Anyone using third party cloud to cloud backup software that requires M365 global admin rights to backup all users data from Exchange, One Drive, Sharepoint, and Teams? Is Microsoft working on a "backup only role" that would eliminate the need to provide third party backup vendors the global admin user role for backup? Or is there a way to configure a user role that would protect MS tenant data from nefarious actions initiated by the third-party backup vendor? My thoughts are a user role that has read-only rights for backup purposes only vs global admin rights to the tenant. Thanks in advance for any insight on Microsoft 365 tenant cloud to cloud backup.
AFAIK, Microsoft is not going to provide such role...by the way, if a Backup vendor is telling you there is a requirement of having service accounts to make backups in Microsoft 365, then you should consider to talk to another vendors that use Microsoft 365 APIs + OAuth to use those APIs