Why do I need to back up Office 365 mailboxes, Teams chats, and files in OneDrive and SharePoint?

O365 does not provide a way for Exchange Online customers to take backups. This means that if an employee accidently provides a malicious user with access to their account, ransomware can infect their O365 email. Only a recent backup would be able to restore the content to safe state.

This is a major challenge for organizations. While Office 365 makes it possible to recover individual messages that have been deleted from a mailbox for a length of time, or restore an accidently deleted mailbox back at the time of deletion, offering recovery via a backup to a given point in time is not possible. Here is Microsoft's official position:

Microsoft again notes that they provide service availability and always ensure that you can access your mailbox and the single copy of your current data, but they do not back up the data itself. This has some very grave implications, especially if ransomware encrypts a user's Exchange Online mailbox. In the video below, security expert Kevin Mitnick uses tools available on the net today to easily encrypt an Office 365 mailbox in a simulated ransomware attack.

As you can see the process is quick and seamless, with the hack looking somewhat harmless to the novice user. The mailbox is encrypted and the only way to get it back without paying the ransom is to restore it to a previous point in time. This is a great example of why third-party backup solutions like 365 Total Backup (formerly Altaro Office 365 Backup) (also available for managed service providers, or MSPs) are critical for organizations of all sizes.

Keep in mind that this applies not just to O365 mailboxes and other email-related items, but also to Teams chats and files stored in OneDrive and SharePoint – core repositories that hold precious company data.

Another scenario which O365's native tools cannot help with is deliberate deletion. What if a bad actor gained access to your Office 365 admin portal and quickly ran a script deleting everything? With the various tools provided by Microsoft, recovering in this situation would be very difficult and time-consuming. A third-party backup application which uses a centralized management console would help immensely in this situation. This will save your data and your organization valuable hours of recovery time.

Many O365 customers have to manage staff under different O365 organizations. In the past, admins would have to log into each organization separately to configure any type of retention services. Whether your company is merging new business units or you have outsourced O365 management, you can now centrally manage backups across multiple organizations using 365 Total Backup (formerly Altaro Office 365 Backup).

Altaro also provides a version for Managed Service Providers (MSPs), enabling MSPs to run and manage backups for all their customers through one central multitenant console. This includes backing up all mailboxes, emails, attachments, calendars, contacts, Teams chats, and files stored in OneDrive and SharePoint across all tenants. MSPs can also use the same multitenant console to manage and monitor their customers' endpoint backups. This simplifies administration and reporting while saving time and reducing costs.

All the built-in O365 tools that we've been talking about, while effective, are only available in the Enterprise E3+ versions of O365, and even then certain tools may only be present in certain tiers.

If you're using a different version than what is listed there, the data protection capabilities of Office 365 are even more restricted. 365 Total Backup (formerly Altaro Office 365 Backup) works with a wider range of Office 365 subscription types as shown from this excerpt from the product FAQ shown below.

While not as troublesome to admins as having no point-in-time recovery for Exchange Online, this could still be an issue for many organizations. With OneDrive for Business and SharePoint Online you are able to do point-in-time recoveries, but only within the last 30 days. If you need point-in-time restoration capabilities beyond 30 days, you'll need a 3rd party backup application for Office 365. Many organizations store critical data inside of OneDrive and SharePoint, so point-in-time capabilities being limited to just 30 days is often a deal-breaker.

With a solution like 365 Total Backup (formerly Altaro Office 365 Backup), all of the administration is automated. Microsoft 365 backups are automatically taken up to four times a day and stored in the cloud. Unlimited cloud storage of M365 backups is included in the license.

For those working in regulated industries with strict data retention policies, you should invest in a robust O365 backup solution.

It's no secret that there have been Office 365 outages in the past. O365 provides an impressive amount of uptime and a great SLA to go along with it, but almost every cloud service will face some downtime. These outages could last from seconds to several days.

Some organizations can get by without access to their O365 data, but to many businesses that continual access is critical. Using 365 Total Backup (formerly Altaro Office 365 Backup), you will get business continuity and continued access to your data in the event of a prolonged outage.

Altaro automatically performs M365 backups up to four times per day. To recover that data with 365 Total Backup (formerly Altaro Office 365 Backup) you can select the Exchange Online mailbox, Teams chat, SharePoint documents or OneDrive documents you want to restore and the recovery destination. If the O365 service is still unavailable, you can download a copy of the files to run them locally on a client's laptop until the service is restored.

Most of the data protection features in Office 365 do not provide the ability to recover that data outside of the original location. If that user account no longer exists or you want to send that data to a different mailbox, you are out of luck. A solution like 365 Total Backup (formerly Altaro Office 365 Backup) provides these additional options and gives your data recovery plan a little extra flexibility by allowing you to restore the data to different locations.

Since M365 backups are automatically taken more than once a day and retained indefinitely through your subscription, there will be many different recovery points to choose from. For example, you can restore an entire mailbox or just search and restore an individual message using item-level recovery (ILR). If you want to restore files or a mailbox to a local computer, you can even download the files as a ZIP or compressed PST file.

There is nothing worse than receiving your monthly O365 bill to discover that you are paying for unexpected storage charges. This can happen when too much data has been retained by Office 365 retention policy. Each O365 plan comes with a quota of storage. When an object in SharePoint online is deleted it goes into what's called the "Preservation Hold Library". The production data and the preservation hold library both count towards each tenant's storage quota. When you go over and above that number and need to purchase additional storage, you start to accrue an additional cost per month.

Depending on the size of the Preservation Hold Library and your O365 retention settings, it's likely that using a backup application will be more cost effective than paying extra storage fees. Each O365 subscription only provides 10 GB of storage for each user. 365 Total Backup (formerly Altaro Office 365 Backup) comes with unlimited M365 backups storage! Plus, you get many other benefits from using a backup solution which is designed for O365.

The built-in Office 365 data retention features will only support active users. If an employee leaves your organization, you need to keep paying for their O365 subscription to retain access to that data.

Using a 3rd party backup solution like 365 Total Backup (formerly Altaro Office 365 Backup), you to keep the users' data accessible and recoverable from the backup solution. If you want a copy to be automatically saved in the backup provider's cloud you will still need a backup license, but this is less than the cost of a O365 license. If you are a managed service provider (MSP), then you can pass these savings along to your tenants. It may not seem like a lot for each license, but over time that cost adds up.

If you are using O365, you have embraced the cloud-first technology world. Although we haven't seen a major data-loss event from any of the large cloud providers, the reality is that it can happen. When this eventually happens, you want to make sure you can recover your mailboxes, chats and documents. By using a third-party backup provider for your O365 data, your data gets stored in an isolated cloud storage account, so it is extremely unlikely to be affected by other cloud failures.