Security person to represent third-party backup

Eight reasons to implement third-party backup for M365

The cloud and has radically transformed the way we do business

The cloud and has radically transformed the way we do business, particularly Software as a Service (SaaS) offerings like Microsoft 365. Instead of buying costly licenses that need to be upgraded every few years, we can sign up for a subscription that always guarantees access to the latest version.

And the fact you can retire your expensive in-house Exchange server is an added bonus. These features help explain why there were more than 258m paid-for Microsoft 365 users in April 2020 (later data has not been published by Microsoft but we anticipate it to be even higher now with the move to remote working).

Who is in charge?

But just because Microsoft does all the hard work of keeping the Microsoft 365 infrastructure secure, that doesn’t mean that your data is fully protected. In reality, Microsoft 365 operates under a shared responsibility model; Microsoft takes care of the platform and software – you are in charge of the data hosted in their services.

Admittedly, Microsoft does offer 30 days’ worth of backups, but this is probably not protection enough for your operations – especially when you consider just how much mission-critical data your users store in their mailboxes.

1. Accidental deletion

Based on our experience in the industry, and of running backup services, accidental deletion of files or emails accounts for the majority of recovery requests to IT teams. When users accidentally delete files in Microsoft 365, you have 30 days to correct their mistake. Unfortunately, the error may not be discovered until after that window of opportunity has passed.

Using a third-party Microsoft 365 backup solution gives you greater control over deleted files – and a longer recovery window too.

2. Internal security threats

Sadly, not all file deletions are accidental. Departing employees, or just those with a grudge may delete key data out of spite. The good news is that, although still worryingly common, according to the Ponemon Institute, malicious incidents do only represent 23% of all insider threats. But again, identifying the issue may take longer than 30 days.

3. External security threats

Phishing remains a significant threat to your organisation and its data, with the Cyber Security Breaches Survey 2021 citing 83% of businesses as reporting these types of attack. Tricking an employee into revealing credentials is still quite easy with a well-targeted campaign. Once into the system, criminals can steal or damage whatever they like.

A robust backup and recovery process will allow you to reverse the damage quickly and easily, minimising impact on your operations.

4. Retention policy confusion

The Exchange retention policy is designed to ensure emails are kept for a specified amount – say seven years. However, the policy only determines what Exchange does with messages – users can still permanently delete emails long before the seven-year limit is reached.

A proper backup ensures that emails are properly backed up and retained according to your policies – even if users manually delete messages from their inboxes.

Corporate data must be retained according to strict compliance requirements – often for several years. Again, retention policies can help but only an immutable backup will provide the protection you need.

6. Managing hybrid deployments and migrations

In an ideal world, everything would run natively in the Microsoft 365 cloud. But in reality, many businesses maintain a hybrid deployment, merging resources like Exchange online with on-premises legacy Microsoft Exchange Servers. Obviously, this adds to the complexity of backing up and restoring data, making the choice of data protection tool critical.

This is particularly true when you are planning for the future of your Microsoft 365 deployment. The right tool will simplify the process of deployment and migration by making your data more portable.

7. Teams data structure

The pandemic has proven the value of Microsoft Teams, helping to establish it as a mission-critical communications channel. Capturing this data is as important as backing up email – but it is not straightforward.

Microsoft Teams saves data across Microsoft 365, rather than in a dedicated repository. You need an intelligent tool that can back up all of these locations and help you restore them to the right location when required.

8. Microsoft recommends it!

Lastly, a simple but compelling reason is that Microsoft themselves recommend having a regular backup plan and using third-party apps and service, acknowledging their shared responsibility model in their services agreement.

Take the next step

These eight reasons show just how important it is to have a proper backup solution for your Microsoft 365 deployment. Find out more about our backup as a service offering for Microsoft 365 – you might be surprised how affordable it is.

Learn more about backup as a service from Maple