5 Reasons to Back Up Your Microsoft 365 Data

Many SMBs have moved to the cloud to take advantage of all the benefits that it can offer. A common misconception, however, is that the data that resides in the cloud is being backed up by the service provider such as Microsoft or Google or Amazon. This is not the case. 

Microsoft, and other providers, operate under a shared responsibility model. This means that they will do what is necessary to protect their services however, the customer is responsible for protecting their data.  

In this article we will provide five reasons why an SMB needs to back up their Microsoft 365 data. Although, the article focuses specifically on Microsoft 365, most of these reasons can apply to other providers as well. 

1. Disruptions and Outages 

As we mentioned, the cloud can offer many benefits that can be leveraged by SMBs, however, there may be disruptions in services due to hardware or software issues. Some disruptions can last seconds and are unnoticeable while others can last long enough to cause downtime for businesses using these services. How long the downtime lasts will depend on the issue they are resolving. Regardless, without having the data backed up the downtime can be costly for businesses as no back up means no access to the data required to continue to operate. In a worst case scenario, if the servers the data is in are heavily affected, it may also mean that businesses may not be able to recover their data without a third-party backup.    

Microsoft clearly addresses this in the Service Availability section in their Microsoft Services Agreement which states: 

“b. We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.” 

2. Account Deletion 

Another very good reason to ensure that your data is backed up is in the event of an account being deleted. Whether the deletion was intended, an error, due to migration to another solution or because of malicious activity, once the account is deleted, all of the data and content within that account is deleted forever. You cannot get it back. Again, Microsoft recommends backing up the content and data in your Microsoft 365 accounts. 

3. Limited Native M365 Backup and Recovery Capabilities  

M365 does allow for the recovery of deleted items. However, the native recovery tools are limited. The basic recovery from Deleted Items helps with recent accidentally deleted items, but what about items deleted due to other reasons? For example, items that have been deleted for a long time, corrupted items, items that were not migrated properly or lost items due to a cyberattack. These items may not be recoverable from the native M365 backup and recovery capabilities.   

4. Permanent Data Deletions are Irreversible 

There are two ways data can be deleted in Microsoft 365. The data can be temporarily deleted (soft deleted) and is recoverable. Or the data can be permanently deleted (hard deleted) in which case it is not recoverable.  

In a hard-deleted scenario, data becomes permanently deleted (or hard-deleted) without hope for restoration under the following conditions: 

  1. When the data has been temporarily deleted for longer than 30 days without being restored 
  1. When the user account that is associated with this data has been permanently deleted 
  1. When someone manually removes the data from the Recoverable Items folder. 

There is an exception to the above rule which is if the hard-deleted files were previously preserved by the retention policy, you could access them via eDiscovery. But this has caveats of its own. First, eDiscovery is designed to retain data as evidence for legal purposes and not as a means to restore data. Second, you need a M365 E3 subscription or higher for access to the eDiscovery service. 

5. External Security Threats 

Ransomware, account hijacking, phishing, malicious applications, and brute-force attacks are just a few external security threats that can jeopardize your data. Microsoft does offer a range of useful tools to improve the security of your data, however, the fact remains that they operate under the shared responsibility model we mentioned earlier. To reiterate, Microsoft will protect the M365 services, but the customer is responsible for protecting their data, devices and identities. 

MicroAge can help you determine how best to protect your M365 data. Contact us today. 

Find a MicroAge near you

With a growing Network of independently owned locations (currently at 41) from coast-to-coast, MicroAge is Canada’s leading IT solutions and service provider focused mainly on small and midmarket businesses.

Most commented posts

cyber-threats-cybermenaces

3 Critical Cyber Threats For Businesses in 2019

Malware, vulnerabilities, and social engineering are some of the main concerns for IT security professionals. Although the tactics used to target businesses and individuals are…

Read More
Infrastructure informatique, IT infrastructure

5 Benefits of an Optimized IT Infrastructure

Is your current IT infrastructure helping your business thrive in its industry or creating obstacles for growth? If you’re still not using cloud technologies to…

Read More
Cloud Infrastructure hébergée

3 Advantages of Using Cloud Infrastructure

Everyone knows that cloud computing is a hot trend, and its adoption should only increase over the next few years. According to one study published…

Read More
Employee security, sécurité employé

How to Ensure the Business Security of Your Remote Employees

In the past, a business was only able to operate effectively if all of its staff and equipment were under a single roof. These days,…

Read More

How To Avoid Social Media Phishing Scams

Phishing is unfortunately a common practice across various media. It involves luring people to click on links that will install malware on their device(s), or…

Read More