When choosing a solution for your business, choosing Microsoft 365 (M365) was probably an easy decision since it’s a dynamic, all-in-one collaborative workspace for your users. Despite all of the benefits though, one thing is still in the hands of users: security. A lot of data is involved within the suite of M365 apps, and Microsoft has put the responsibility of the data into the owners’ hands. So, do you have control of your Microsoft 365 data? Do you have access to your data when and where you need it? Most reactions include a version of, “Of course,” or “Microsoft handles it.” But, are you confident in that answer? Read more to learn all about Microsoft 365, its vulnerabilities, and how DSM can help with your backups.
- What is Microsoft 365?
- Microsoft 365 Vulnerabilities
- What is a Shared Responsibility Model and Why isn’t OneDrive enough?
- Backing up M365
- DSM has your back(ups)
What is Microsoft 365?
“Microsoft 365 is the productivity cloud designed to help you pursue your passion and run your business. More than just apps like Word, Excel, PowerPoint, Microsoft 365 brings together best-in-class productivity apps with powerful cloud services, device management, and advanced security in one, connected experience.” - Microsoft The services that are included in Microsoft 365 probably remind you of Office 365. Microsoft changed the name this year but kept services essentially the same because they felt Microsoft 365 reflected the features more than just Office. As a subscription-based service with a 99.9% uptime, you can choose from personal, business, enterprise, or education plans. You can check out more information on the updates here.
Microsoft 365 Vulnerabilities
Microsoft’s primary focus is on managing the Microsoft 365 infrastructure and maintaining uptime for users, not on the backup of that data. With that, there are certain amounts of integrated security services within M365, however, there are several vulnerabilities related to data loss and customer data recovery. Without third-party backup plans, your data could fall victim to one or several of these risks.
- Accidental deletion (Users typically won't even realize until the recycle bin is emptied, which is too late.)
- External threats (ransomware, malware, stolen laptops)
- Internal threats (disgruntled employees, ex-employees)
- Retention policy confusion/gaps
- Hybrid environments (deployments and migrations, lack of control of their own data)
- Legal and compliance requirements (The default 90-day retention by Microsoft doesn't meet most industries' standards.)
- Microsoft Teams data structure (Teams has settings, configurations, and memberships that all need to be protected and recoverable.)
What is a Shared Responsibility Model and Why isn’t OneDrive enough?
So why isn’t OneDrive enough to save your data from these vulnerabilities? If you don’t have experience with M365 security, you may think that Microsoft’s service OneDrive is all you need to save and protect your data and files. On the other hand, you may be thinking, Microsoft 365 runs in the cloud, why do I even need to back it up? Simply put, OneDrive is a form of backup that can still result in data loss. Even though Microsoft tries to make M365 user-friendly and secure, there are many things that could fall through the cracks without an experienced administrator that knows the ins and outs of M365 security. Well, the answer lies in one of the statements that Microsoft continuously states, “It’s your data. You own it. You control it.” This means you are responsible for managing your data, not Microsoft. So, contrary to popular belief, Microsoft doesn’t take care of everything, and it’s on you to make sure you have a backup of your Microsoft 365 data. This misunderstanding of where responsibility lies is where the Shared Responsibility Model comes in. It’s a helpful tool to explain where you have responsibility for your data and where Microsoft takes the reigns. The misunderstanding that Microsoft takes full responsibility for your data can be detrimental to your security and you may need to reference the Shared Responsibility Model to re-assess how safe your data truly is.
Backing up M365
Ultimately, you need to ensure you have access to, and control over, your Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams data. Users need to make sure they have protection and long-term retention of all of this data which is where backups come in. “Microsoft only offers time-bound recovery options with no provision for unlimited, point-in-time recovery.” - CloudAlly This explains that without a backup of your Microsoft data, you are vulnerable to data loss. Along with potential data loss, you also may not be meeting your compliance requirements for your business. So, how do you backup Microsoft 365? There are a few options for backups, including on-premise or in the cloud. An advantage to having control of your own data is having the opportunity to back up your data as often as you want/need.
DSM Has Your Back(ups)
If your organization needs a helping hand with your M365 data, DSM is here to assist you in your journey to true data assurance. In partnership with Veeam (the global leader in modern data protection solutions), we take all the worry away from you when it comes to your backups. Together, we will plan a solution that works best for your organizations' data. Once implemented, we handle the rest, while your backups are there ready when you need them. Wherever your data is located – on-premises, public cloud, or managed cloud — you have peace of mind that your Microsoft 365 data is always backed up and accessible. Make sure Microsoft 365 backups are a part of your disaster recovery plan sooner rather than later. Contact a DSM expert today to get started.