Protecting your data against file corruption , data loss, and malicious intent is a top priority for Microsoft, and an integral part of the Office 365 service. Our approach to data protection goes beyond high availability and disaster recovery scenarios. Resiliency and recoverability are built into the service.
Even if a traditional backup solution provides recovery options to address file corruption, deletion, and malicious attacks, it won’t necessarily help you recover quickly from such incidents. Research shows that it can take months to detect the presence of an attacker an organization’s network. Given this, a backup and restore solution could be a potential area of attack, and could further broaden the scope of attack into your disaster recovery environment. Additionally, all backup data would need to be throuroughly cleansed before it could be leveraged as a viable restore option. Gartner predicts that by 2020, 30% of organizations targeted by major cyberattacks will spend more than two months cleansing backup systems and data, resulting in delayed recoveries.[i]
With this in mind, Office 365 has moved beyond the backup and restore solutions that were first established in on-premises environments. Microsoft invests deeply in providing a holistic in-place solution that both keeps multiple copies of your data across multiple locations, and enables you to develop upfront policies for prevention and detection. These policies can be enforced manually and automatically at multiple levels of granularity, including via intelligent location-based classification, patterns, or sensitive types of content.
In addition to the inherent versioning and recycling capabilities provided by applications like Exchange, SharePoint, and OneDrive, Office 365 provides comprehensive solutions to help keep your data safe from both human error as well as malicious attacks:
- Data Loss Prevention helps customers to identify, monitor and protect sensitive data through deep content analysis.
- Exchange Online Protection provides robust email protection against spam, known viruses and malware.
- Advanced Threat Protection extends Exchange Online Protection by safeguarding your Office 365 environment (email, Word, Excel, Powerpoint, SharePoint, OneDrive, and Teams) from today’s most sophisticated unknown threats leveraging behavioral analysis and machine learning techniques to mitigate malicious content. ATP also provides real time, time-of-click protection against malicious URLs, and rich reporting and tracking capabilities, so you can gain critical insights into who is being targeted in your organization and the category, volume, and frequency of attacks you are facing.
- Threat Intelligence provides interactive tools to analyze prevalence and severity of threats in near real-time, real-time and customizable threat alert notifications, and remediation capabilities for suspicious content.
- Auditing helps monitor and investigate actions taken on your data, intelligently identify risks, contain and respond to threats, and protect valuable intellectual property.
- Advanced Data Governance provides smart policy recommendations and automatic data classifications that allow you to take actions on data- such as retention and deletion -throughout its lifecycle. Built-in and custom alerts help you identify data governance risks like unusual volumes of file deletion.
The multiple built-in security capabilities of Office 365 in combination with the above services and controls help ensure your data is protected in-place and incidents like file corruption, deletion, and malicious intent are minimized at all times.
More information:
- Data Protection on the Microsoft Trust Center
- Data Resiliency in Microsoft Office 365
- Overview of retention policies
[i] From Gartner Foundational Research: Prepare for and Respond to a Business Disruption After an Aggressive Cyberattack, ID: G00275607
and learn about best practices directly from the product teams.