Office 365 | Back it up!
Simple, sustainable investment
Many businesses today are taking advantage of the flexibility that Microsoft Office 365 (o365) has to offer. The solution caters for businesses of all sizes, from the SME which requires the standard productivity suite, email and calendaring, through to the Enterprise community with a need for fully integrated collaboration and security suites [and a lot in-between!]. The monthly subscription-based approach makes good long term commercial and strategic sense: –
- It provides a predictable level of expenditure which assists cashflow, allowing the business to increase & decrease user subscriptions in line with the business as it changes;
- Works across many platforms – windows / mac | ios / android;
- Subscribers receive full access to the very latest version of every element of the o365 product suite which comes as a part of their price plan, and access to the latest / new productivity features as and when they are introduced.
Does one size fit all?
I regularly find myself in discussion with business owners who are seeking guidance around when to move to o365 and which features to adopt – however, one size does not fit all!
To gain maximum benefit from o365, each business should identify the relationships between users, devices, applications and data stores. They should then assess the various tools and products available from o365 in order to determine what to implement and what to ignore [until the time is right]. One of the common mistakes made by new adopters is to take on too much change and not truly achieve the intended outcome.
As a minimum, most business will utilise the o365 cloud mail solution ‘Exchange Online’; with good planning, most business can migrate fairly easily from their existing mail solution over into o365, gaining a reliable platform for email hosting, calendaring and contacts management across most devices and platforms. Once migrated, the business can enjoy a reduced overhead of managing some of the critical IT business services internally. This is the first step towards utilising ‘hybrid’ IT infrastructure, where some of the IT services are in the cloud, whereas others [such as finance, CRM etc.] may remain on-premise. From there, the business can start to test and adopt some of the wider features that o365 has to offer…
So what other features are available?
Office 365 caters for many types of organisations and therefore a variety of different price plans are available, offering access to the following: –
- Exchange Online (mail, calendar, contacts…)
- Standard office applications (Word, Excel, PowerPoint, Outlook, OneNote, Publisher…)
- Data Storage (OneDrive, SharePoint)
- Skype for business (instant messaging, audio conferencing, video conferencing, screen sharing…)
- Collaboration & work stream tools (Teams, Planner, StaffHub, Sway)
- Corporate social networking (Yammer)
- Voice & conferencing services (SfB with integrated PBX / voice)
- Advanced business tools (Dynamics 365, PowerApps)
- Advanced Security (Threat protection, Two-factor-authentication)
- All with the Security & Compliance adherence you would expect from Microsoft
Further 3rd party plug-ins can be purchased to enhance your business such as Power BI (Business Intelligence).
What are my data storage options with o365?
Office 365 offers businesses two immediate options for storage, OneDrive for business and SharePoint; each of these are available within most of the subscription plans.
OneDrive is designed for individual use where folders and files can be stored, offering a capacity of up to 1TB per user. The user can then decide to give access via shares to other Microsoft users.
SharePoint is primarily the business store of choice acting as a potential intranet, extranet, folder and file sharing system. Multiple SharePoint sites can be created to meet the needs of your business. The key advantage with SharePoint over OneDrive is that permissions to folders and files can be controlled to o365 user and group level. In this respect the structure can be controlled in the same way as your on-premise file server, creating such folders for Sales, Accounts, Engineering teams, and subfolder level rights for individuals. SharePoint is a good starting option for low to medium volumes of data storage – there are some limitations to consider for businesses with advanced storage needs; such business will require more in-depth analysis in order to ensure the appropriate infrastructure & storage solution is proposed.
OneDrive and SharePoint can be accessed via the o365 portal or synchronised with your client device for ease of access and for offline use. If you do opt to sync your data with some of your user devices, you should review your security strategies and policies, thus putting appropriate data protection measures in place.
Is my data safe…
Fundamentally Office 365 is a security hardened Software-as-a-service (SaaS) solution, bringing together the known office applications that we have been familiar with on our desktop for years, and integrating them with new collaboration features and tools.
The first security recommendation that I have is to implement a complex password policy for all users of the platform. I know it sounds obvious but so many cloud based users appear to under-value this basic rule.
As the vendor hosting the o365 platform [and therefore providing the entire SaaS solution], Microsoft have the responsibility to maintain enterprise-class data security levels and therefore aid in preventing exploitation and data loss. They have a dedicated team who are responsible for trying to identify any vulnerabilities and hack the system. To counter that, they have a 2nd team who are constantly looking to identify and resolve any exploitations – both teams initially work against each other prior to joining forces to make the system even more secure.
However, there are some limitations – Microsoft’s own contractual structure prevents them from accessing their customers’ own data, thus protecting client confidentiality and to not impact service availability. Backup of data also has some limitations which I shall cover shortly.
Can I store Sensitive Data in o365 & is it safe?
If your business is dealing with sensitive data, or you simply wish to comply with best practice or industry regulations, you may wish to consider implementing data loss prevention policies (DLP) which is a part of the Security & Compliance Center within o365. With this feature you can identify, monitor, and automatically protect sensitive information across o365. For example, you can help prevent sensitive information such as credit card numbers, personal details, or health or financial records from inadvertently leaking outside your organisation.
Is my o365 data Backed Up?
Yes, but with limitations, and not to the extent which most businesses assume you should carefully appraise these limitations, and your business needs, then consider putting more comprehensive backup measures in place [we have a perfect solution to this, keep reading…].
o365 has an in-built recycle bin where it places the data that you have knowing deleted. This data is retained for only 30 days before it is permanently deleted. Additionally, Microsoft perform backups of your entire data store every 12 hours and retain that data capture for only 14 days. Many businesses require much longer data retention periods than 14 or 30 days – this can be as a result of your contractual liabilities with your customers, a specific regulation, or just to follow best practice. If this applies to you, you’ll need an additional backup solution for your o365 data.
Microsoft make it clear that they are not responsible for your data loss through user deletion, whether accidental or malicious, or from malware damage and ransomware attack. Therefore, we strongly recommend that a secondary [more specific] backup strategy is used, to copy out your data to an entirely separate location – this separation helps greatly when mitigating against viruses, malware and ransomware attacks [as your secondary backup store is not always ‘connected’ to your primary data store]. For more information on who is responsible for what, take a look at an explanations from Microsoft on their shared responsibility model.
An o365 backup solution…
My recommendation is to integrate a cloud-based backup solution such as Datto SaaS protection for O365. This solution will not only snapshot [backup] your data stores in OneDrive and SharePoint, but also all of your Exchange Online mailboxes including calendars and contacts. It performs the backups at regular periods, to an alternative cloud location [outside of o365], and maintains retention versions over much longer periods of time. It also has uncapped / unlimited capacity for a very modest annual subscription of less than £30 per o365 user [available through Datto resellers such as us]. This is, in our opinion, currently the most flexible [and great value] solution available.
Another option would be to implement an on-premise NAS that has scheduled snapshotting of the OneDrive and SharePoint store. This is also a good choice and will be more appropriate for some businesses, although you need to consider other potential limitations such bandwidth into your premises, the dilemma of bringing back your secure cloud strategy to on-premise, and the time it will take to restore large volumes of data. You may also find that the permissions structure is lost – it all depends on your needs, and your appetite to risk [of data loss].
If you wish to talk more about o365 and your data backup options, contact any of the 5u team – firstname.lastname@example.org | 03300 53 59 55
(Written by Rich Penney)