As a serious distributor of office services, Lyreco Group depends closely on Microsoft 365 applied sciences. Till about 5 years in the past, securing and backing up information used with these applied sciences was not a priority. A lot of the sources had been native, and Veeam backup software program did the job.
Nonetheless, as the corporate started to shift in the direction of extra SaaS-based applied sciences, particularly with the big quantity of information now residing within the cloud Microsoft 365The necessity for a brand new precautionary method grew to become clear. Aleh Sadaunichy, community supervisor and architect at Lyreco, initially explored Veeam, however on the time, it didn’t provide backup for Microsoft 365. Happily, whereas Lyreco was altering SaaS, Veeam launched a backup module for Microsoft 365, which Making Lyreco one among its first customers.
Since then, Sadaunichy has change into a robust proponent of utilizing third-party backups to guard Microsoft 365 information. Lyreco now ensures its Microsoft 365 information is backed up by configuring OneDrive, SharePoint, Groups, and different parts. This consists of setting retention insurance policies, releasing releases when wanted, and selecting the place to retailer information. Then, it is only a matter of pointing Veeam to that information.
What Lyreco found mirrors a development different corporations have seen — the mere presence of Microsoft 365 would not assure computerized information backup.
Based on a 2022 ESG research, 33% of respondents felt they didn’t have to backup SaaS purposes inside their organizations, whereas 35% mentioned SaaS suppliers’ native backup capabilities and options are adequate. Many organizations assume this wrongly SaaS purposes They’re proof against information loss, famous Christophe Bertrand, Observe Director at ESG.
On condition that Microsoft 365 has change into a de facto normal for a lot of organizations, the dearth of a safe backup technique for Microsoft 365 information is a serious concern. immediately, Multiple million corporations Worldwide use the productiveness suite. This makes Microsoft 365 a beautiful goal for hackers.
Third-party backup is a finest observe
All of those points lead consultants to 1 conclusion: Do not depend on Microsoft 365 for information backup. As a substitute, it is strongly recommended to make use of an extra backup mechanism to make sure safety.
“It goes again to the three/2/1/1 rule to all the time hold your information in a number of locations,” Bertrand emphasised this level.
Sadonci agreed. “For those who’re utilizing Workplace 365, you would not need to retailer your information (simply) on OneDrive, for instance. Even when you have information already uploaded to Azure Blob storage, it must be copied to a different area. We hold at the very least three copies.”
The duty of deploying Microsoft 365 information backups has change into simpler lately. Most main backup distributors, together with Veeam, Commvault, Datto, and Veritas, now provide modules designed to make sure backup of Microsoft 365 information.
Microsoft itself has launched one of many newest choices – the Microsoft 365 on-line backup and restoration service. Based on Microsoft, the service can again up and restore all or chosen places, accounts, and mailboxes related to Workplace. It additionally gives the performance to go looking or filter content material utilizing metadata and may hook up with non-Microsoft purposes through an Utility Programming Interface (API).
Though this Microsoft service is comparatively new, Bertrand mentioned he expects it should assist organizations have a greater information safety profile. Nonetheless, he added that it’s not finest observe to depend on one vendor to satisfy all wants. Whereas Microsoft Backup and Restoration could also be a viable possibility for small organizations, organizations should use a number of distributors of their information backup technique.
Aaron Turner, a school member at IANS Analysis who beforehand labored at Microsoft, sees it just a little otherwise. “Microsoft is making an attempt to say that it has redundancy that it has in-built its personal cloud, and that it’s providing it as a service at a fraction of the price of one thing like Veeam,” Turner mentioned. “They put it as an out there merchandise if somebody is refined sufficient to ask for it.”
As for Sadonci, he mentioned Lyreco Group plans to stay with Veeam for now. “Microsoft has a superb fame but it surely would not but have a fame for doing backups nicely,” Sadonci famous. “Veeam, Rubrik, Commvault and others have been doing this for a while and have a confirmed observe document.”
In the meantime, Sadaunichy famous that it could possibly be an attention-grabbing alternative for some corporations sooner or later to change to Microsoft Backup straight. He recommended the choice could finally come all the way down to components reminiscent of pricing and model fame.
If the group can’t spend money on a 3rd occasion spare product, It’s particularly essential to strengthen and enhance Microsoft 365 safety as a lot as doable, whereas monitoring the well being of the platform over time. Establishing clear conditional entry insurance policies is vital, Turner mentioned.
Turner advisable utilizing the Cybersecurity Company’s Safe Cloud Enterprise Purposes (SCuBA) reference structure and infrastructure to make sure most safety. Different sources embody free downloadable toolkits (eg this) which gives penetration exams to emphasize take a look at and decide the suitable stage of telemetry.
“For those who correctly tune and harden your 365 environments and take the appropriate hygiene steps, the variety of instances you’ll expertise an outage or ransomware ought to be very low,” Turner mentioned. “Superb controls are in place throughout the Microsoft ecosystem to scale back the potential for vital service outages.”
Bertrand additionally warned to be good about managing your consumer content material. Even when staff depart the group, there could also be emails and backups that require preservation on account of the potential for their authorized rediscovery later.
In regards to the creatorKaren D. Schwartz is a expertise and enterprise author with over 20 years of expertise. She has written on a variety of expertise matters for publications together with CIO, InformationWeek, GCN, FCW, FedTech, BizTech, eWeek, and Authorities Government.