Practice Safe SaaS: Protecting Office 365 With Commvault

By Commvault

If you ride a motorcycle, you protect yourself by wearing leather gear and a helmet. Surgeons protect their patients with rubber gloves to prevent infection. People store their valuables in a safe to keep them under wraps. What about Mixed Martial Arts fighters?  Well, maybe that is a bad example, but most people agree that protecting valuable assets is a good idea. How about your information that resides in the cloud, specifically, Office 365 data?  Do you think you should protect that data?         

Obviously, the answer to that question is yes. For Office 365 deployments, Microsoft is great at providing superior productivity tools and ensuring data availability using replication technologies. However, Microsoft recommends implementing a third-party data protection solution to its customers that are using Office 365.1 So, while data in Office 365 is replicated for data availability, a true backup and recovery service is simply not provided by Microsoft.2  That means if a single node is compromised, all replica data is at risk. It means your SaaS is not safe! 

As the graphic below indicates, a recent Gartner survey shows almost half of Office 365 customers are unaware that their data is not backed up or recoverable. More specifically, 49 percent of Office 365 customers believe Microsoft is protecting their data.3 The reality is, data is not natively protected by Microsoft and half of Office 365 customers are not practicing safe SaaS. 

Gartner also recommends nine critical capabilities that are necessary when data resides in Office 365, as well as another eight that are considered “nice to haves.”  Here is a snapshot of those capabilities:

“Critical capabilities” and “Nice to have capabilities”

As indicated by the tables above, there are reasons for keeping backup copies of Office 365 data beyond data protection such as regulatory compliance. Proactive preservation of information is necessary for business activities such as an investigation, a discovery order or a regulatory audit. Additionally, employing a single repository of all backed up data across the enterprise and the cloud removes the complexity of executing eDiscovery and search operations when it becomes necessary. Just because data is stored in the cloud, be it in Office 365 or another service, does not mean it is exempted from compliance regulations, so be sure you have considered this when data moves or resides in other facilities. 

If data protection, compliance and search in Office 365 are interesting topics to you, please check out this on-demand webinar, which includes:

  • The backup and recovery limitations of Microsoft Office 365
  • The difference between availability and recoverability
  • How Commvault software protects and enhances your Office 365 investment through comprehensive backup and proper compliance

1 Microsoft, Microsoft’s Shared Responsibilities for Cloud Computing
2 Osterman Research, Filling the Gaps in Office 365, November 2017
3 Gartner, Use Third Party Solutions to Fill Backup and Data Recovery Gaps in Office 365, December 2017