In some cases, an aggravated employee may seek retribution by deleting your business data from the cloud or servers. And, it may not be as hard because someone who had been working for the company for a while knows well where the valuable information is located. The attacker may also want to get possession of the intellectual property that could be sold for big bucks to the competitors.
You should take steps towards protecting your data from possible insider threats. Microsoft 365 has native data protection features that you can use to prevent insider threats from happening:
- Assign roles. You can empower only selected people to handle your sensitive information. The less people can access your data, the more secure your data is. Assign admin roles, for example: Exchange admin, SharePoint admin and Password admin.
- Assess risks. Monitor your employees daily activities and assess possible risks. Microsoft’s risk management tool can alert you about possible threats or suspicious activities. You can generate a report that shows all activities of the user and attempted deletions. Employees with risky activities should be monitored on a regular basis.
But, at the end of the day, Microsoft’s native data protection may fail and you may end up losing data. In this scenario, backups can again save your day! Even if you have lost your data, you can still quickly restore it by running a full or granular recovery. In addition, you can double up on security by applying RBAC (Role-based access control) to protect your backups. RBAC enables you to assign certain admins to run your backup jobs and other admins to perform recovery jobs. Separation of duties reduces human error and prevents unauthorized staff from accessing your data.
Reason 6: Legal Compliance
Your business is required by law to store data for legal compliance purposes. One day, you may need to present evidence in a courtroom. Other times, you may need to show a copy of your financial records. If your business is located in the United States, get familiar with the Sarbanes-Oxley Act. If you are in Europe, get knowledgeable about the GDPR (General Data Protection Regulation) policies.
To keep up with legal compliance, backup your SharePoint Online sites, OneDrive for business and Exchange online emails, and store your backups onsite and offline. If you have accidentally deleted an email account or a document and it’s passed the 30-day retention policy, you can still restore your information from a backup. Modern backup software should include the advanced search option. The search allows you to quickly browse your backups for the item you need. Once you insert a keyword in the search box, your software scans your ExchangeOnline, OneDrive and Sharepoint sites and finds the requested items.
Your data in the cloud needs ongoing protection. Microsoft 365 has native data protection features and tools that you can use to keep your data safe. However, Microsoft is not responsible for the safety of your data. Therefore, you need to purchase a third party backup software to keep your data secure 24/7. A modern backup solution ensures that your data is:
- Recoverable under any circumstances
- Protected with the most advanced tools
To learn more about Office 365 security best practices, click here.