Launched in June 2011, Microsoft 365 (formerly Office 365) has amassed 1.2+ Billion users, with 155+ Million of these users being business users.
In today’s modern workplace, it has become a key tool for communication, collaboration, and productivity with products such as Exchange Online, OneDrive/SharePoint, Teams, and a vast amount of productivity apps.
Through using these applications, users and businesses generate and store a staggering amount of data, but who is responsible for this data? There are many misconceptions around Microsoft 365 backups, and perceptions that Microsoft are responsible, which is not really the case.
A report published by Statista shows that over 211,000 companies in the UK use Microsoft 365 and with the increase in cyber-attacks customers are being asked to confirm their data retention, backup and recovery procedures for insurance purposes, ISO standards, or as a requirement to win contracts and when it comes to data stores in their 365 tenant to common question is “Why do I need a backup for Microsoft 365, doesn’t Microsoft take care of it?”.
Understanding Microsoft’s Shared Responsibility Model is essential for any company to ensure they can work in the cloud securely.
It is especially important to keep in mind that SaaS (Software as a Service) platforms such as Microsoft 365 do not supply a backup and recovery service. Their primary responsibility is ensuring their service runs correctly e.g., the uptime of applications and the underlying infrastructure.
According to Microsoft’s Shared Responsibility Model, it is the customer’s responsibility to manage and protect their vital business data from a compliance perspective. Microsoft’s responsibility extends up to their software and not the information or data on it.
Although there are limited, short-term data loss recovery options within Microsoft’s platform such as the recycle bin, you would be shocked to know that the average length of time to identify and contain a data breach, according to IBMs report conducted in 2021, is 287 days. A surprisingly large gap in time until you notice something is missing by which it would be too late to retrieve it from the recycling bin. You need to have complete access and control over your critical business data so that you have full data retention to cover all gaps. In that way, when disaster strikes, you have recovery options at your fingertips.
In an earlier blog, we discussed why it is essential to back up your critical data. However, when examining Microsoft 365, there are a few more reasons why you should do so. Here they are:
*T’s & C’s apply.