There are many misconceptions when it comes to important business data in the cloud. This is also true for Office 365. One of the most common misunderstandings is caused by confusing replication and backup. Replication ensures availability, but only backup ensures recoverability.
Here are some very optimistic and often heard user assessments:
"I don't have to back up my data in the cloud because my cloud provider takes care of that for me."
"If I need to recover something, I can call my cloud provider's helpdesk and they will take care of it immediately."
"My data is safer in the cloud than it is in our data center."
"Geo-replication is just as good as backup."
These are, as already mentioned, extremely hopeful assessments. Replication technologies such as those for Microsoft Office 365 are designed for availability. They are designed to maintain services in the event of a failure. Replication can keep applications and users online even when half the system is offline. But replication technologies have a built-in feature that allows an attacker to gain access to all other replicas after compromising just one single node. Only a true backup solution can protect against such an event - in fact, even if the backup infrastructure was part of the attack.
Data protection in Office 365 is the customer's responsibility
Surprisingly, even experienced IT professionals still believe that Microsoft is protecting their data in the cloud - as sysadmins and backup administrators used to do when the applications were still running locally. Such assumptions couldn't be more wrong. Microsoft is a leading specialist in productivity and business processes, intelligent cloud services and personal computing. But Microsoft is not specialized in backup & recovery. Data protection is not a strong point of Office 365 and the ‘Recycle Bin’ is not a backup strategy. In fact, Office 365 places the responsibility for data storage mostly in the hands of the end user.
According to Microsoft, data protection in Office 365 is a shared responsibility, whereby Microsoft performs the tasks typically performed on-site for disaster recovery. But ultimately, it' s always the customer's IT team that is responsible for data protection, and it's up to that IT team to decide how to migrate, protect, and recover data. After all, best practice data protection requires multiple off-system copies of your data.
Microsoft makes a clear statement when it comes to compliance responsibility: "Ensuring that data classification is performed correctly and that such a solution meets legal requirements is entirely the responsibility of the customer," the company states. Therefore, what is needed is a robust, proactive discovery tool to ensure data availability in every situation as well as a strategy that delivers predictable results and reasonable costs. This is where UMB and Commvault come in.
Commvault and UMB for Speed, Security and Compliance
The UMB Data Management team and our technology partner Commvault are data protection and data management experts. Commvault for Microsoft 365 and Office 365 provides policy-driven data protection and recovery options for Office 365 services such as Exchange Online, SharePoint Online, OneDrive for Business, Windows 10, Yammer, Skype and Project Online. It enables fast and efficient data migration from local Exchange mailboxes and SharePoint sites by archiving obsolete and non-critical data and ensuring proper regulatory compliance through comprehensive data collection and high-speed multi-type search capabilities in your Office 365 environment.
We can help you with Office 365 data protection, data migration and compliance. Please contact us.