Tag: microsoft help
Publish Date
09/04/2024
Categories
Blogs Hot Topic
There is often great debate about creating backups for data in services such as Microsoft 365 Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams. The common assumption amongst many is that Microsoft backsup, so everything is covered.
When explaining that 3rd party backup provides a more holistic, secure safety net for your business, customers often tell me, “you would say that, you want to sell more products!” But there’s usually one response that gets their attention:
“It’s not me saying you need it, Microsoft say it”…
Microsoft’s shared responsibility model firmly puts data in the court of the user. Microsoft have got you covered when it comes to Global Infrastructure, Uptime and Cloud Service. But access and control of data in your M365 tenant? That’s on you.
In an on-premises data centre, you own the whole responsibility stack. As you move to the cloud, some responsibilities transfer to Microsoft. The following Microsoft diagram illustrates the areas of responsibility between you and Microsoft, according to the type of deployment of your stack. Note that your businesses setup, data, devices and accounts & identity remain your responsibility.
Your Responsibilities as a User
As a Microsoft 365 user, you act as the data custodian. Your main task is to ensure that your data is not only accessible but also securely backed up, separate from Microsoft’s cloud infrastructure and ready for recovery whenever necessary. Microsoft actually state this in their Service Agreement under section 6b:
Insights Into the Model’s Roles
- Core Responsibilities: Microsoft is tasked with upholding their infrastructure’s integrity, offering reliable cloud service uptime. Meanwhile, your organisation must ensure it has full access and control over its data, an obligation that remains regardless of the decision to use a cloud-based service.
- Technological Support: Microsoft 365’s data replication offers a level of redundancy, but this doesn’t equate to a true backup. Remember, the replication services are designed by Microsoft, for Microsoft’s convenience, and might not align with your recovery needs.
- Security Measures: Security within Microsoft 365 is a collaborative effort, with Microsoft securing the service infrastructure and users responsible for their data security. This emphasises the importance of a comprehensive approach to protect against a myriad of threats.
- Regulatory Compliance: Although Microsoft adheres to strict privacy standards and holds various certifications, the organisation using the service still retains the role of data custodian, complete with the responsibility to comply with legal and industry-specific regulations.
Implications of Ignoring Shared Responsibilities
Dependence on Microsoft for all aspects of data recovery, especially in scenarios like data deletion or security breaches, is risky. Microsoft’s built-in safeguards, such as recycle bins and retention policies, are meant for short-term fixes and may not suffice for comprehensive data recovery strategies.
Statistics reveal a troubling trend: a significant portion of businesses experience data loss or corruption within their SaaS applications, including Microsoft 365. The reality is stark – recovering 100% of data without a dedicated backup solution is often unattainable.
The Solution
Opting to backup Microsoft 365 data with a third party solution such as Acronis safeguards against data loss and cyber threats. Cobweb’s alignment with Acronis for its backup solutions reflects a commitment to delivering advanced, secure, and dependable data protection services, enabling businesses to operate confidently in the knowledge that their cloud data is comprehensively secured.
M365 Backup Webinar
If you’d like to learn more about M365 and backup, we’re hosting a virtual roundtable on the 2nd May with Microsoft MVP Andy Malone and Acronis experts. To sign up, please click here.
Recent Comments