Without a doubt, Microsoft Office 365 has taken the world by storm, moving organizations and some of their most sensitive data into the cloud. In late 2019, Office 365 reported a staggering 200+ million actively monthly users worldwide, and it has shown consistent growth and adoption since then.
That's no surprise as with the raw value and ease of use that Office 365 provides at its price point, many are quick to adopt the platform, rather than having to run their own servers for Exchange, SharePoint and file storage.
The problem is many organizations don't stop to ask themselves: "How is my data protected?" and take it for granted that backup and data protection are part of the package. Many are surprised to find out that Microsoft provides no clearly defined backup strategy for Office 365, even though Office 365 is actually a communications solution rather than a data protection service.
This isn't to say Microsoft provides no data protection capabilities at all. There are a few tools and features throughout the Office 365 suite that together create what you would call a baseline toolkit for retaining your Office 365 data. However, if your organization depends on having an airtight backup and recovery strategy in place, these tools are hardly likely to be enough to cover your needs.
In this article we'll cover the key reasons why you need a proper backup strategy for Office 365. We'll also demonstrate why and how Microsoft's built-in data governance and retention features can fall short in some cases.
While Microsoft is responsible for keeping the cloud infrastructure services available (which makes sense), you are accountable for protecting your data which is hosted by those services. This is commonly known as the Office 365 Shared Responsibility Model, which reminds us that maintaining service and data availability is a joint effort. The wording below from the current Microsoft Services Agreement page explains their position on data protection for their cloud services:
Service Availability: We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you've stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.
Microsoft does offer a few tools to help you provide some protection and retention services for O365, however the responsibility for protection of your data still comes down to you. Consider following industry standard protection best practices, such as the 3-2-1 backup rule. This recommends that you always have at least 3 copies of your data, stored on 2 different types of media, and at least 1 copy is offsite.
O365 does not provide a way for Exchange Online customers to take backups. This means that if an employee accidently provides a malicious user with access to their account, ransomware can infect their O365 email. Only a recent backup would be able to restore the content to safe state.
This is a major challenge for organizations. While Office 365 makes it possible to recover individual messages that have been deleted from a mailbox for a length of time, or restore an accidently deleted mailbox back at the time of deletion, offering recovery via a backup to a given point in time is not possible. Here is Microsoft's official position:
Point in time restoration of mailbox items is out of scope for the Exchange Online service. However, Exchange Online offers great retention and recovery support for your organization's email infrastructure, and your mailbox data is available when you need it, no matter what happens.
Microsoft again notes that they provide service availability and always ensure that you can access your mailbox and the single copy of your current data, but they do not back up the data itself. This has some very grave implications, especially if ransomware encrypts a user's Exchange Online mailbox. In the video below, security expert Kevin Mitnick uses tools available on the net today to easily encrypt an Office 365 mailbox in a simulated ransomware attack.
As you can see the process is quick and seamless, with the hack looking somewhat harmless to the novice user. The mailbox is encrypted and the only way to get it back without paying the ransom is to restore it to a previous point in time. This is a great example of why third-party backup solutions like 365 Total Backup (formerly Altaro Office 365 Backup) (also available for managed service providers, or MSPs) are critical for organizations of all sizes.
Keep in mind that this applies not just to O365 mailboxes and other email-related items, but also to Teams chats and files stored in OneDrive and SharePoint – core repositories that hold precious company data.
Another scenario which O365's native tools cannot help with is deliberate deletion. What if a bad actor gained access to your Office 365 admin portal and quickly ran a script deleting everything? With the various tools provided by Microsoft, recovering in this situation would be very difficult and time-consuming. A third-party backup application which uses a centralized management console would help immensely in this situation. This will save your data and your organization valuable hours of recovery time.
Many O365 customers have to manage staff under different O365 organizations. In the past, admins would have to log into each organization separately to configure any type of retention services. Whether your company is merging new business units or you have outsourced O365 management, you can now centrally manage backups across multiple organizations using 365 Total Backup (formerly Altaro Office 365 Backup).
Altaro also provides a version for Managed Service Providers (MSPs), enabling MSPs to run and manage backups for all their customers through one central multitenant console. This includes backing up all mailboxes, emails, attachments, calendars, contacts, Teams chats, and files stored in OneDrive and SharePoint across all tenants. MSPs can also use the same multitenant console to manage and monitor their customers' endpoint backups. This simplifies administration and reporting while saving time and reducing costs.
All the built-in O365 tools that we've been talking about, while effective, are only available in the Enterprise E3+ versions of O365, and even then certain tools may only be present in certain tiers.
If you're using a different version than what is listed there, the data protection capabilities of Office 365 are even more restricted. 365 Total Backup (formerly Altaro Office 365 Backup) works with a wider range of Office 365 subscription types as shown from this excerpt from the product FAQ shown below.
We support Microsoft Office 365 Business Essentials, Business, Business Premium, E1, E3 and E5 plans, and A1, A3, A5 Faculty and Student plans. Microsoft Office Pro Plus, Exchange Online Plan 1 / 2 and F1 (Kiosk) are accepted given that there is a mix of Office 365 supported subscriptions.
If the Office 365 plan does not support a service such as SharePoint or OneDrive, Altaro cannot protect that service.
While not as troublesome to admins as having no point-in-time recovery for Exchange Online, this could still be an issue for many organizations. With OneDrive for Business and SharePoint Online you are able to do point-in-time recoveries, but only within the last 30 days. If you need point-in-time restoration capabilities beyond 30 days, you'll need a 3rd party backup application for Office 365. Many organizations store critical data inside of OneDrive and SharePoint, so point-in-time capabilities being limited to just 30 days is often a deal-breaker.
With a solution like 365 Total Backup (formerly Altaro Office 365 Backup), all of the administration is automated. Microsoft 365 backups are automatically taken up to four times a day and stored in the cloud. Unlimited cloud storage of M365 backups is included in the license.
For those working in regulated industries with strict data retention policies, you should invest in a robust O365 backup solution.
It's no secret that there have been Office 365 outages in the past. O365 provides an impressive amount of uptime and a great SLA to go along with it, but almost every cloud service will face some downtime. These outages could last from seconds to several days.
Some organizations can get by without access to their O365 data, but to many businesses that continual access is critical. Using 365 Total Backup (formerly Altaro Office 365 Backup), you will get business continuity and continued access to your data in the event of a prolonged outage.
Altaro automatically performs M365 backups up to four times per day. To recover that data with 365 Total Backup (formerly Altaro Office 365 Backup) you can select the Exchange Online mailbox, Teams chat, SharePoint documents or OneDrive documents you want to restore and the recovery destination. If the O365 service is still unavailable, you can download a copy of the files to run them locally on a client's laptop until the service is restored.
Most of the data protection features in Office 365 do not provide the ability to recover that data outside of the original location. If that user account no longer exists or you want to send that data to a different mailbox, you are out of luck. A solution like 365 Total Backup (formerly Altaro Office 365 Backup) provides these additional options and gives your data recovery plan a little extra flexibility by allowing you to restore the data to different locations.
Since M365 backups are automatically taken more than once a day and retained indefinitely through your subscription, there will be many different recovery points to choose from. For example, you can restore an entire mailbox or just search and restore an individual message using item-level recovery (ILR). If you want to restore files or a mailbox to a local computer, you can even download the files as a ZIP or compressed PST file.
There is nothing worse than receiving your monthly O365 bill to discover that you are paying for unexpected storage charges. This can happen when too much data has been retained by Office 365 retention policy. Each O365 plan comes with a quota of storage. When an object in SharePoint online is deleted it goes into what's called the "Preservation Hold Library". The production data and the preservation hold library both count towards each tenant's storage quota. When you go over and above that number and need to purchase additional storage, you start to accrue an additional cost per month.
Depending on the size of the Preservation Hold Library and your O365 retention settings, it's likely that using a backup application will be more cost effective than paying extra storage fees. Each O365 subscription only provides 10 GB of storage for each user. 365 Total Backup (formerly Altaro Office 365 Backup) comes with unlimited M365 backups storage! Plus, you get many other benefits from using a backup solution which is designed for O365.
The built-in Office 365 data retention features will only support active users. If an employee leaves your organization, you need to keep paying for their O365 subscription to retain access to that data.
Using a 3rd party backup solution like 365 Total Backup (formerly Altaro Office 365 Backup), you to keep the users' data accessible and recoverable from the backup solution. If you want a copy to be automatically saved in the backup provider's cloud you will still need a backup license, but this is less than the cost of a O365 license. If you are a managed service provider (MSP), then you can pass these savings along to your tenants. It may not seem like a lot for each license, but over time that cost adds up.
If you are using O365, you have embraced the cloud-first technology world. Although we haven't seen a major data-loss event from any of the large cloud providers, the reality is that it can happen. When this eventually happens, you want to make sure you can recover your mailboxes, chats and documents. By using a third-party backup provider for your O365 data, your data gets stored in an isolated cloud storage account, so it is extremely unlikely to be affected by other cloud failures.
The backup and recovery features in O365 are scattered throughout many different tools and services. Retention policies are used to control how long data is stored after deletion. There are various tiers of hidden recycle bins that you can recover from, and you may get charged if a user goes over their quota (which may include their deleted items). You even have to use PowerShell if you have to recover an entire mailbox from deletion. Additionally, recovery features and functions can vary by O365 plan.
A 3rd party O365 backup application like 365 Total Backup (formerly Altaro Office 365 Backup) has all the functionality you'll need in a single tool. This centralized application ensures that nothing gets missed across all users. You can even see a full audit log of every backup operation. It is easy to deploy and manage your backup and recovery strategy for your Office 365 data.
There is even a version of 365 Total Backup for Managed Service Providers (MSPs). This means that, as an MSP, you can offer your customers a value-added solution with backup as a service (BaaS). This is easy to implement operate and bill for, giving you great ROI on your investment with Altaro. This version also enables MSPs to back up files on their customers' Windows-based, roaming and on-premise endpoints, for full tenant protection.
It's safe to say that, as Microsoft 365 is a communications solution rather than a data protection service, the backup tools that come with it do not provide a complete solution to address your backup and recovery strategy. While they have some value, for a comprehensive and robust solution you'll need to rely on a dedicated Office 365 backup solution like 365 Total Backup (formerly Altaro Office 365 Backup).
Office 365 backup and recovery solution with centralized backup management and unlimited storage to our secure data centers
Monthly subscription program enabling Managed Service Providers to provide Office 365 and Windows-based endpoint backup, recovery and backup management services
365 Total Backup (formerly Altaro Office 365 Backup) enables you to back up and restore all your Office 365 mailboxes, Teams chats, and files stored in OneDrive and SharePoint through an online console, allowing you to easily manage your backups. M365 data is backed up to our global private cloud as part of the package and M365 backups storage is unlimited. Lightning-fast 24/7 support is also included. A version is also available for Managed Service Providers, 365 Total Backup for MSPs, enabling them to provide Office 365 backup and recovery services and to manage and monitor all their customers' backups – including backups of their files on Windows-based endpoints – centrally through Altaro's multi-tenant, cloud-based console.
Deutsch
Français
Italiano
Nederlands
Español
