While Microsoft 365 offers best-in-class Office applications and intelligent cloud services with cloud storage for users, what protection does your data have in the event of accidental or malicious deletion?
Microsoft’s Data Handling Standard policy specifies how long customers Microsoft 365 data is retained after deletion. This not only includes data from Microsoft 365 applications including Word, Excel, PowerPoint, Outlook, OneNote, SharePoint and Teams but also passwords, certificates, encryption keys and storage keys.
In the event of accidental or malicious deletion, data is only retained for a maximum of 30 days
You might be surprised to learn that in the event of this data (or user account) being deleted the data is only retained for a maximum period of 30 days. According to Microsoft there are generally two scenarios in which customer data is deleted:
- Active Deletion: This is when a user or administrator deletes data or an administrator deletes a user (along with all the data)
- Passive Deletion: When the tenant paid subscription ends
If a paid subscription ends or is terminated, Microsoft retains customer data stored in Microsoft 365 for 90 days. After the 90-day retention period ends, Microsoft disables the account and deletes all customer data, rendering it commercially unrecoverable.
Relying on only one copy of data is an extremely risky strategy. Vital data can be lost due to external threats such as ransom attacks. In situations of Active Deletion, it can also be lost due to deliberate or accidental deletion by users. In this case, unless an IT administrator realises the significance of a deleted folder or file within 30 days, it would be permanently deleted.
With the rise of home and remote working, organisations must ensure all data is secure and protected
With the rise of home and remote working data is at greater risk of loss either due to insufficient backup, loss or theft of a device or lack of security and threat protection from firewalls when working outside of an organisation’s security platform.
Loss of important data can have severe negative consequences for business continuity, productivity and adherence with regulatory compliance. As a safeguard, it is essential to keep multiple copies of critical data that can be restored from a recent recovery time in the event of unwanted deletion.
How can organisations protect their Microsoft 365 data?
Microsoft 365 don’t provide additional backup layers of protection. Therefore, it is recommended to implement a third-party backup solution. Ensuring data is protected, secure and available for recovery.
Our M365 Protection solution provides an additional layer of data protection compared to the native availability provisions provided by Microsoft. Organisations are able to recover data from across the M365 suite into a cloud-based backup environment.
The service helps organisations maintain business continuity and safeguard against accidental or deliberate data loss. Protecting data across the entire Microsoft 365 portfolio in a cloud storage target of their choice.
The solution provides protection for data that would otherwise not be backed up in Exchange Online, OneDrive for Business, SharePoint, and Teams. Providing simple, flexible and scalable managed backup perfectly designed for Microsoft 365 backup and recovery.
Integrating directly with the Microsoft Office 365 tenant, M365 Protection provides flexibility on the choice of storage targets and the capability to perform full or granular restores of protected data. Using this approach, the service delivers a comprehensive and secure backup and recovery solution for an organisation’s critical M365 data.
PAV IT Services provide customers with a full range of backup and disaster recovery solutions giving businesses the peace of mind that expert help is on-hand from our fully trained professionals when it’s needed the most.
Contact us to find out more or visit our Microsoft page from further details.