If you ride a motorcycle, you protect yourself by wearing leather gear and a helmet. Surgeons protect their patients with rubber gloves to prevent infection. People store their valuables in a safe to keep them under wraps. What about Mixed Martial Arts fighters? Well, maybe that is a bad example, but most people agree that protecting valuable assets is a good idea. How about your information that resides in the cloud, specifically, Microsoft 365 data? Do you think you should protect that data?
Obviously, the answer to that question is yes. For Microsoft 365 deployments, Microsoft is great at providing superior productivity tools and ensuring data availability using replication technologies. However, Microsoft recommends implementing a third-party data protection solution to its customers that are using Microsoft 365.1 So, while data in Microsoft 365 is replicated for data availability, a true backup and recovery service is simply not provided by Microsoft.2 That means if a single node is compromised, all replica data is at risk. It means your SaaS is not safe!
As the graphic below indicates, a recent Gartner survey shows almost half of Microsoft 365 customers are unaware that their data is not backed up or recoverable. More specifically, 49 percent of Microsoft 365 customers believe Microsoft is protecting their data.3 The reality is, data is not natively protected by Microsoft and half of Microsoft 365 customers are not practicing safe SaaS.
Gartner also recommends nine critical capabilities that are necessary when data resides in Microsoft 365, as well as another eight that are considered “nice to haves.” Here is a snapshot of those capabilities:
“Critical capabilities” and “Nice to have capabilities”
As indicated by the tables above, there are reasons for keeping backup copies of Microsoft 365 data beyond data protection such as regulatory compliance. Proactive preservation of information is necessary for business activities such as an investigation, a discovery order or a regulatory audit. Additionally, employing a single repository of all backed up data across the enterprise and the cloud removes the complexity of executing eDiscovery and search operations when it becomes necessary. Just because data is stored in the cloud, be it in Microsoft 365 or another service, does not mean it is exempted from compliance regulations, so be sure you have considered this when data moves or resides in other facilities.
If data protection, compliance and search in Microsoft 365 are interesting topics to you, please check out this on-demand webinar, which includes:
- The backup and recovery limitations of Microsoft 365
- The difference between availability and recoverability
- How Commvault software protects and enhances your Microsoft 365 investment through comprehensive backup and proper compliance
1 Microsoft, Microsoft’s Shared Responsibilities for Cloud Computing
2 Osterman Research, Filling the Gaps in Microsoft 365, November 2017
3 Gartner, Use Third Party Solutions to Fill Backup and Data Recovery Gaps in Microsoft 365, December 2017