The widespread adoption of SaaS applications like Microsoft Office 365 has enabled organisations all around the world to quickly embrace remote working. While this is great news for business continuity, it may have left a gap in your data management and data protection strategy.

The accelerated adoption of Office 365 has in many cases been driven by user and organisational need – rather than as part of a timely IT implementation – meaning that backup, recovery and data protection in Office 365 has not been the primary concern. There is also a misconception that Microsoft’s native data protection for Office 365 will suffice. In most instances, it won’t. Something even Microsoft is willing to advise against, instead recommending users seek out third-party protection solutions.

As remote working becomes the “new normal” and the use of Office 365 continues to grow, it’s vital to turn your attention to an enterprise level data protection strategy including Office 365 backup.

Key reasons that native protection for Office 365 alone is not enough

Research conducted on behalf of Trustmarque and our partners Redstor by the IDC shows that sensitive data is being compromised due to increased sharing and storing of files in the cloud as early Office 365 adopters expand their use, often without the right protection. An onslaught of new Office 365 features – that employees are only too eager to try – has expanded its data sprawl beyond the control of IT teams and beyond the limited native protection of Office 365.

7 Important Reasons for a Diverse Office 365 Backup Strategy

Backup for O365

1) Avoid dependency on one vendor

​​​​​​​It is not advisable for an organisation to be wholly dependent on a single cloud vendor. If organisations don’t have control of their own data, they will struggle to act immediately once an issue becomes apparent. Even when data is retrievable, the process could end up being long and complicated, and there is the added problem of all-or-nothing destructive restores

2) Determine your own retention policies

Office 365 has limited backup and retention policies and it is not intended to be an all-encompassing backup solution. A simple recovery can be hugely problematic if data has fallen out of the retention period and deleted forever. You can easily avoid this with a data management service that provide retention periods from months to years and whose sole purpose is to ensure that your data can be recovered directly back to Office 365.

3) Address compliance issues

When someone deletes a user or users from Microsoft’s Active Directory – intentionally or otherwise – once they are outside of retention their Sharepoint sites and OneDrive data are also deleted. However, you may need those files for situations like legal action in months or years to come. If you are to retain access to data after a user has been removed from Active Directory, it’s imperative to have a backup to a third-party backup provider, not least for compliance purposes.

4) Recover everything in case of deletion

​​​​​​​What happens when users accidentally or intentionally delete or overwrite files? Recycle bins and version histories in Office 365 provide limited protection. If you delete a user, intentionally or not, that deletion is replicated across the network. Once an item is purged from the mailbox database, it is unrecoverable. This could have far-reaching effects if a rogue employee decides to delete incriminating emails or files. Microsoft’s backup and retention policies can only protect you from data loss up to a certain point, and can’t take the place of third-party data management solutions.

5) Prevent delays due to data loss

When data is deleted or corrupted, businesses face three major problems: loss of data, loss of time and loss of money. Microsoft provides exceptional availability and cannot be expected to focus elsewhere on extended retention or old user data. Being solely reliant on Microsoft Support for help recovering lost data can be very time consuming. The best way to avoid an issue impacting severely on business continuity is to find a third party that offers streamed, on-demand access to data at a moment’s notice.

6) Protect against ransomware attacks

How can organisations be protected from app outages, misconfigured workflows or ransomware attacks? Microsoft explicitly states that point-in-time restores of data are not in the scope of the Exchange service. Regular backups will help ensure a separate copy of your data is uninfected and that you can recover mailboxes quickly to an instance before the attack. The best data management providers offer streamed, on-demand access to all data instantly.

7) Separate roles as security standard

Companies nowadays require a separation of roles as a security standard. Having your backup in the production platform allows for a single point of failure. Office 365 administrators could also potentially assign themselves full access to search and export from Exchange mailboxes, SharePoint folders, and OneDrive locations. This would enable them to delete a file. Without third-party backup, that file, depending on the retention policy, may be irretrievable.

Simple Cloud Solutions to Protect your Office 365 Data

Trustmarque has supported many organisations with Office 365 deployment and the data protection implications.  We provide innovative data management and protection solutions, wherever your data resides; from core to edge to cloud. Specifically relevant to the protection of Office 365 data, Trustmarque and Redstor have co-developed SafeGUARD, a bespoke next-gen data management solution, offering automated cloud backup, archiving and DR.

Data Protection Specialist Daniel Beck explains the benefits of SafeGUARD: “In the current climate, the use of and reliance on Office 365 applications has grown significantly in recent weeks. Securing and protecting this data is now more critical than ever. In light of this, Microsoft recommend that you regularly backup Office 365 content and data, using third-party apps and services.

“Trustmarque’s data management solution SafeGUARD offers that protection. Backup and protection can be implemented remotely within minutes, across an organisations entire IT estate so that in the event that business critical data is lost or deleted, it can be recovered instantly. SafeGUARD is also designed to be a cost effective option, based on data volume rather than a per user model.”

Limited free trial for Office 365 backup

We know that the rapid transition to home working is placing pressure on IT teams and increasing the potential for security breaches.

We can help your organisation with its ongoing data protection and data management strategy. As well as bespoke consultation, we’re offering a free trial of SafeGUARD, our bespoke next-gen data management solution which includes Backup for Office 365.

Email [email protected] to find out more and request a free trial. We’re in IT together

By Katherine Murphy, content enthusiast