jeff-erramouspe

Is Your Office 365 Data Properly Protected?

 Office 365 Data Security

As more and more people collaborate and access data from outside the office and across multiple devices, the potential for SaaS data loss increases dramatically, and the damage can be catastrophic. A staggering 60 percent of companies that lose critical data shut down within six months of the loss incident, according to research from Boston Computing Network.

Collaboration

saasOne productivity tool – Microsoft Office 365 – has become the talk of the town recently, and is a great example to illustrate the importance of proper data protection. Over the last 12 months, Microsoft has seen an uptick in companies of all sizes signing up. A notable example is General Electric, which announced it will be implementing the platform across its business. It’s easy to see why so many organizations are moving toward cloud-based SaaS applications like Office 365 – they are secure, convenient and easy to set up and manage. Moreover, they enable a workforce to move faster, collaborating across offices around the world and other remote locations, all while reducing operational costs.

But there is a common misconception about SaaS data that mustn’t be ignored: and that is that Office 365 data can’t be lost. The truth is, your Office 365 data is probably not properly protected and may be at risk.

Protecting Data

Microsoft does an amazing job protecting data from any data loss risks on their side – including disaster recovery, server outages, etc. They make sure that your data is available, as long as you have requested them to do so. However, what Microsoft can’t do is protect your data from you. That’s not a typo. They can’t protect users from accidentally deleting data or an administrator from maliciously deleting important docs within Office 365.

Take the move from on-premises Microsoft Exchange to Office 365 as an example. Administrators go from managing basically everything (network, hardware, OS, VMs, etc.) to only overseeing the policies, users and data. In this new environment, the responsibility for data protection is shared between an application administrator and Microsoft. As long as data loss is caused by a hardware or data center availability issue, Microsoft maintains responsibility, but Microsoft maintains responsibility and must adhere to the requests of users. If there is an external hack or internal malicious behavior, like a disgruntled admin deleting files, the responsibility falls solely on the customer. In some ways, this is actually a good thing because if SaaS providers like Microsoft didn’t delete data when requested by users, then there would be major questions regarding privacy.

Mitigation and Litigation

mitigation-security

Now, Microsoft does suggest some options to help mitigate damage, like litigation hold for all email, but those are not the best solutions for companies that want to ensure their employees’ data is not only available and safe, but quickly and easily recoverable when a data loss event occurs. With archiving, users don’t usually expect to recover information quickly. On top of this, the process of getting what you want is cumbersome and is not something a busy admin will be able to accomplish as quickly as their end users may expect. To achieve reliable SaaS data protection, you need more than archive software, that’s where backup and recovery software comes in. With a third-party SaaS application backup and recovery solution, data is always available for quick and easy restoration to its original state – giving you the ability to essentially turn back time in no time.

The bottom line: Many of the same best practices that admins used in their on-premises environments must be brought along to the cloud, and they can’t assume that Microsoft will correct every single mistake. Ultimately, organizations need to pay more attention to the fine print and understand that they are responsible for keeping their own data safe in the cloud. So, as you move to cloud-based SaaS applications where someone else is managing the physical infrastructure and the applications on which your production data resides, you still need to have a plan in place to ensure that data can be swiftly accessed and recovered in every scenario.

jeff-erramouspeBy Jeff Erramouspe / CEO / Spanning

Prior to being appointed CEO and president, Jeff was Spanning’s Chief Revenue Officer. He was the founding CEO of Deepfile Corporation (became StoredIQ and sold to IBM in 2012), was VP of Market Development at Digby, and served as Vignette Corporation’s first VP of Marketing. He started his career with NCR Corporation and also held senior management positions at Compaq Computer Corporation.

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.

CONTRIBUTORS

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

As Enterprises Execute Their Digital Strategies, New Multi-cloud Landscape Emerge

The Multi-cloud Landscape The digital universe is expanding rapidly, and cloud computing is building the foundation for almost infinite use ...
Why ‘Data Hoarding’ Increases Cybersecurity Risk

Why ‘Data Hoarding’ Increases Cybersecurity Risk

Data Hoarding The proliferation of data and constant growth of content saved on premise, in cloud storage, or a non-integrated ...
Achieving Network Security In The IoT

Achieving Network Security In The IoT

Security In The IoT The network security market is experiencing a pressing and transformative change, especially around access control and ...
The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, ...
Cyber Security Tips For Digital Collaboration

Cyber Security Tips For Digital Collaboration

Cyber Security Tips October is National Cyber Security Awareness Month – a joint effort by the Department of Homeland Security ...
AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility From Smokey the Bear

AWS S3 Outage & Lessons in Tech Responsibility Earlier this week, AWS S3 had to fight its way back to ...
3 Ways to Protect Users From Ransomware With the Cloud

3 Ways to Protect Users From Ransomware With the Cloud

Protect Users From Ransomware The threat of ransomware came into sharp focus over the course of 2016. Cybersecurity trackers have ...
What’s Next In Cloud And Data Security For 2017?

What’s Next In Cloud And Data Security For 2017?

Cloud and Data Security It has been a tumultuous year in data privacy to say the least – we’ve had ...
What You Need To Know About Choosing A Cloud Service Provider

What You Need To Know About Choosing A Cloud Service Provider

Selecting The Right Cloud Services Provider How to find the right partner for cloud adoption on an enterprise scale The ...
Countdown to GDPR: Preparing for Global Data Privacy Reform

Countdown to GDPR: Preparing for Global Data Privacy Reform

Preparing for Global Data Privacy Reform Multinational businesses who aren’t up to speed on the regulatory requirements of the European ...

NEWS

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system in attack: FireEye

Hackers shut down infrastructure safety system (Reuters) - Hackers likely working for a nation-state recently penetrated the safety system of ...
Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

Deloitte TMT Predictions: Machine Learning Deployments, On-Demand Content and Live Events Will Continue to Drive Growth

NEW YORK, Dec. 12, 2017 /PRNewswire/ -- Deloitte forecasts double digital growth in machine learning deployments for the enterprise, an increasing worldwide ...
U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

DOWNERS GROVE, Ill., Dec. 8, 2017 /PRNewswire-USNewswire/ -- New hiring in computer and electronics manufacturing and technology services and custom ...