Push to the Cloud Leaves a Hole in the Sky
With Microsoft pushing us towards taking as many of our applications from premises-based servers to some form of SaaS (Software as a Service) cloud-hosted technology, there’s a common misconception that because your critical data is now in the cloud, it is being backed up.
It is not!
As a matter of fact, while you can enable retention and versioning features to preserve critical files and mail, it is still your responsibility to handle all other data protection. Your failure to do so can result in really expensive data recovery.
If you’re lucky.
In unlucky cases, data recovery might not even be possible.
The next logical question is, how do I know what data is backed up by Microsoft and what data is my responsibility to back up? Here’s a chart that briefly explains who is responsible for what—what’s backed up by Microsoft organically and who’s responsible for what.
|Microsoft Backup Protection||Customer Responsibility|
|Loss of service due to hardware or infrastructure failure||Loss of data due to malicious insiders, malware / ransomware|
|Loss of service due to natural disaster or data center outage||Recovery from prolonged outages|
|Short-Term (93 days) user-error with recycle bin / version history (Including new OneDrive “Files Restore”)||Loss of data due to departing employees, deactivated accounts|
|Short -Term (14-day) administrative error with soft-delete for Groups, Mailboxes or services-lead rollback|
In Office 365, the “social” applications are the ones you use to collaborate with others—storing and sharing files. Here’s a list of examples as well as what you can back up with a proper cloud backup solution.
Exchange Online: Back up Exchange mailboxes, folders, chats, calendars, contacts, etc. Restore mail and Outlook data whenever, wherever, and export a PST on demand.
SharePoint Online: Restore site collections, sites, lists, libraries, folders, items, or documents. Keep metadata, security settings, and version history.
Office 365 Groups: Recovery of Group files, conversations, notebooks, sites, and more.
Microsoft Teams: Protect for modern collaboration scenarios—including team channels, conversations, work files, meeting items.
OneDrive for Business: Protect your OneDrive for Business content with automated backups and granular restores.
Public Folders: Protect Public Folder assets—mailboxes, messages, files, contacts, forms and postings—for secure collaboration.
Project Online: Business-critical jobs, tasks, and files are protected.
Planner: Search for and restore tasks, buckets, progress, labels, and task assignments along with your Groups and Teams.
What About all of that Teams Content?
With Teams, Microsoft has attempted to put an entire computer inside of one application that allows you to do everything from making calls to collaborating on any file in any application as if everyone was using the same gigantic computer.
This is a very ambitious offering by Microsoft, but once we get the basics down, Teams allows personal innovation to shine. Along with that shine there is an enormous amount of content created. Leaving that content naked and afraid of being lost seems like a crime.
Without proper back up, that’s exactly what that content would be.
As innovation creates more complex use cases within Teams, a company must have a competent cloud backup solution to ensure that Teams data is not lost.
When It’s Time to Recover
With a proper backup solution in place, you can recover from almost any type of event.
Granular restore: On-demand granular recovery, to restore only what you need, when you need it. Conflict resolutions ensure the most authoritative copy is recovered.
Out-of-place restore: Restore content and conversations directly to any mailbox, site, OneDrive, or Group—not just its original home.
Offline restore: Export files, mail items, or conversations directly to a local storage, so you’re covered, even when there’s loss of service.
Security rollback: Don’t just restore an individual document or version. Perform full security rollbacks to undo unintended Office 365 permissions changes.
Object-based restore: Directly locate business-critical files or emails by utilizing the full-text search capability for rapid discovery.
Point-in-time restore – Recover Teams, sites, files, calendars, or mail to a specific point in time by using a simple and intuitive calendar interface.
What About Compliance?
As a customer in the cloud, you have a responsibility to align your backup solution with your company’s needs. Since many companies have compliance needs that are far greater than provided out of the box with an Office 365 plan from Microsoft, this has created a need. As your Trusted Advisor, PEI can help you fill that need with a “right-sized” backup solution that also allows you to be compliant. Here’s a sample of what a PEI cloud backup can provide.
Right to be forgotten: Search across user Exchange mailboxes and calendars, as well as OneDrives. Remove one or multiple users’ data from your backup records to comply with user “Right to be forgotten” requests.
DSAR processing: Produce all information held by Cloud Backup on a given user by exporting the latest recovery point in their OneDrive or Mailbox to comply with EU GDPR Article 15.
Admin auditing: In addition to auditing restore operations, track any and all administrative activity including who changed a backup scope or downloaded a report.
Preserve accountability: Record the consent to purge and delete data for accountability, plus create a trail of evidence for the Defensible Deletion of the content for proof.
Validate data security: Control access to view and manage backups and restores. Security trimming based on role or Office 365 permissions.
Status monitoring: Monitor and produce reports of your protection status across Office 365 Exchange mailboxes, calendars, Groups, Teams, SharePoint, and more.
It’s Not a Question of If, but When
It’s an old adage that is more relevant today as cyber-security intrudes further and further into our lives. So when it comes to data loss/protection and you ask yourself either If or When, the answer is call PEI. We’re your trusted partner, focused on protecting your assets regardless of whether they are in the cloud or located on premise. We’re here to help you navigate the sometimes-confusing waters of technology. Contact us here or directly via firstname.lastname@example.org or 303-786-7474.
Darrin LeBlanc, PEI