Blog Post

Healthcare and Life Sciences Blog
3 MIN READ

Resiliency and Recoverability in Microsoft 365: What You Need to Know

MarkLitwin's avatar
MarkLitwin
Icon for Microsoft rankMicrosoft
Feb 24, 2023

When using cloud solutions, you need to be confident that your data is protected from risks like natural disasters, accidental deletion, and ransomware.  Microsoft 365 has what you need and more!  Organizations can configure Microsoft 365 to retain as much data as needed and restore it with ease if the need arises. All your data and information can easily be managed through its lifecycle, and even recovered, with the built-in tools available in Microsoft 365, without complex integrations or expensive 3rd party software. 

 

How does Microsoft protect my data?

Organizations often ask about Microsoft’s responsibilities for ensuring the data is protected from corruption and other types of failures. In general, Microsoft is responsible for an exhaustive list of controls and security measures, these cover items like physical access to the data center, preventing and mitigating data corruption, testing and validating business continuity plans. Appendix A in the Data Processing Addendum describes Microsoft’s obligations in detail. 

 

Microsoft 365 also has several commitments outlined in the Data Resiliency Principles.   

  • Local data center infrastructure is built to exceed 99.99% reliability. 
  • Data is spread across multiple active-active data center locations across multiple fault zones. 
  • Services are designed to automatically recover from corruption and other failures.  
  • Protection of data from accidental destruction, loss, alteration, and many other scenarios. 

Each workload in Microsoft 365 is designed with these resiliency principles in mind, for example, SharePoint and Exchange each replicates their data across active/active data center sites in near-real time. When an issue occurs, the systems are designed to automatically remediate the issue without the loss of any data or interruption to the service. Microsoft 365 also has built-in mechanisms to ensure data integrity and corruption which enable seamless recovery of anything in the event of a problem. 

 

These obligations are detailed in the Data Processing Addendum available on the Product Terms site and are audited and validated frequently by 3rd party auditors. The reports are always available to you in the Service Trust Portal.   

 

Self-Service Data Recovery 

Microsoft 365 is a highly configurable service where organizations have complete control of how long data is preserved in your environment, and when it is deleted. By default, content deleted from Exchange can be restored for 14 days, and SharePoint/OneDrive content for 93 days, these timelines can be extended as needed using Retention Policies.  Retention policies allow for granular control of the data inside a Microsoft 365 environment, they can be customized for various user groups with different requirements. Any data preserved with a Retention Policy can be restored whenever you decide to do so. 

 

Exchange 

When email is deleted, a user can often recover it themselves in Outlook or an administrator can use the recover deleted items feature to recover the item on behalf of the user. The recovery interface in the Exchange Admin Center provides an easy-to-use tool for the search and recovery of even the most complex user requests, support staff can easily restore multiple items on behalf of a user who accidentally deleted something, without the need for complex PowerShell commands or PST exports. 

 

SharePoint 

SharePoint items can often be recovered from the recycle bin of the site. More complex scenarios, such as mass deletions or ransomware, the library can be stored to a previous snapshot within the previous 30 days. The Files Restore feature is available from the settings menu  of the document library. A user or admin can simply pick a date from the restore menu and the library will be restored to a snapshot from then.  If these methods are not successful, SharePoint Online maintains a 14-day backup of content which can be used restore the state of a site if needed. 

 

Ransomware 

Microsoft 365 has many layers of protection from Ransomware.  A device running OneDrive that is configured with Windows Defender will automatically prompt the user and recover the appropriate files.  When paired with Known Folder Move, OneDrive will automatically back up the common file storage locations on their device to Microsoft 365, adding another layer of protection against threats. OneDrive and SharePoint can be recovered using a previous snapshot from the Files Restore feature, and the 14 day backup is always available if needed. 

 

 

 

Thanks for reading, and a special thanks to Graham for the proofread!  A summary of all the links and resources is below:

 

Mark Litwin LinkedIn

 

 

Resources: 

Data Processing Addendum

Built-in service resiliency in Microsoft 365 

Exchange Online Data Resiliency  

SharePoint and OneDrive data resiliency 

Restore deleted items from the site collection recycle bin 

Handling ransomware in Sharepoint Online 

How Microsoft employees are leveraging the cloud for file storage with OneDrive Folder Backup 

 

Updated Feb 24, 2023
Version 1.0
  • Thad_Nader10's avatar
    Thad_Nader10
    Copper Contributor

    Reading this information has taught me a lot about the importance of data protection in cloud solutions, specifically in Microsoft 365. I have learned that Microsoft 365 has built-in tools to manage data throughout its lifecycle and to recover data in case of any issues, without requiring complex integrations or expensive 3rd party software. Microsoft has several commitments outlined in the Data Resiliency Principles, and the Data Processing Addendum describes Microsoft's obligations in detail. Additionally, Microsoft 365 offers self-service data recovery through retention policies, allowing organizations to control how long data is preserved in their environment and when it is deleted.

    However, I still have some questions regarding the specifics of data protection in Microsoft 365. For example, how does Microsoft ensure physical access to the data center is limited? How are retention policies customized for different user groups? And how exactly do the Files Restore feature and 14-day backup work in the event of ransomware or other types of failures? Overall, I am interested in learning more about the security measures and protocols in place to protect data in Microsoft 365, and how these measures can be optimized for different types of organizations and user groups.

  • We have a couple resources on how to recover from a ransomware incident, check out the links below: 

    You can do a lot with retention policies, but in their basic form you simply select which users and sites to apply the specific settings.

     

    If you are a Microsoft 365 customer, you can view all the security information in the Trust Portal.