James Wong, Regional Director for Southeast Asia and Korea, BarracudaBlog

Is it time to rethink your Office 365 backup strategy?

By James Wong, Regional Director for Southeast Asia and Korea, Barracuda

COVID-19 has been one of the biggest catalysts for the digital transformation we have seen in the last few decades. Almost overnight, as new social distancing restrictions were introduced by governments around the world to mitigate its spread, remote working became the norm, and companies across Asia-Pacific (APAC) and the globe accelerated their digital transformation plans in a bid to continue to function and serve their clients.

Unsurprisingly, this also worked to accelerate cloud migration, as businesses across the region and the world looked to digitize workflows and improve employee productivity, increasing demand for software-as-a-service (SaaS) platforms like Microsoft Office 365, which reported 20% growth for its commercial suite in 2020 compared to the previous year.

Office 365 is now a lifeline for businesses, from remote meetings conducted via Teams, to increased reliance on Exchange, OneDrive, and SharePoint, plus all the key Office apps which allow businesses to function and collaborate online. It has also meant a huge increase in the sheer amount of data being stored in the cloud.

Barracuda study finds ITDMs raise concern over protecting Office 365 data

New research reveals companies in APAC struggle with bad bots, supply chain attacks

The kicker however is the fact that despite these trends, backup strategies for Office 365 have not evolved with the times, often being held back by on-premise mindsets of legacy IT infrastructures.

Are you falling behind when it comes to Office 365 backup?

Ultimately, old-style IT thinking creates unnecessary cost and complexity for your Office 365 backup. Many on-premises backup vendors that support Office 365 do not provide their own cloud-to-cloud backup service and require the customer to sign up and use a public cloud such as Microsoft Azure or Amazon AWS. This still requires the customer to build and pay for their own backup infrastructure, install the backup software, support, and test it all, and manage storage capacity planning and cost.

Put simply, that’s a lot of overhead and really doesn’t make sense from a total-cost-of-ownership point of view. It’s an approach that means you’re not getting the full utility and benefits of the cloud and could also mean you are more exposed to risk — being completely reliant on Office 365’s limited data protection capabilities.

What are the concerns?

The issues are many, for example, if you want to restore OneDrive data, Microsoft won’t necessarily recover all folder structures, and if versioning is switched off or someone empties the recycle bin, critical files may be unrecoverable or not recovered back to the original location. Also, when a person leaves a company and their Office 365 account is deactivated, Microsoft automatically deletes all their data after 30 days, which is something that could catch you off guard if you’re not expecting it. In fact, even Microsoft itself recommends in its own Office 365 terms and conditions that organizations use a third-party backup application.

In addition to this, our recent report “The State of Office 365 Backup,” which surveyed more than 1800 IT decision-makers in the United States, Europe, Middle East, and Africa (EMEA), and Asia Pacific (APAC), reveals that these issues, along with protecting Office 365 data from cyber threats, are real challenges that are keeping IT decision-makers in APAC up at night.

According to the report, most APAC respondents (73%) reported concerns that their Office 365 data could be the target of a ransomware attack, with 58% admitting they have already suffered at least one attack since moving to remote working. The report shows that despite their concerns, a huge 70% of businesses in APAC are still reliant on Office 365’s data protection capabilities to defend against threats and losses.

What’s the answer?

For organizations to be confident that their Office 365 backup strategy will not allow any important data to fall through the cracks, it’s important to implement a solution that can provide additional safety nets.

Go granular
Office 365 does not provide the ability for granular restoration of individual files. Instead, entire directories need to be restored which can lead to duplications and problems with different versions of files. Having complete, granular protection of your Exchange, OneDrive, SharePoint, and Teams data with point-in-time retrieval and both scheduled, and on-demand backup is crucial, while making sure your data is deduplicated and compressed to maximize storage efficiency and minimize the backup window, can help you rest easy.

Location, location, location!
As well as adhering to corporate policies, organizations need to be confident they are also meeting regulatory requirements for data protection and storage. This theme featured prominently in our report, with 69% of APAC leaders indicating concerns about data being backed up outside of their geography, and 7 in 10 IT heads in APAC expressing concern about complying with data privacy requirements. To avoid headaches down the line, it’s therefore crucial to make sure that any backup service you implement will allow you to store your data in a specific country to meet local data laws.

Keep it in the cloud
When asked about their preferred methods of overcoming these data concerns, 75% of APAC respondents indicated they would prefer a cloud-based solution. This is unsurprising as the fact is, by moving to a fully managed SaaS cloud-to-cloud backup service for all your Office 365 data, there’s no software or hardware for you to manage or update, making your job easier, while enhancing your peace of mind that your data is safe and protected. This approach can also remove the need for multiple linked services and complex licensing. Of those surveyed, 80% indicated they would like a cloud service that allowed them to begin running backups as soon as they had signed a contract.

To conclude, given our increasing reliance on software-as-a-service platforms like Office 365, plus increasing cyber threats and data compliance requirements in countries across the region and the world, it’s never been more important to implement a robust, cloud-based data protection solution to secure your data. As your company accelerates its digital transformation efforts, it’s up to IT teams to ensure they are not falling behind when it comes to securing mission-critical data in the cloud era.

Barracuda Networks, Inc. is a company providing security, networking, and storage products based on network appliances and cloud services.