Are third-party backups necessary with Microsoft 365?
It's an age old debate: are third party backups required for Microsoft 365 services? To answer the question, let's start by examining Microsoft's backup solutions.
Historically, backups have been necessary to protect data that resides on individual servers. If that server were to break or a disaster occured, valuable corporate information would be at risk. Today, data in the Microsoft 365 ecosystem generally resides on multiple servers spanned across two datacentres, and so hardware failures aren’t the problem they once were. Instead, more common causes of modern data restores are accidental data deletion by users, or malicious cyber attacks.
Restoring data in Microsoft 365
First, let’s consider what services are generally covered when we talk about restoring data in Microsoft 365. Exchange Online, SharePoint and OneDrive all provide some level of restore functionality, regardless of the licensing used.
- Exchange mailbox data removed from the deleted items folder can be restored by the user for 14 days by default, and that can be increased to 30 days
- Recycle bins in SharePoint Online and OneDrive retain deleted data for up to 93 days, and while this offers some degree of protection for a single file or email that is deleted, restoring several items can be tedious
- On Microsoft Teams, recovering chats, channels, and entire teams is possible, but almost always requires administrator support (and in most cases is only available for 30 days)
Are Microsoft's Retention Policies a good backup solution?
If you have E3 licensing or above, Retention Policies are a great way to indefinitely preserve data. Policies can be configured to protect Exchange, SharePoint, OneDrive and Teams for specific periods of time, and set user groups can be supported by different polices for custom requirements. Plus, if your organization has regulatory standards to adhere to, Retention Polices are a must.
Because Retention Policies are included in E3 licensing, they may be considered an effective alternative to implementing a third party backup solution at no added cost. However, Retention Policies require administrative procedures for data recovery using the eDiscovery tool, and data must be moved to a separate location prior to moving it back to the original source.
Why use third-party backups?
Third-party backups have benefits above and beyond Microsoft’s capabilities. First, storing a copy of your data in a non-Microsoft location provides a certain level of disaster prevention. If something catastrophic should happen in the Microsoft ecosystem, your data will survive. Depending on how these backups are created and stored, this can also give you protection from ransomware attacks, provided that the backups can’t be encrypted as well. Utilizing third party backups can also make restoring data much simpler as these products typically have administrative portals that focus on ease of restore. This can include restoring to alternate locations.
If your organization requires a separate, independent copy of data, the choice becomes clear. If ease of restore is the driving factor, you should consider the cost of the third-party product, both in licensing and operation costs versus the number of times you may have been asked to restore data in the past. Utilizing Microsoft’s retention policies and eDiscovery may be a little more work, but if your organization rarely gets user requests to restore data, it may be a feasible solution. As always, your decision should consider your organization's unique requirements.
Define your backup requirements
For guidance selecting a backup solution, talk with our experts about your organization's unique needs. Together, we'll determine the best solution to protect your valuable business information.