There is a common misconception that any data stored in the cloud does not need to be backed up. Although Microsoft 365 offers some very basic data protection and retention to help cover a few risks that could harm your data. It also doesn’t always protect you from some of the more detrimental issues you may face:
- Accidental Deletion: If you delete a file, folder, or a user, whether you meant to or not, that deletion is replicated across your network and may have to be restored through using a backup.
- Internal Security Threats: Many businesses experience threats from the inside, some are often unintentional like accidentally deleting a user or dealing with a breach from a lost or stolen device. Having a high-grade recovery solution mitigates the risk of critical data being lost or destroyed.
- External Security Threats: Ransomware, malware, and viruses have done significant destruction to the networks of many organizations globally in just the past year alone. An attacker intent on doing your company harm might also attempt to gain administrative access to your Microsoft 365 account via phishing, social engineering, or even taking advantage of a vulnerability in the software itself.
- Compliance Requirements: Current retention policies do not address legal hold requirements and will not stand up to a rogue employee or fake administrator purposely making changes to derail them. While a well-meaning employee attempting to save space can easily disable versioning or reduce it to a very low number rendering it practically useless. Backups will ensure you can retrieve mailbox data from any period as required for legal action or meet any regulatory compliance needs.
- Outage and Shutdown: SaaS outages are more common than you might think. Microsoft Azure suffered a substantial outage that lasted for two days in October 2020 during which people were unable to access their data. Can you imagine being unable to access any data during an outage?
- Gaps in the Retention Policy: Microsoft 365 retention policies are hard to keep up with, let alone manage. Retention policies aren’t backups. A backup will provide longer, more accessible retention for easy recovery. In addition, retention lock versions of files are stored in your Microsoft 365 account and can be counted against your storage allocation.
Microsoft operates on the shared responsibility model, meaning that they will maintain their infrastructure, but you are solely responsible for your data. If data is lost, accidentally deleted, or maliciously attacked, Microsoft is not responsible and may not be able to help you get it back.
Microsoft recommends you should use a third-party service to back up Microsoft 365 (“We recommend that you regularly back up your content and data that you store on the services or store using third-party apps and services.”) and we agree!
Use a Microsoft 365 cloud backup solution that allows recoveries at any level of granularity (email, file, folder, user, site, or subsite). One that delivers a durability guarantee not offered by Microsoft, as the smartest, safest way to keep your data secure.
If you want to learn more about how we can help you implement backups for your own network, or you are interested in learni9ng more about Microsoft 365, give our office a call.