November 25, 2015

Your Office 365 Data Security – Is It Properly Protected?

By Jeff Erramouspe

Office 365 Data Security As more and more people collaborate and access data from outside the office and across multiple devices, the potential for SaaS data loss increases dramatically, and the damage can be catastrophic. A staggering 60 percent of companies that lose critical data shut down within six months of the loss incident, according […]

Office 365 Data Security

As more and more people collaborate and access data from outside the office and across multiple devices, the potential for SaaS data loss increases dramatically, and the damage can be catastrophic. A staggering 60 percent of companies that lose critical data shut down within six months of the loss incident, according to research from Boston Computing Network.

Collaboration

One productivity tool – Microsoft Office 365 – has become the talk of the town recently, and is a great example to illustrate the importance of proper data protection. Over the last 12 months, Microsoft has seen an uptick in companies of all sizes signing up. A notable example is General Electric, which announced it will be implementing the platform across its business. It’s easy to see why so many organizations are moving toward cloud-based SaaS applications like office 365 – they are secure, convenient and easy to set up and manage. Moreover, they enable a workforce to move faster, collaborating across offices around the world and other remote locations, all while reducing operational costs.

But there is a common misconception about SaaS data that mustn’t be ignored: and that is that Office 365 data can’t be lost. The truth is, your Office 365 data is probably not properly protected and may be at risk.

Protecting Data

Microsoft does an amazing job protecting data from any data loss risks on their side – including disaster recovery, server outages, etc. They make sure that your data is available, as long as you have requested them to do so. However, what Microsoft can’t do is protect your data from you. That’s not a typo. They can’t protect users from accidentally deleting data or an administrator from maliciously deleting important docs within Office 365.

Take the move from On-Premises Microsoft Exchange to Office 365 as an example. Administrators go from managing basically everything (network, hardware, OS, VMs, etc.) to only overseeing the policies, users and data. In this new environment, the responsibility for data protection is shared between an application administrator and Microsoft. As long as data loss is caused by a hardware or data center availability issue, Microsoft maintains responsibility, but Microsoft maintains responsibility and must adhere to the requests of users. If there is an external hack or internal malicious behavior, like a disgruntled admin deleting files, the responsibility falls solely on the customer. In some ways, this is actually a good thing because if SaaS providers like Microsoft didn’t delete data when requested by users, then there would be major questions regarding privacy.

Mitigation and Litigation

Office 365 Data Security

Now, Microsoft does suggest some options to help mitigate damage, like litigation hold for all email, but those are not the best solutions for companies that want to ensure their employees’ data is not only available and safe, but quickly and easily recoverable when a data loss event occurs. With archiving, users don’t usually expect to recover information quickly. On top of this, the process of getting what you want is cumbersome and is not something a busy admin will be able to accomplish as quickly as their end users may expect. To achieve reliable SaaS data protection, you need more than archive software, that’s where backup and recovery software comes in. With a third-party SaaS application backup and recovery solution, data is always available for quick and easy restoration to its original state – giving you the ability to essentially turn back time in no time.

The bottom line: Many of the same best practices that admins used in their on-premises environments must be brought along to the cloud, and they can’t assume that Microsoft will correct every single mistake. Ultimately, organizations need to pay more attention to the fine print and understand that they are responsible for keeping their own data safe in the cloud. So, as you move to cloud-based SaaS applications where someone else is managing the physical infrastructure and the applications on which your production data resides, you still need to have a plan in place to ensure that data can be swiftly accessed and recovered in every scenario.

By Jeff Erramouspe

Jeff Erramouspe

Azure Free Tier vs. AWS Free Tier: Which Provides More Value?

Cloud computing has become a cornerstone for the digital transformation of businesses. From startups to [...]
Read more
Steve Prentice

Episode 19: Why AWS Needs to Become Opinionated about FinOps

On today’s episode of the CloudTweaks podcast, Steve Prentice chats with Rahul Subramaniam, CEO at CloudFix [...]
Read more

5 Azure Cost Management Strategies

What Is Azure Cost Management? Azure cost management refers to the practices and processes that [...]
Read more

Lambda Cold Starts: What They Are and How to Fix Them

What Are Lambda Cold Starts? Lambda cold starts occur when AWS Lambda has to initialize [...]
Read more

A.I. is Not All It’s Cracked Up to Be…At Least Not Yet!

Exploring AI’s Potential: The Gap Between Aspiration and Reality Recently Samsung releases its new Galaxy [...]
Read more

AI at the Gate: Navigating the Future of Cybersecurity with SonicWall’s Bobby Cornwell

Navigating the Future of Cybersecurity In the face of the digital age’s advancements, AI’s role [...]
Read more

SPONSORS

Interviews and Thought Leadership

Jeff DeVerter

Charting the Course: An Interview with Rackspace’s Jeff DeVerter on AI and Cloud Innovation

Rackspace’s Jeff DeVerter on AI & Cloud Innovation In an insightful conversation with CloudTweaks, Jeff DeVerter, a seasoned IT and technology veteran with over 25 years of experience, sheds light [...]
Read more

AI at the Gate: Navigating the Future of Cybersecurity with SonicWall’s Bobby Cornwell

Navigating the Future of Cybersecurity In the face of the digital age’s advancements, AI’s role in cybersecurity presents both innovation and challenges. CloudTweaks welcomes a Q&A with Bobby Cornwell, Vice [...]
Read more

How AI is strengthening XDR to consolidate tech stacks

Deciphering weak telemetry signals by using AI to analyze behaviors and detect threats in real time is the future of [...]
Read more

CrowdStrike and Dell unleash an AI-powered, unified security vision

Dell and CrowdStrike are joining forces today to help businesses battle against cyberattacks using AI to protect against generative AI, stealth social engineering and [...]
Read more

Top Cloud Cost Optimization Strategies for Multi-Cloud Environments

The age-old saying “Don’t put all your eggs in one basket” has found a new resonance in today’s cloud landscape. [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
© 2024 CloudTweaks. All rights reserved.