- Split-brain DNS deployment using Windows Server DNS policy - Wed, Nov 30 2022
- Veeam Backup for Microsoft 365—Why you need to back up your M365 data - Tue, Nov 15 2022
- Cloud-based patch management with Action1 - Tue, Nov 8 2022
Unquestionably, we live in an exciting world of Software-as-a-Service solutions that have been game changers for hybrid and remote collaboration, connectivity, communication, and business productivity. Microsoft 365, including Microsoft Teams, has seen explosive growth. However, as businesses quickly pivot to using cloud SaaS, including Microsoft 365, they must protect their critical data, even in the cloud. Let's consider why Microsoft 365 backups are essential and see how the newest version of Veeam Backup for Microsoft 365 v6 helps businesses achieve M365 data protection goals.
Are backups for Microsoft 365 needed? ^
There is a question that is the proverbial "elephant in the room." Are backups for Microsoft 365 needed? There is a misconception that many people have regarding cloud SaaS environments. Many have assumed that once you move your data and services to cloud SaaS environments like Microsoft 365, data is automatically protected from ANY disaster, corruption, deletion, or general data loss event. Why this assumption?
Cloud SaaS services like Microsoft 365 are built on top of world-class data centers with resiliency ratings that are arguably impossible to achieve by building out your own private data center. In addition, the resiliency and availability of hyperscale data centers from the likes of Microsoft have led some to believe that they no longer need to worry about backing up their data.
However, the need for backups becomes evident when we consider the "shared responsibility model" that Microsoft and most cloud providers follow.
Shared responsibility model ^
Cloud providers, including Microsoft, follow what is known as the "shared responsibility model." Amazon, Google, and Microsoft have their own versions of this responsibility model, which provides the basis for understanding the need for proper enterprise backups for your cloud SaaS data.
Microsoft provides clear direction on the burden of responsibility for protecting data. The following link, entitled "Shared responsibility in the cloud," defines the division of responsibility between your organization and Microsoft across the different tiers of cloud services.
In the following infographic, Microsoft defines the burden of responsibilities between SaaS, PaaS, IaaS, and on-premises environments. The first item listed under Responsibility is Information and data. It indicates that your information and data are your responsibility, not Microsoft's.
As expected, for SaaS environments, Microsoft is responsible for the underlying applications, network controls, operating systems, physical hosts, networks, and the physical data center. As a result, the information in the shared responsibility model should be an eye-opener for business leaders, including CIOs, CISOs, and IT admins.
In light of the 3-2-1 backup model, a long-held industry best practice model for data backups, getting copies of your data "out" of your production environment is critical. The 3-2-1 model dictates that you have (3) copies of your data stored on at least (2) forms of media, with at least (1) copy stored offsite.
Regardless of the resiliency and uptime of cloud SaaS environments, having this standalone copy of your data stored outside Microsoft 365 is essential to best practice methodologies.
Compliance and legal requirements ^
In addition, many compliance frameworks require organizations to protect critical data with enterprise-grade backups. While cloud SaaS environments, such as Microsoft 365, have eDiscovery features, these are not as robust as purpose-built backup solutions that provide searchable backups, complete control over the data, and the ability to search data offline and outside the cloud SaaS environment.
Cloud data is susceptible to the same dangers as on-premises data ^
After considering the shared responsibility model detailed by Microsoft for their cloud SaaS services, it is clear that organizations are responsible for protecting their data. But is it still necessary to protect your data in the cloud, even if it is your responsibility?
When you consider the data loss culprits in cloud environments, it is evident that cloud data contained in Microsoft 365 is susceptible to many of the same dangers as on-premises data. What are they?
- End user mistakes—An age-old problem is users accidentally deleting data or overwriting data accidentally. Admins can also make mistakes, deleting the wrong users and their data.
- Insider security threats—Malicious or disgruntled employees can maliciously delete critical data. They may also try to delete file versions contained in the cloud.
- Ransomware and malicious third-party apps—Ransomware and malicious third-party apps are becoming more common, with attackers using phishing emails and OAuth to gain access to corporate data.
- Land-locked data—Businesses may be afraid to disable or delete legacy user accounts that have imported data tied to them.
- Retention and policy gaps—Microsoft 365 data may be assumed to be protected or under a specific retention policy. However, using built-in cloud tools, this information can be unclear and a challenge to manage.
New features in Veeam Backup for Microsoft 365 v6a ^
Veeam is undoubtedly a leader in the enterprise backup space, and its Veeam Backup for Microsoft 365 solution has been steadily maturing and adding new features. The solution protects Microsoft 365 customer data across several services, including Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams.
In addition, Veeam has engineered the solution so that customers have a wide range of data storage possibilities for backup data. These include Amazon S3, Azure Blob, IBM Cloud, and S3-compatible providers.
The latest release, Veeam Backup for Microsoft 365 v6a, adds two major new features that will help extend the features and capabilities of Microsoft 365 backup and recovery for customers:
- Self-service restore portal
- Backup copy to low-cost object storage
Self-service restore portal
With the Veeam Backup for Microsoft 365 v6a release, Veeam has added a new self-service restore portal. This portal provides a centralized location where administrators can define the permissions needed for restoring items without the need to provide direct access to the backup infrastructure.
Backup copy to low-cost object storage
With Veeam Backup for Microsoft 365 v6a, Veeam has added a new feature for backup copies. Now, you can target low-cost object storage, including Amazon S3 Glacier, Glacier Deep Archive, and Azure Archive, for backup copy jobs. In addition, with the new feature, you can copy data directly from existing object storage in AWS S3, Azure Blob, IBM Cloud, Wasabi, and other S3-compatible providers to lower-cost, long-term object storage with different retention periods.
New ISO installer and component installation
Veeam Backup for Microsoft 365 is easy to install and configure. Veeam has provided the latest release as a new ISO installer that admins can mount and choose the components they want to install.
Veeam also provides the Veeam Backup for Microsoft 365 solution as a Community Edition that can protect 10 users for free. The solution becomes the Community Edition if users choose not to install a license. Additionally, admins can choose between Microsoft 365, Hybrid, or On-premises for the deployment type, defining which services they want to protect.
Wrapping up and impressions ^
Businesses have accelerated their migrations to cloud infrastructure, including cloud SaaS environments. As a result, this fundamental shift in how organizations empower employees means that companies must rethink how they protect their data. Despite the resiliency and availability of cloud SaaS environments, the shared responsibility model means that your data is ultimately your responsibility.
Subscribe to 4sysops newsletter!
The latest version of Veeam Backup for Microsoft 365 has two new features that will help organizations protect and recover critical data in Microsoft 365. First, the new self-service restore portal empowers users with restore capabilities without giving direct access to the backup infrastructure. Finally, the new backup copies to low-cost archival storage will be an excellent option for businesses to create tiered archives of their critical data.