Office 365 Archives

Three ways your Office 365 data is at risk – and one solution to them all

by Craig Andrews June 3rd 2021

Office 365 remains the world’s most popular productivity platform for several reasons. As well as providing the tools required to complete most basic productivity tasks, the subscription model helps businesses better manage their capital spend. And because files and documents are synced to the cloud, Office 365 offers some degree of improved resilience.

But there are still three ways in which your Office 365 service is as risk.

Threat 1: Ransomware

Ransomware continues to grow in popularity with cybercriminals because it works. Infecting a victim’s computer and encrypting their files is a superb way to get their attention. Demanding a ransom in untraceable digital currency in order to obtain the decryption keys is highly effective – and profitable.

In the event that computers within your network are successfully attacked by malware, your Office 365 data is at risk. As documents are encrypted, those changes are synchronised to the cloud, overwriting good data with bad.

Threat 2: Insider Threats

Every IT manager’s worst nightmare is the disgruntled employee. Whether they go out with a bang or wage a long-term guerrilla campaign, these individuals have the potential to cause lasting damage to the business.

Without add-on protections, users can delete important files and emails locally and in the Office 365 cloud. If their actions are not discovered for some time, the missing data may not be recoverable – particularly as Office 365 only retains backups for 30 days.

Threat 3: Accidents

A careless click here, a mis-key there. Deleting and overwriting emails and files is so simple, we’ve all done it before. And with every change automatically synced locally and to the cloud, the mistake is also replicated.

But the damage can be just as severe as malware or malicious activity if it goes unnoticed. Again, the 30 day ‘grace’ period provided with Office 365 deleted files may not be enough.

Cloud-based backup for your cloud-based Office 365 data

WTL offers a solution designed to counter all three of these risks. Our Secure Cloud Backup for Office 365 solution uses Veeam replication technologies to copy your files and emails to our secure cloud space automatically.

Just like any other ‘true’ backup solution, Secure Cloud Backup for Office 365 offers incremental backups that can be stored for months or years. So if data is deleted or corrupted, you can recover files long after the 30-day limit imposed by Microsoft.

Secure Cloud Backup for Office 365 also offers a range of recovery options according to your strategic needs. Take Exchange for instance – you can restore deleted mailbox data, export a mailbox for reimport as a PST, save specific messages as MSG files or forward emails as attachments to another address.

Flexible options allow you to increase the accuracy and speed of recovery – and minimise the impact of Office 365 (temporary) data loss. For more information about Secure Cloud Backup for Office 365, please get in touch.

6 Critical Reasons You Need a Proper Office 365 Backup Solution

by Craig Andrews March 29th 2021

Office 365 has been fundamental to the success of many business’ work-from-home strategies during the pandemic. The ability to access important corporate resources from any place on any device has helped maintain productivity as industry threatened to grind to a halt.

But now that remote working strategies are bedding in, it’s time to address the elephant in the room – Office 365’s less-than-adequate backup provisions.

Here are six reasons you must upgrade your Microsoft 365 backup provisions today.

1 – Accidental deletion

There are two types of deletion: soft deletion, and hard deletion.

Soft deletion is where an item is deleted but can still be recovered from a recoverable item mailbox (a bit like the recycling bin on your PC). A hard delete is where the item is purged from the mailbox database completely at which point the item is unrecoverable.

A proper Office 365 backup service will retain a copy of all data – even if it has been hard deleted by a user.

2 – Retention policy gaps and confusion

A retention policy gap is a period of time in which files/ accounts can be recovered. For example, if an employee leaves your company and their account is deleted, after 30 days any information will be deleted permanently. And if an employee was to go rogue and delete information, you could not recover that data if the 30-day window has elapsed.

A third-party Office 365 backup service offers indefinite retention, much like your existing on-site archiving solutions. So you don’t have to worry about thirty-day limits.

3 – Internal security threats

Employees operating from inside your company are actually a greater threat than hackers. Employees have access to a lot of company information, and security can be breached both intentionally and unintentionally. Office 365 has a major issue; it doesn’t automatically recognise the difference between a current employee and an ex-employee meaning that if you forget to disable their account, the leaver still has access to their email and data – and can maliciously delete anything they want.

External Office 365 backups will maintain a copy of everything the rogue employee thinks they have deleted.

4 – External security threats

External threats can enter the company through emails and attachments. Sometimes these are hard to detect, depending on the hacker’s level of skill and determination. Your company reputation and operations are at risk if your systems are infected with malware or ransomware.

Regular Office 365 backups will ensure that a separate, uninfected copy of your data is always available and can be recovered quickly.

5 – Legal and compliance requirements

Your organisation has a legal duty to retain certain communications and files. This information must be available in the event of a compliance audit or criminal investigation. Microsoft has built a couple of safety nets (such as litigation hold), but this solution is not comprehensive enough to meet your legal obligations. Remember, if a user is deleted, their mail, SharePoint and OneDrive contents are also deleted and may not be recoverable.

Maintaining a separate Office 365 backup removes ambiguity and risk, ensuring your data is always available when required.

6 – Managing hybrid email deployments and migrations to Office 365

Typically only new start-ups have the luxury of adopting Exchange 365 from the outset. Most businesses migrate from an on-premise email solution to the cloud at a later date – and many still retain some services on-premise.

Adopting a third-party Office 365 backup service like Secure Cloud Backup for Office 365 from WTL offers additional flexibility, allowing you to backup and restore emails from a hybrid environment quickly and transparently. This ensures that no matter where your data is located, it is always recoverable.

Get help today

Leaving your Office 365 data backup to Microsoft is a significant business risk. The built-in recovery service is adequate for a file or two, but it is not suitably comprehensive to properly protect your business and its data assets – what happens if a deletion is only discovered 31 days after the incident?

Fortunately, WTL has you covered, contact us today to discuss our fast, reliable, cost-effective Secure Cloud Backup for Office 365 solution and discover how to properly protect your emails and data.

Office 365 – How Safe is Your Data in the Cloud?

by Craig Andrews November 30th 2020

Moving operations to the cloud can offer definite improvements in terms of data security and resilience. Hosted on enterprise-class hardware with automated fail-over and load balancing increases data availability. And because data is encrypted at rest and in transit, it is much harder to use in the event of a security breach.

However, no system is infallible – including Office 365. Despite these protective measures, your data may still be at risk.

Ransomware

Malware that encrypts critical files is enough to give the IT manager nightmares. And high-profile outbreaks like NotPetya and WannaCry have helped to emphasise just how serious a threat ransomware poses to corporate networks.

Offloading storage and email functions to the cloud does help to raise the overall security of your corporate data assets. However, once infected at source, encrypted files are replicated to the cloud, rendering the off-site copy of your data similarly useless.

User error

Despite the media attention given to hackers and malware, the number one threat to the company network remains your users. Around 50% of breaches are caused by internal users.

Office 365 has some of the finest enterprise-grade security provisions available – but they can’t always protect you against stupidity and carelessness. It’s incredibly easy to delete a file by accident – and it may take months before anyone realises. Similarly, a leaked password could cause havoc if it falls into the wrong hands.

Malicious users

Less common, but even more dangerous are malicious users. These individuals are actively looking for ways to undermine their employer. They will delete data, corrupt files and change configurations to cause disruption, loss and confusion.

Generally, these users simply abuse their own security permissions, pushing the limits of what they can do. Most don’t want to get caught, so they won’t draw attention to what they are doing – and their actions may take quite some time to be exposed.

Facing the inevitable

No matter how hard you try, completely blocking all of these threats is unlikely. Despite your best efforts, eventually, someone is going to “accidentally” click a link that triggers a ransomware download. Or deliberately delete some important information.

Your business needs to tighten defences to reduce incidents of data loss – but you have to be aware that Microsoft Office 365 isn’t going to do everything for you. Much of your preparations will focus on how to recover after a data loss incident.

Robust and reliable backup and recovery will be crucial to dealing with these issues. Microsoft provides some data recovery options for their cloud services, but they are very basic. Often this is little more than a recycle bin that empties automatically every 30 days.

In some cases, issues may be identified within 30 days which is great. But one extensive study suggests it takes 280 days to identify and contain a breach. Clearly, you need a more robust backup and recovery system is required.

Cloud-based backup to the rescue

Once your defences are in place, attention must turn to how you can recover data and operations as quickly as possible. This will require a new approach to backup that can address the hybrid nature of your operations.

Moving backup to the cloud creates several new opportunities. Capacity scales automatically as your data estate increases without the need for additional infrastructure spend in your data centre for instance.

Cloud-based services are often more resilient to cyberattacks and ransomware. Replicating files to a third location (outside the local network and the Office 365 ecosystem) adds another layer of protection. Importantly, recovering data from the cloud can be extremely fast, almost instantaneous – perfect for when you need to deal with a ransomware infection immediately.

Abstracting backups in this way makes it extremely difficult for every copy of your data to be lost permanently. A malicious employee may be able to delete files – and even the Office 365 backups – but they cannot access the versions backed up automatically into the external system. Even if the loss doesn’t become apparent for many months, the missing data can still be recovered from the third-party cloud backup.

Data loss is a very real possibility, even when using Office 365. But by adding a cloud-based backup service into your technology stack, you are well prepared to deal with any incident.

WTL offers Secure Backup for Office 365 providing a resilient business continuity solution in the event of data being lost corrupted, or accidentally deleted. To learn more read our Office 365 Secure Backup brochure.