By Eran Farajun, Executive Vice President, Asigra

Experts Expose Myths, Offer Best Practices for Office 365 Data Protection

For many organizations, Microsoft Office 365 has become the essential cloud-based productivity platform. According to Microsoft public filings, it’s used by four out of five Fortune 500 companies, and at the other end of the scale, more than 50,000 small and medium sized companies sign up for the service every month. Its subscriber base grew nearly 80 percent in a 12-month period ending Q3 2016.

However, for many corporate subscribers, Office 365’s popularity and convenience may obscure a critical data retention and compliance requirement: the need for users to take responsibility for protecting their own data in cloud-based platforms such as Microsoft Office 365. While it is a highly secure platform, there is a lot more to comprehensive data protection than encryption and hard passwords.

To learn more about the importance of protecting data in cloud-based platforms, I asked three data protection professionals to join me for a discussion exploring why protection of Office 365 data is mission critical.

Accompanying me on the panel were:

  • Chad Whaley, CEO of Echopath, an IT services and data backup company based in Indiana;
  • James Chillman, managing director of UK Backup, a provider of cloud backup and disaster recovery services in England; and
  • Jesse Maldonado, director of project services at Centre Technologies, an IT solutions provider out of Texas.

I began by asking the panel to identify the top myths about data protection they encounter when talking to customers about Microsoft Office 365.

Chillman: The top misunderstanding we encounter is that people assume that, by signing up for Office 365, Microsoft has now taken charge of their data. However, that’s not true. Microsoft is responsible for running the service and keeping it secure. They do a great job and aren’t going to destroy your data. However, users are still responsible for managing their data and protecting it from threats such as accidents, malicious behavior and ransomware attacks.

Maldonado: We often run into the perception that Office 365 data is not mission critical, and that only data from enterprise resource planning (ERP) solutions or other line-of-business applications need to be protected. That’s simply not the case. Office 365 is at the heart of business communication, and particularly for organizations with compliance requirements, the data created and stored in Office 365 is vital and must be protected.

Whaley: Many customers are drawn to Office 365 by the potential cost savings, but are surprised to find that there are still costs associated with storing data in the cloud. It’s still your data, whether it’s in your data center or Microsoft’s cloud, and if you want to ensure it’s protected, you will need to have a data protection plan. The fact that you have to manage your data doesn’t change.

Farajun: What consequences have your customers experienced due to insufficient protection of Office 365 data?

Chillman: We’re seeing a huge increase in the number of restores due to ransomware attacks—it’s our main area of focus when it comes to retrieving client data. The consequences of ransomware are very serious, including the cost of downtime, loss of earnings and potential fines from breaking data protection laws. We’ve had customers who believe moving data to Office 365 protects their data from ransomware. But that’s not true. If ransomware has infected your data center and you sync to Office 365, then the ransomware can spread to your cloud-based data too. Microsoft does its best to protect against malware but ransomware is becoming much more advanced and it changes every day. It’s a huge problem.

Whaley: I was looking at a study of unscheduled downtime, and found that two factors – human error and software malfunction—accounted for 40 percent of all downtime. Moving your data to Office 365 doesn’t do anything to change these threats. Human error is still very prevalent, like the proverbial Bob in Accounting who deletes all of his data and doesn’t notice for 45 days, at which point it’s gone. The largest restore we’ve ever done was due to an admin who didn’t use Office 365 properly and ended up purging a massive amount of data. Human error is still very much at the forefront of downtime risks and you have to protect against it. As for software, whether it’s on premises or in the cloud, it’s still Microsoft Office and it’s susceptible to the same glitches in either location.

Maldonado: Without comprehensive data protection, data can be lost or destroyed just as easily in the cloud as in the data center. If a Word document disappears and has to be recreated from the ground up, a company will lose productivity. We’ve seen instances where data loss events have led to organizations going out of business—they were never able to recover from the data loss.

Farajun: What considerations and best practices do you recommend to your customers when discussing Office 365 data protection?

Chillman: We make sure that our customers understand the core data protection capabilities built into Office 365. Then we look at how to address the gaps. We work with customers to define service-level agreements to determine what data retention policies they need for their particular business requirements. We also make sure customers understand that they are still ultimately responsible for their data in the cloud. You need to make sure your data protection solution gives you the power and flexibility to manage it effectively.

Maldonado: We find that a lot of customers haven’t defined the Recovery Time Objective (RTO) or Recovery Point Objective (RPO) for their business, so we help them determine their tolerance for data loss. We also help them understand what data retention requirements they must comply with due to regulation. For instance, healthcare and financial organizations have strict guidelines about what data must be stored and for how long.

Whaley: For Office 365 data protection, the best practice we recommend is to plan your solution before you move your data there. For many businesses, data protection is an afterthought. We recommend that our customers get to know their data, understand what’s critical and what’s not, and make sure they realize, whether it’s in the cloud or on premises, that they are ultimately responsible for it.

In conclusion, I would add that Microsoft Office 365 offers great simplicity and cost savings for businesses seeking to place their productivity tools in the cloud. However, email and document retention requirements still apply and must be followed regardless of where your data is stored. Microsoft Office 365 provides basic data recovery and archiving capabilities, but this elemental level of protection may not satisfy your compliance obligations. To mitigate your risk and meet compliance mandates, protect your Office 365 data the same way you would protect your on-premise data to avoid data loss as a result of intentional or accidental user error, ransomware attacks, unplanned data overwrites or other breaches. This requires a comprehensive approach to data protection that protects all enterprise data from any source, including Office 365, with a single, easily managed solution.

About Asigra
Trusted since 1986, Asigra provides organizations around the world the ability to recover their data now from anywhere through a global network of partners who deliver cloud backup and recovery services as public, private and/or hybrid deployments. As the industry’s first enterprise-class agentless cloud-based recovery software to provide data backup and recovery of servers, virtual machines, endpoint devices, databases and applications, SaaS and IaaS based applications, Asigra lowers the total cost of ownership, reduces recovery time objectives, eliminates silos of backup data by providing a single consolidated repository, and provides 100% recovery assurance. Asigra’s revolutionary patent-pending Recovery License Model provides organizations with a cost effective data recovery business model unlike any other offered in the storage market. More information on Asigra can be found at

Eran Farajun

Photo: Eran Farajun

About the Author
Eran Farajun is Executive Vice President of Asigra where he is responsible for the company’s global expansion, marketing, business development and long-term strategic activities for the company’s cloud backup and recovery software platform. Additionally, Eran oversees strategic relationships with Asigra’s technology and channel partners who have helped grow deployments of Asigra Cloud Backup to more than 1,000,000 sites worldwide.

As a backup technology veteran with over 18 years of experience in cloud-based data protection, Eran frequently speaks at industry conferences, such as VMworld U.S., MSPWorld, Cloud Expo Europe and regional vertical focused events to evangelize and raise awareness about the business benefits achieved with cloud-based technologies.

Asigra Inc.
1120 Finch Ave. West Suite 400, Toronto ON M3J 3H7
Toll free +1-877-736-9901
Direct +1-416-736-8111

Source: Asigra



General Tags: online file storage, online data backup, online file backup, online backup news, online backup, online backup providers directory, data security, CEO interviews, compare online backups, data storage, online backup companies, top rated online backups, online backup reviews, cloud computing, software as a service, backing up online, SaaS, online backup services

Like us on Facebook

Do you like this post? Subscribe to our RSS feed ===========================


Related posts:

  1. Cloud|AG and AvePoint Team Up To Offer Office 365 Customers Protection For Data Loss and Data Leakage
  2. Panel of Data Security Experts to Discuss Best Practices for Accelerating Incident Response During Code42 Live Webinar
  3. Asigra Provides Cloud-Based Data Recovery of Microsoft Office 365, Expanding Enterprise-Class Protection of Cloud Applications
  4. Cloud|AG and AvePoint Team Up to Offer Office 365 Backup Services
  5. Acronis Delivers Reliable Cloud Data Protection to Small Office and Home Office Users
  6. Imation Experts to Speak on Best Practices for Secure Mobile Data Storage and Key Trends for Data Back-Up and Archiving at Storage Visions 2012 in Las Vegas
  7. Dropsuite and Team to Offer Data Protection Throughout the Eurozone
  8. Veritas Complements Microsoft Office 365 Environments with Enterprise-Grade Data Protection and Governance
  9. JS Computek Partners with Microsoft to Offer Office 365 Cloud-Based Productivity Applications to Missouri Businesses
  10. Probax Backup for Office 365 Extends Data Protection to SharePoint and OneDrive

Tags: , ,