We love Office 365 here at Advatek and it’s at the core of our productivity suite. Indeed, many companies across Wales have made the jump to office 365 and all the benefits it brings in terms of productivity.
However, one thing many companies take for granted in Office 365 is backup. Of course Microsoft is protecting all data in O365! Its easy to get back any lost data because it’s all backed up in the Cloud! WRONG!
You may be surprised to hear that Office 365 DOES NOT have the daily backup and archiving capability that may be needed after data is automatically removed and deleted from the recycle bin, or if, let’s say a user intentionally (or indeed unintentionally) deletes their data.
To see what Office 365 does and does not do, lets take a look at some scenarios where data loss might occur and the ‘out-of-the-box’ features that O365 comes to mitigate this…
Cyber Threat Protection
Here, we’re talking about Ransomware and Malware protection. Now, it’s true that Microsoft does indeed have malware protection in place, but unfortunately it does not guarantee that a user does not corrupt their data if it becomes infected by a ransomware or malware attack. At this point you could call on the built-in data protection measures in O365, but this could be very painful indeed as well as time-consuming, and in the end, there is no guarantee of recovery using the basic tools.
Accidental, Purposeful or Malicious deletion of data can and does occur in many organisations – Users delete data – but how can you get it back if needs be? Office 365 (Exchange 365) has a default of 14 days retention, which can be increased to 30 days. After That? It’s gone. Unrecoverable. The same applies if a user account is deleted. And we’re sure you’ve heard about GDPR to point where you’re sick to the back teeth of hearing about it, but amongst a whole series of other things aside from GDPR compliance, a data retention period of 30 days could be a problem. A big one.
There are very strict limits on liability when it comes to Office 365 contracts, and Microsoft are liable for the infrastructure, NOT the data you own and control – that responsibility and liability rests entirely with you.
Compliance and GDPR
Data Protection laws mean that some data must be kept for a minimum, of 6 years with GDPR coming into force on May 25th, a potential 1 MONTH of backup history that Microsoft provides just isn’t enough.
What this means
Well, quite simply, with Office 365, it’s your data — you control it — and it is ultimately your responsibility to protect it. This means you need a some form of third-party tool that can back up and recover all Office 365 data should the worst happen. There are a number of tools that can do this but at Advatek we recommend and use Veeam due its flexibility in backing up Hybrid environments too.
Take a look at the demo video below to see how Veeam Backup for Office 365 works: