Why backup Microsoft 365?

A customer recently asked me, “Why do I need this service to backup Microsoft 365? Doesn’t Microsoft already do that?” Actually, no. 

Microsoft’s Shared Responsibility Model clearly states that Microsoft is responsible for application uptime and the underlying infrastructure, while it is the customer’s responsibility to manage and protect their vital business data.

Customers must be careful not to confuse some of the built-in native features within Microsoft 365 with the common definition of a backup: A separate copy of data stored in a separate location that can be quickly and easily recovered.

Here are important reasons why a dedicated backup service for M365 is required: 

1. Accidental deletion: This is the most common cause of data loss in Microsoft 365. If you delete a user, whether you meant to or not, that deletion is replicated across the network. A backup can restore that user, either to on-premises Exchange or Office 365.
2. Retention policy gaps and confusion: Retention policies in Microsoft 365 are designed to help organizations comply with regulations, laws, and internal policies that require that they retain or delete content, but they are not backups. Even if you do rely on your retention policy in place of a backup, they are hard to keep up with, let alone manage. A backup provides longer, more accessible retention all protected and stored in one place for easy recovery.
3. Internal security threats: When we think of threats to our business, we usually think in terms of protecting against external ones. But many businesses are experiencing threats from the inside, and they are happening more often than you think. Having a high-grade recovery solution mitigates the risk of critical data being lost or destroyed.
4. External security threats: Ransomware is becoming more and more sophisticated, and criminals are finding more ways to reach our users, deceiving them into clicking a link so they can encrypt the entire organization’s data for ransom. A backup can easily restore data to an instance before the attack.
5. Legal and compliance requirements: eDiscovery is the process of collecting, reviewing, and sharing electronically stored information as evidence in a lawsuit or investigation. There are eDiscovery capabilities built into Microsoft 365, but a third-party backup solution is purpose-built to easily search within a backup and quickly bring back data to meet any regulatory compliance needs. 
6. Managing hybrid email deployments and migrations to Microsoft 365: Whether you are migrating to Microsoft 365 or have a blend of on-premises Exchange and Microsoft 365 users, the exchange data should be managed and protected the same way, making the source location irrelevant.
7. Teams data structure: The Teams backend is much more complex than many realize. Teams is not a self-contained application, meaning the data generated in Teams resides in other applications, such as Exchange Online, SharePoint Online, and OneDrive. With this added layer of complexity, ensuring the data is adequately protected is paramount.

Once our customers understand why a dedicated backup service could save them significant downtime and cost, the minimal investment is an easy decision to make.  

Are you properly backing up your valuable data? Ask your IT manager or Managed Services Provider to explain how your data is backed up. Don’t accept an explanation that is limited to merely saving the data; find out where it is backed up and what the restoration process is, including how far back in time the data can be restored (RPO-recovery point objective) and how long the restoration will take (RTO-recovery time objective). 

Businesses like yours are more dependent on Microsoft 365 data than ever before. Having the peace of mind that recovery is just moments away is available if you have the right services in place.