Four Critical Components of Microsoft 365 Backup Solution

This report, written by Jerome M. Wendt, president and founder of DCIG, LLC, was published on July 1, 2021.

More enterprises than ever anticipate adopting Microsoft 365 online now and in the years to come. However, moving the burden of hosting Exchange, OneDrive, SharePoint, and Teams to the Microsoft cloud can be deceiving. Microsoft still leaves the responsibility of protecting Microsoft 365 data with enterprises.

DCIG examines 4 critical components a Microsoft 365 enterprise backup solution should possess. It then discusses how well the Afi SaaS Platform and Backupify deliver on them.

Microsoft 365: Your Data, Your Responsibility
Many enterprises already use Microsoft 365 as their default online office productivity software solution. Using this software results in them storing increasing amounts of their data with Microsoft. Unfortunately, enterprises may overlook the need to protect this data from threats such as ransomware and user error.

Microsoft only takes responsibility for the infrastructure it uses to deliver its cloud software services. It limits responsibility for the protection of data that enterprises host with it. Microsoft Services Agreement states: “Your content remains your content and you are responsible for it.“

Four Critical Components of a Microsoft 365 Backup Solutions
To best protect data stored in Microsoft 365, enterprises should look to a cloud-based backup-as-a-service (BaaS) solution. Any solution they evaluate should contain these four critical components:

Component #1: Access Control and Management
BaaS solutions require robust identity and access management (IAM) features to properly manage data protection in Microsoft 365. It should offer and manage features such as encryption key management, single sign-on, and self-service end user recoveries. It should also permit the creation of multiple administrative logins each with different management permissions.

Component #2: Anti-Ransomware Capabilities
Email represents one of the primary ways that ransomware enters organizations. BaaS solutions can serve as a powerful complement to existing cybersecurity solutions. Ideally, they can help detect ransomware’s presence and preemptively act should a ransomware attack occur.

Component #3: Completeness of Microsoft 365 Backup Capabilities
Microsoft 365 offers much more than just email. As such, backup solutions must prepare to backup all components of Microsoft 365. This includes Exchange, OneDrive, SharePoint, and Teams. Each respectively possesses different backup requirements. How well a solution integrates with each component directly influences how comprehensively the solution backups each component.

Component #4: Completeness of Microsoft 365 Recovery Capabilities
Enterprises with hundreds, thousands, or even tens of thousands of users cannot and should not expect to have a team of administrators dedicated to performing recoveries. Microsoft 365 backup solutions need to empower end-users to perform their own restores.

Microsoft 365 backup solutions also should provide options for administrators and end-users alike to quickly identify data needed to recover. This requires powerful search functions and preview capabilities to search and find the exact document, email, file, or message to restore.

Further, in today’s world where ransomware has become so prevalent, the backup solution needs to help enterprises help themselves. Should a ransomware attack occur, the solution needs to recommend the best backups to use for recovery. Offering this functionality helps ensure enterprises do not inadvertently restore data that contains ransomware.

Afi SaaS Platform and Backupify
To protect this data, enterprises will want to use an independent, cloud-based BaaS. The Afi SaaS Platform and Backupify each deliver enterprise, cloud-based BaaS solutions. They each protect Microsoft 365 and only require that enterprises subscribe to their respective service to backup data.

Both these solutions backup and recover core Microsoft 365 components (Exchange, OneDrive, SharePoint, and Teams.) However, they differ in their abilities in how they deliver on these four critical components of Microsoft 365 backup and recovery.