Especially now when remote working has become the new norm of working, business transactions and communication are becoming increasingly prominent on online platforms. Out of all available platforms, the one that stands a head above the rest would without a doubt, be Microsoft Office 365, thus the need to protect Office 365 data.
With the emergence of Microsoft Office 365 in the digital market, it has since revolutionised the concept of working and running a business—allowing for more flexibility, no longer needing to set up VPNs and remote connections in order to access your data when you need it. Due to the mobility offered, this platform is viable for remote working, providing access to work from anywhere and also between devices.
Even with how appealing Office 365 seems, it does come with a weakness, which is the safety of your data. The ease of access to your data is akin to a double-edged sword; this convenience often accompanied with the risk of your information being exposed to endpoints and threats.
Contrary to common misconception, the threats are not only limited to external cyber-attacks such as ransomware but are also caused by misguided users updating the wrong section of a shared resource or deleting the data by accident or on purpose. This shows how susceptible your data is to harm. Due to this, protecting remote Office 365 user data is a critical issue to consider.
Why the Need to Protect Remote Office 365 Data?
With how the concept of Office 365 revolves around the idea increasing access points to your data, you might be wondering shouldn’t Office 365 already have security protocols to protect your data? The answer to this is that it’s not that they do not have any security protocols, but it’s that there are too many types of attacks to counter. If you are someone who often makes use of public WiFi, just the act of connecting to the public internet connection already makes your device vulnerable to cyber-attacks, as it is a notorious breeding ground for attackers.
As for those of you who are working from home and are making use of a home router, you are not entirely safe from a threat either—many routers are not hooked up with a physical firewall and are often configured with less-than-optimal security settings. Aside from that, your home WiFi may even be sending out your network information using the hashtag algorithm that was cracked three years ago, making it easy for any third parties to get a hold of your data. The worst part is, this is merely a few out of the many threats your data can be exposed to, which is why using remote Office 365 may put your data at risk.
What Microsoft Office 365 Does and Doesn’t Protect Against
To put it simply, Office 365 protects the hardware the data sits on but not the data itself and works around the Shared Responsibility Model, which details that the responsibility is shared between both Office 365, as well as the user. Below is an outlook of what Office 365 is and isn’t responsible for:
- Responsibility always retained by user: Information and data, devices, accounts and identities.
- Responsibility varies by service type: Identity and directory infrastructure, applications, network controls, operating system.
- Responsibility transfers to cloud provider: Physical hosts, physical network, physical datacentre
In short, you are responsible for not only the accounts and devices connecting to the service but the data you are storing on the service. Hence, Microsoft is not responsible for providing an archived copy of your pre-attack data if your data were ever to be damaged by a virus of any sort. Decisive acts regarding when, and how to save your data is your call to make. Even in terms of email retention policies, Office 365 only retains emails for a maximum of 93 days after deletion. This limited retainment period means that you cannot restore any emails that you have accidentally deleted if it has gone past the retention period.
What Remote Office 365 User Data Should You Protect?
- Exchange Online: this application offers flexibility in accessing your emails, enabling you to access them from not only Outlook on your computer, but also on your phone or any web browser.
- SharePoint Online: this application is a documents manager which allows multiple users to connect and collaborate on a document—providing seamless business interactions.
- OneDrive for Business: an application which allows you to access your files from a web interface, and also map those files as a local drive for quick access and upload.
- Microsoft Teams: a prominent virtual meeting platform which allows users to communicate instantly, share files, and orchestrate meetings with both internal and external users.
As these services and application play a vital role in the shift of work environment to home and remote environments, backing up the data in these platforms would be a necessary security measure to take to ensure that your data is not under threat.
How to Protect Remote Office 365 User Data?
With all that’s said, it does not mean that you shouldn’t use Microsoft Office 365 at all. Having so many convenient services and applications in its arsenal, it would be such a waste not to make use of Office 365. Therefore, instead of avoiding the use of Office 365, you should focus on educating users of the potential risks and threats of losing Office 365 data. For starters, ensure that your security patches and devices are up to date, and to use a VPN whenever necessary (especially when using a public WiFi). Last but not least, practise backup of your Office 365 data.
From what we have discussed above regarding the responsibility of Office 365, it is clear that Office 365 is designed to be a cloud-based productivity suite—not a data backup and recovery solution. Therefore, on top of educating Office 365 users, it would be wise to back up your Office 365 data in an external cloud or platform as insurance, so that you can still retrieve your data when it is damaged or corrupted in the Office 365 storage.
Although the Microsoft Services Agreement covering all Office 365 products runs more than a staggering 15,000 words, the issue of backup is only discussed in about three instances—all of which suggest setting up your own data backup solution with a third-party provider. If you have no idea which third-party provider to seek out, you could engage the services of Aegis, a pioneer Cloud Disaster Recovery service provider in Malaysia. Offering various cloud products, we believe that Cloud Office 365 Backup (COB) would be of significant use in ensuring the safety of your Office 365 data. Below is a short overview of what Cloud Office 365 Backup (COB) provides:
- A backup service specifically catered to backup and restore Microsoft 365 data, which includes Microsoft Exchange, Microsoft SharePoint, and Microsoft OneDrive from Office 365 cloud to Aegis cloud.
- Peace of mind knowing that you have a backup outside of Microsoft.
- Convenience of easily finding and restoring as many files as you need, or even restore an entire user’s data or folder to a point in time.
For more information on Aegis’ products, check out our industry-leading cloud solutions.