jeff-erramouspe

Is Your Office 365 Data Properly Protected?

 Office 365 Data Security

As more and more people collaborate and access data from outside the office and across multiple devices, the potential for SaaS data loss increases dramatically, and the damage can be catastrophic. A staggering 60 percent of companies that lose critical data shut down within six months of the loss incident, according to research from Boston Computing Network.

Collaboration

saasOne productivity tool – Microsoft Office 365 – has become the talk of the town recently, and is a great example to illustrate the importance of proper data protection. Over the last 12 months, Microsoft has seen an uptick in companies of all sizes signing up. A notable example is General Electric, which announced it will be implementing the platform across its business. It’s easy to see why so many organizations are moving toward cloud-based SaaS applications like Office 365 – they are secure, convenient and easy to set up and manage. Moreover, they enable a workforce to move faster, collaborating across offices around the world and other remote locations, all while reducing operational costs.

But there is a common misconception about SaaS data that mustn’t be ignored: and that is that Office 365 data can’t be lost. The truth is, your Office 365 data is probably not properly protected and may be at risk.

Protecting Data

Microsoft does an amazing job protecting data from any data loss risks on their side – including disaster recovery, server outages, etc. They make sure that your data is available, as long as you have requested them to do so. However, what Microsoft can’t do is protect your data from you. That’s not a typo. They can’t protect users from accidentally deleting data or an administrator from maliciously deleting important docs within Office 365.

Take the move from on-premises Microsoft Exchange to Office 365 as an example. Administrators go from managing basically everything (network, hardware, OS, VMs, etc.) to only overseeing the policies, users and data. In this new environment, the responsibility for data protection is shared between an application administrator and Microsoft. As long as data loss is caused by a hardware or data center availability issue, Microsoft maintains responsibility, but Microsoft maintains responsibility and must adhere to the requests of users. If there is an external hack or internal malicious behavior, like a disgruntled admin deleting files, the responsibility falls solely on the customer. In some ways, this is actually a good thing because if SaaS providers like Microsoft didn’t delete data when requested by users, then there would be major questions regarding privacy.

Mitigation and Litigation

mitigation-security

Now, Microsoft does suggest some options to help mitigate damage, like litigation hold for all email, but those are not the best solutions for companies that want to ensure their employees’ data is not only available and safe, but quickly and easily recoverable when a data loss event occurs. With archiving, users don’t usually expect to recover information quickly. On top of this, the process of getting what you want is cumbersome and is not something a busy admin will be able to accomplish as quickly as their end users may expect. To achieve reliable SaaS data protection, you need more than archive software, that’s where backup and recovery software comes in. With a third-party SaaS application backup and recovery solution, data is always available for quick and easy restoration to its original state – giving you the ability to essentially turn back time in no time.

The bottom line: Many of the same best practices that admins used in their on-premises environments must be brought along to the cloud, and they can’t assume that Microsoft will correct every single mistake. Ultimately, organizations need to pay more attention to the fine print and understand that they are responsible for keeping their own data safe in the cloud. So, as you move to cloud-based SaaS applications where someone else is managing the physical infrastructure and the applications on which your production data resides, you still need to have a plan in place to ensure that data can be swiftly accessed and recovered in every scenario.

jeff-erramouspeBy Jeff Erramouspe / CEO / Spanning

Prior to being appointed CEO and president, Jeff was Spanning’s Chief Revenue Officer. He was the founding CEO of Deepfile Corporation (became StoredIQ and sold to IBM in 2012), was VP of Market Development at Digby, and served as Vignette Corporation’s first VP of Marketing. He started his career with NCR Corporation and also held senior management positions at Compaq Computer Corporation.

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.

CONTRIBUTORS

Financial Management Finds a Welcome Home in the Cloud

Financial Management Finds a Welcome Home in the Cloud

Cloud Based Financial Management The most cautious person in any organization is likely to be the CFO. After all, they’re ...
Cyber Security Tips For Digital Collaboration

Cyber Security Tips For Digital Collaboration

Cyber Security Tips October is National Cyber Security Awareness Month – a joint effort by the Department of Homeland Security ...
4 Open Source Business Intelligence Tools For Big Data Reporting

4 Open Source Business Intelligence Tools For Big Data Reporting

Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up ...
What Futuristic Transportation Will Look Like In Your Lifetime

What Futuristic Transportation Will Look Like In Your Lifetime

Futuristic Transportation Being stuck in traffic or late for work because of a hold up on the dreaded commute could ...
3 Ways to Protect Users From Ransomware With the Cloud

3 Ways to Protect Users From Ransomware With the Cloud

Protect Users From Ransomware The threat of ransomware came into sharp focus over the course of 2016. Cybersecurity trackers have ...
Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Battle of the Clouds: Multi-Instance vs. Multi-Tenant Architecture

Multi-Instance vs. Multi-Tenant Architecture  The cloud is part of everything we do. It’s always there backing up our data, pictures, ...
What is shadow IT?

How to Make the Move to the Cloud Securely

Move to the Cloud Securely The 2016 Enterprise Cloud Computing Survey from IDG offers multiple interesting insights concerning the state ...
The Good, Bad, and Downright Ugly Takeaways from WikiLeaks’ Vault 7

The Good, Bad, and Downright Ugly Takeaways from WikiLeaks’ Vault 7

WikiLeaks’ Vault 7 If you haven’t heard of the Vault 7 WikiLeaks data dump, you’ve probably been living under a ...
Cloud-Based or On-Premise ERP Deployment? Find Out

Cloud-Based or On-Premise ERP Deployment? Find Out

ERP Deployment You know how ERP deployment can improve processes within your supply chain, and the things to keep in ...
Why ‘Data Hoarding’ Increases Cybersecurity Risk

Why ‘Data Hoarding’ Increases Cybersecurity Risk

Data Hoarding The proliferation of data and constant growth of content saved on premise, in cloud storage, or a non-integrated ...

NEWS

The Department of Defense Cloud

Internet Association asks for U.S. net neutrality vote delay

WASHINGTON (Reuters) - The Internet Association, whose more than 40 members include companies like Google and Amazon, urged the Federal ...
U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

U.S. IT Sector Employment Expands by 8,100 Jobs in November, CompTIA Analysis Reveals

DOWNERS GROVE, Ill., Dec. 8, 2017 /PRNewswire-USNewswire/ -- New hiring in computer and electronics manufacturing and technology services and custom ...
VMware and Carbon Black Fundamentally Transform Current Approaches to Data Center and Cloud Security

VMware and Carbon Black Fundamentally Transform Current Approaches to Data Center and Cloud Security

New joint, cloud-based security solution combines enforcement of "known good" application behavior with advanced threat detection and automated remediation WALTHAM, ...