Introduction
Do you have control of your Microsoft 365 data backups, or do you think “Microsoft takes care of it all.”
But if you really think about it — are you sure?
The misconception that Microsoft fully backs up your data on your behalf is quite common, and without a shift in mindset, this responsibility could have damaging repercussions when left unattended.
Ultimately, you must ensure you have access to and control over your Exchange Online, SharePoint Online, OneDrive for Business and Microsoft Teams data. Microsoft deleted data for emails and mailboxes are kept for about a month, and Sharepoint and OneDrive deleted data are kept for about 3 months. Maybe it is best to look at extending this period for the recovery of Microsoft 365 emails and data and added protection against many other security threats.
Reasons to use a Microsoft 365 backup provider
Accidental Deletion If you delete a user, native recycle bins and version histories included in Microsoft 365 can only protect you from data loss in a limited way, which can turn a simple recovery from a proper backup into a big problem after Microsoft 365 has geo-redundantly deleted the data forever, or if the retention period has passed. There are two types of deletions in the Microsoft 365 platform, soft delete and hard delete. An example of soft delete is emptying the Deleted Items folder. It is also referred to as “Permanently Deleted.” In this case, permanent is not completely permanent, as the item can still be found in the Recoverable Items folder. A hard delete is when an item is tagged to be purged from the mailbox database completely. Once this happens, it is unrecoverable.
Data Retention Policy Gaps Microsoft 365 has limited backup and retention policies that can only fend off situational data loss, and is not intended to be an all-encompassing backup solution. Another type of recovery, a point-in-time restoration of mailbox items, is not in scope with Microsoft. In the case of a catastrophic issue, a backup solution can provide the ability to roll back to a previous point-in-time prior to this issue and saving the day. With a Microsoft 365 backup solution, there are no retention policy gaps or restore inflexibility. Short-term backups or longterm archives, granular or point-in-time restores, everything is at your fingertips making data recovery fast, easy and reliable.
Internal & External Security Threats The idea of a security threat brings to mind hackers and viruses. However, businesses experience threats from the inside, and they are happening more often than you think. Organizations fall victim to threats posed by their very own employees, both intentionally and unintentionally. Access to files and contacts changes so quickly, it can be hard to keep an eye on those in which you’ve installed the most trust. Microsoft has no way of knowing the difference between a regular user and a terminated employee attempting to delete critical company data before they depart. In addition, some users unknowingly create serious threats by downloading infected files or accidentally leaking usernames and passwords to sites they thought they could trust. Another example is evidence tampering. Imagine an employee strategically deleting incriminating emails or files — keeping these objects out of the reach of the legal, compliance or HR departments. External threats can sneak in through emails and attachments, and it isn’t always enough to educate users on what to look out for — especially when the infected messages seem so compelling. Exchange Online’s limited backup/recovery functions are inadequate to handle serious attacks. Regular backups will help ensure a separate copy of your data is uninfected and that you can recover quickly
Legal And Compliance Requirements Sometimes you need to unexpectedly retrieve emails, files or other types of data amid legal action. Something you never think is going to happen to you until it does. Microsoft has built-in a couple of safety nets (litigation hold and retention). But, these are not a robust backup solution that will keep your company out of legal trouble. For example, with a backup solution, if you accidentally delete emails or documents before implementing a legal hold, you’ll still be able to get them back to ensure you meet your legal obligations. Legal requirements, compliance requirements and access regulations vary between industries and countries, but fines, penalties and legal disputes are three things you don’t have room for on your to-do list.