While Microsoft have a robust SLA around service availability, they explicitly do not take responsibility for protecting your user data.
Section 2 of Microsoft’s own Services Agreement states: “We strongly advise you to make regular back-up copies of Your Content. Microsoft can’t be held responsible for Your Content or the material others upload, store or share using our Services.”
Section 6B adds: “All online services suffer occasional disruptions and outages. In the event of an outage or disruption to the Service, you may temporarily not be able to retrieve Your Content. We recommend that you regularly back up Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”
Here are seven reasons why it’s important to have a diverse backup strategy:
It is a big mistake for an organization to be wholly dependent on a single cloud vendor. If organizations do not have control of their data, they will struggle to act immediately once an issue becomes apparent. Even when data is retrievable, the process could end up being long and complicated, and there is the added problem of all or nothing destructive restores.
Set your Own Retention Policies:
Microsoft 365 is not intended to include an all-encompassing backup solution. A simple recovery can be a
massive problem if data has fallen out of the retention period and Microsoft 365 has deleted it forever.
You can avoid this with a data management and protection service that allows you to set your own retention policies very easily and whose sole purpose is to ensure that your data can be recovered directly back to Microsoft 365, regardless of the state of your live data.
Address Compliance Issues:
If employees leave a company, can you prevent their files leaving with them? When someone deletes a user or users from Active Directory – intentionally or otherwise – once they are outside of retention their SharePoint sites and OneDrive data are also deleted. What if you need those files during legal action in months or years to come? If you are to retain access to data after a user has been removed from Microsoft’s Active Directory, it’s imperative to have a backup to a third-party backup provider, not least for compliance purposes.
Recover everything in the event of deletion:
What happens when users accidentally or intentionally delete or overwrite files? Recycle bins and version histories in Microsoft 365 provide only limited protection. If you delete a user, whether you meant to or not, that deletion is replicated across the network. Once an item is purged from the mailbox database, it is unrecoverable. This could have far-reaching effects if a rogue employee decided to delete incriminating emails or files. Microsoft’s backup and retention policies can only protect you from data loss up to a certain point, and can’t take the place of thirdparty data management solutions.
Prevent delays due to Data Loss:
When data is deleted or corrupted, businesses face three major problems – loss of data, loss of time and loss of money. Microsoft provides exceptional availability and cannot be expected to focus elsewhere on extended retention or old user data. Being solely reliant on Microsoft Support for help recovering lost data can be very time consuming. The best way to avoid an issue impacting severely on business continuity is to find a third party that offers streamed, on-demand access to data at a moments notice.
Protect against Ransomware attacks:
How can organizations be protected from app outages, misconfigured workflows or ransomware attacks?
Microsoft explicitly states that point-in-time restores of data are not in the scope of the Exchange service.
Regular backups will help ensure a separate copy of your data is uninfected and that you can recover mailboxes quickly to an instance before the attack. The best data management providers offer streamed, on demand access to all data instantly.
Separate roles as security standard:
Companies nowadays require a separation of roles as a security standard. Having your backup in the production platform allows for a single point of failure. Microsoft 365 administrators could also potentially assign themselves full access to search and export from Exchange mailboxes, SharePoint folders, and OneDrive locations. This would enable them to delete a file. Without third-party backup, that file, depending on the retention policy, may be irretrievable.
Did you know that 80% of all Microsoft 365 users do not have adequate protection for this data? MoreMax partnered with the best in the industry to give you smart and simple protection. Get in touch to see how we can help you protect what is important to you.