As businesses shift resources to the cloud, Microsoft 365 (previously known as Office 365) is quickly becoming the standard. Cloud-based software can save your organization money and downsize your premise server environment, but it can also lead to a false sense of security if you assume Microsoft will handle all your data retention and recovery needs. Data loss can be malicious or accidental – either way, gaining access to deleted or encrypted files is critical to business continuity.
While some licensing levels of Microsoft 365 include data loss prevention and litigation hold options, these are not the same as a backup. These options do not create a second copy of your data that is stored in a separate physical location, and they are not designed for fast restore of deleted emails or data. Your data is important, and backing up cloud data is just as important as backing up data that resides on servers in your building. That false sense of security will quickly evaporate if you find yourself in a position of having data deleted, intentionally or otherwise. This could happen as a result of human error or system error. Microsoft has geographic redundancies in place to protect your data, but nothing short of an independent backup guarantees you will get it back.
5 Common Data Loss Scenarios
- A user deletes emails inadvertently without realizing it. If a user deleted a folder of emails sometime in the past, beyond the 30 day recycle bin period, there is no way to restore it. Geo-redundancy can’t protect against every type of data loss. For example, if a user gets deleted, whether intentionally or not, that deletion is replicated across the Microsoft network.
- Internal security threats. The idea of a security threat brings to mind hackers and viruses. However, businesses experience threats from the inside, and they are happening more often than you think. Organizations fall victim to threats posed by their very own employees, both intentionally and unintentionally.
- External security threats. Malware and viruses, like ransomware, have done serious damage to organizations globally just this past year. Not only is company reputation at risk, but the privacy of internal and customer data as well. Reputation damage control is not easy after a breach. External threats can sneak in through emails and attachments, and it isn’t always enough to educate users on what to look out for — especially when the infected messages seem so compelling. Incidentally Veeam recently issued a report saying the average time from data breach to discovery is 140 days.
- Data corruption beyond repair. Again, any corruption to cloud based files or emails will replicate across the Microsoft ecosphere. Getting the corrupted file back may not be easy or possible, especially if not discovered right away.
- Legal compliancy requirements. Often business are required to retain emails and data for a period of time. M365 has no means of guaranteeing this.
For all these reasons and more, Safety Net has reviewed Microsoft 365 backup options and landed on a product called AvePoint as a solution. AvePoint will backup your M365 tenant and does so painlessly and automatically. Backups include email, SharePoint, OneDrive for business, Teams, and more. Backup retention is infinite. If you need to find one email from 18 months ago, AvePoint will have it. Consider it low-cost insurance for your important data.