It’s a common misconception that Microsoft Office 365 backs up your data. It is a popular and secure platform, but it does not provide a reliable data backup out of the box.
Microsoft has built-in backup features and redundancy, but that infrastructure is designed for data recovery internally within their data centres, not for the customers to back up their data.
If you read their service agreement, they actually recommend backing up your data using third-party services. As always, small businesses are advised to keep the backups of their files following the cardinal 3-2-1 backup rule, and Office 365 alone does not meet the backup criteria.
Office 365 redundancy vs backup
Backing up data means making duplicates of the files and storing them in different locations. In case of disaster where your data gets lost, a copy of the missing or lost file is available in another place.
For example, if you delete a file intentionally or unintentionally and want it back, you should have the option to find it and restore it, whether it was deleted yesterday or 5 years ago. And if a whole host of files happened to become encrypted, you should have the ability to restore earlier versions of the files as they were before they were encrypted.
Although Microsoft offers security for your data, there are several cases when critical data can be compromised. In such cases, it is crucial to have a third party backup solution in place.
Microsoft offers redundancy; if there is a disaster that causes data loss in one of their data centres, there is another data centre that is located in other geographical regions with a complete copy of your data. They can execute a redirect so that end users don’t even realise that there has been an issue.
But if you or someone in your organisation deletes a file or an email intentionally or accidentally, Office 365 will simultaneously delete the data from all the regions and data centres. So, that’s why one should regularly back up data, just as Microsoft recommends its users do. Now Office 365 does have some limited file recovery systems in place for deleted files, but these only go back so far in time and offer you no recourse if you experience a ransomware attack and your files get encrypted.
It is a shared responsibility of both parties to secure and protect the data. It’s your data, and the onus is on you to take steps to protect it.
Reasons for Data Loss in Office 365
There are rare occasions that Microsoft loses data, but data loss caused by end-user actions is very common. Microsoft tries their best to protect the user’s data, but the most common reason behind it is human error whether it’s an email or a company’s document deleted by mistake, data loss is an everyday risk in most businesses.
From human error to malicious attacks, there are a lot of reasons that can result in data loss. Here, we are going to discuss them in detail and illustrate the benefit of backing up data using a third-party service.
Human error falls into two categories, one is accidental, and the other is intentional. Accidental deletion is the main human error that causes data loss. Someone can accidentally delete important emails, files, documents, or any critical data in Office 365.
Sometimes people delete files or data by thinking that there is no need for it anymore, but after some time, they are suddenly in need of it. In most cases, the platforms have a retention policy through which you can restore the files from the trash. But for some of them like contact entries and calendar events, there is no option of recovery from the recycle bin.
In cases, Microsoft does not provide you the facility to recover the lost files as they delete them for their data centres as well. They have no authority to protect you from yourself. If you want to overcome such difficult situations, it is necessary to have a backup at your disposal.
Other, more sinister data loss is caused by intentional deletion, which can be caused by, in the example, a staff member covering up a mistake or something more malicious.
Malware or File Corruption
Malware and virus attacks affect organisations globally, and Office 365 is also susceptible to malicious attacks. The major cause behind such attacks is opening or downloading the infected files.
Ransomware attacks are one of the main reasons for data loss this way and in the last 2 years ransomware attacks have been more prevalent and more widely reported than ever before. Office 365 has protection features against these attacks, but there is no guarantee that it will detect the infections every time.
Moreover, file corruption is another reason for data loss and documents can become corrupted for several reasons that will prevent you from opening them.
Internal and External Security Threats
Businesses and organisations face a growing number of security threats that can be both internal or external. Internal security threats can include a terminated employee that knows the company’s assets deleting important data. It can bring a lot of harm to an organisation if a customer’s history is suddenly erased! And Microsoft, without knowing the reason, will delete the file from their data centres as well.
And by external security threats, we mean malicious attacks such as malware, phishing attacks and viruses through which many high profile and smaller companies and organisations suffered billions of euro worth of damage. It not only costs financially but also damages the reputation of the company, sometimes irreparably.
Why do you need an Office 365 backup solution?
As we have covered, Microsoft does not provide the backup for deleted data. However, if the data loss occurs at their end, they offer redundancy by keeping the data in multiple regions.
Third-party backup is necessary to protect the data against accidental or intentional loss and malicious attacks. In this way, you can back up the data by placing it independently from your system and Microsoft servers.