Protecting Remote Office 365 User Data

Microsoft Office 365 is drastically changing the market perception of how portable your business data can be. This is leading to a revolution in how businesses can be run and from where. There is no longer a need to set up cumbersome VPNs and remote connections in order to access your data when you need it. This is also done in a way that accommodates for less technical users by providing a user-friendly interface.

More people than ever are using these products to store business data due to its mobility, moving between computers in the office, at home, and the mobile devices in-between which has made the transition to remote workplaces tenable. With this convenience comes the problem with users’ data being exposed to more endpoints and threats than it would have before. These threats not only come in the form of ransomware but misguided users updating the wrong section of a shared resource. Which is why protecting this data has never been more critical.

Why protect remote Office 365 user data?

After reading the above paragraph you might ask yourself why you need to protect and backup Office 365 data when you have security protocols, and isn’t Microsoft protecting this for me anyway?

First, with users moving their data between so many platforms, the data is exposed to more types of attacks than it has been before. It’s important to limit the type of attacks that are further outside of the business’ control, especially when you have users accessing this data on their own devices, which may not have the critical security patches you require in your internal network.

Not to mention the average home router is not hooked up to a physical firewall and many routers are configured with less-than-optimal security settings. The devices on your home WiFi may be sending out your network password in a hashing algorithm that was cracked three years ago. To take it a step further, you can’t stop these devices from connecting to public WiFi, which is a notorious breeding ground for attackers. By this point, if you are a security admin or in charge of risk assessment, your skin is likely crawling.

User education is your best bet in fighting these vulnerabilities. Make sure your users understand that security patches are necessary, and their devices should be updated regularly. If you do need to connect to public WiFi (Including a WiFi connection in a hotel), make sure to fire up your VPN, even if you just need to check one email. Even when you are not on a public network, use your VPN whenever possible. It encrypts your password exchanges and traffic from malicious users.

Isn’t Microsoft protecting Office 365 data anyway?

The second part of the question mentioned above is directed toward Microsoft protecting your Microsoft Office 365 data. What most administrators do not realize is that Microsoft is protecting the hardware the data sits on but not the data itself. This is all detailed in what Microsoft and the industry calls the Shared Responsibility Model. Below, you can see the graph laid out by Microsoft defining what they are responsible for in each of their cloud offerings.

Microsoft Office 365 would fall into the SaaS or Software as a Service category. The gray is what Microsoft is responsible for, which includes the physical hardware the data sits on, the operating system and application, networking, and the connection to the authentication service.

You are responsible for not only the accounts and devices connecting to the service but the data you are storing on the service. In short, if there is a disk failure, Microsoft would be responsible for having redundant copies of your current data so you could still access it. But if you have a compromised account that encrypts your data and holds it for ransom, Microsoft is not responsible for providing an archived copy of your data pre-attack.

If you have a disgruntled admin who decides to delete all SharePoint sites because they were not happy with a business decision, Microsoft is not responsible for having a copy of that data to bring your sites back. Don’t take my word for it, Microsoft has put out this handy document clearly stating what they are and are not responsible for when it comes to their cloud offerings.

Retention policy gaps in Office 365

Clarifying that the Microsoft Office 365 data is not backed up is not enough for some organizations to take action who feel it is the user’s responsibly to protect their data. This might be fine if your only concern was an employee wanting to recover an email from an office meme chain, but it’s not. Business-critical information comes through email every day with business contracts and sales confirmations.

There is also confusion about Exchange Online retention policies. By default, Exchange Online only saves emails that were deleted seven days ago with a configurable maximum of 30 days. Meaning if someone accidentally deleted a business contract confirmation email and then went on vacation, that email is now gone forever.

Another huge overlooked section is legal and compliance requirements, which in many cases require you to have archived copies of your data, including the data in the cloud. Veeam has a great presentation on six reasons why it is critical to back up Microsoft Office 365 data.

What remote Office 365 user data should I protect?

At this point, I hope the question you are asking yourself is not if but what Microsoft office 365 data do you need to protect. The answer to this question is everything.

Microsoft Office 365 offers several services that help make your data and business tasks mobile. Starting with Exchange Online, which allows you to access your emails not only from Outlook on a computer but on your phone and any web browser. SharePoint Online, which is a document manager used to share documents to both internal and external collaborators, helps make everyday business interactions seamless. This is made possible with OneDrive for Business, which is changing the way we see file servers and store files on our devices. OneDrive for Business not only allows you to access your files from a web interface, but map those files as a local drive for quick access and upload. In addition, Microsoft offers a program called Teams which allows users to instantly message, share files, and orchestrate meetings with both internal and external users.

These services without question are key components in the industry shift to working from home and remote sites, making it critical that each amenity is backed up. Just as important as it is to back up this data, so is having a way to quickly and easily recover this data. Also, know what your company’s threshold for data loss is so you can adjust for proper recovery point and recovery time objectives for your compliance.

How to protect remote Office 365 user data

Veeam has the solution to this dilemma with the product Veeam Backup for Microsoft Office 365 which is responsible for backing up Exchange, OneDrive, SharePoint Online and Team data. It offers specialized restore explorers for each application, which gives you options to not just restore back to an original location, but the ability to export the data locally or to a new location. Our Veeam Explorer for Microsoft Exchange offers advanced built-in functionality to search your backup data for specific eDiscovery material and export it for proceedings like litigation, government investigations, and Freedom of Information Acts.

In Veeam Backup for Microsoft Office 365 version 4, we have added auxiliary backup accounts to increase the number of download threads from SharePoint, allowing you to meet shorter RPOs. Additionally, we now offer the ability to back up your data directly to object storage targets, including Azure Blob, AWS S3 and S3-compatible object storage, allowing you to keep a smaller footprint on premises. When restoring back to the original Microsoft Office 365 location from any of our restore explorers, your user is able to access their data again no matter where they are.

To wrap up, the way we handle business data is changing, but the need to back up this data has not. Download Veeam Backup for Microsoft Office 365 today with our free 30-day trial to see how easy it is to start protecting your data before it is too late. For a comprehensive guide on this product, please check out Office 365 Backup for Dummies.

Veeam Backup for Microsoft Office is not our only solution to help protect remote workers, check out full remote workers solutions page.


Read more:

Exit mobile version