No doubt about it, for Microsoft Office 365 (O365), business is booming. At their Q3 FY19 earnings call, Microsoft CEO Satya Nadella said that Office 365 is now used by 180 million monthly active users and growing at more than 4 million users per month – and that was before the recent surge in the demand in collaboration tools!
But, for many organizations utilizing O365, there is gray area on whether or not Microsoft’s native tools support backup and recovery, and if so, to what extent. The confusion boils down to the backup that Microsoft provides and what the customer assumes they’re getting are often different.
So, what does Microsoft cover? Microsoft O365 comes with what’s known as geo redundancy, which is not the same thing as backup. Backup is when a historical copy of data is made and then stored in another location. But a critical component of backup is having direct access to and control over that backup so if data is lost, accidentally deleted or maliciously attacked, you can quickly access and recover it. But with geo redundancy, it protects against site or hardware failure, so if there is an infrastructure crash or outage, users remain productive and rarely aware there’s been a problem.
The bottom line and key takeaway here:
- MICROSOFT is responsible for the uptime of O365.
- The CUSTOMER is responsible for the protection and long-term retention of their O365 data.
The Shared Responsibility Model is further detailed in this Veeam graphic…
Clearly, it’s important to recognize that in the case of O365, you need a backup plan. While Microsoft has a solid reputation for high availability of O365 infrastructure and applications, there are numerous things that can happen, and likely will happen, that can open your organization to risk:
- Data loss and security breaches: Data can be lost from internal and external sources, ranging from accidental deletion, ex-employee actions or even external breaches (e.g., malware and ransomware).
- Retention and compliance: While Microsoft offers retention policies to hold your O365 data for a longer period of time, these are not available to all licensing types, and preserving your data for a longer time is different than backups. A third-party backup strategy is a must to meet an offsite (outside of the O365 ecosystem) copy and maintain the control you would expect in a restore situation.
- Lack of control in a hybrid world: With today’s SaaS-driven environment, visibility and data control is a challenge that backup can help address.
There’s no doubt that Microsoft O365 is a great solution that brings increased productivity to the modern workforce. But ensuring the access and control of your O365 data is imperative in avoiding risk. If you’d like to learn more about why you need a backup solution for O365, check out this informative eBook from our partner Veeam: 6 Critical Reasons for Office 365 Backup.
And if you’d like to talk with one of our backup and recovery experts, we’re here to help.
This post Do You Know Who’s Responsible for Your Office 365 Data? first appeared on OneNeck.