Taking Control of Data in Office 365 Environments

Shai Nuni, Vice President of Metallic EMEA at Commvault, warns that some companies may have taken their eye off the ball - and fallen victim to the perfect cybersecurity storm. 

With over 60 million SaaS-based app users, Office 365 underpins many hybrid working environments. Microsoft Office 365, with tools like Exchange, OneDrive, SharePoint, and Teams, connect people and data around the world – making information and communication available anywhere and anytime.

While the UK continued working in lockdown, these tools sustained our economy. They made sure that meetings happened, that colleagues stayed in touch, and they even helped new staff to onboard. All at a time when it was almost impossible to meet in the ‘real world’.

For all the positives, SaaS solutions and hybrid working can unwittingly give cybercriminals a back door key to corporate IT systems. It’s a door that might, in less uncertain times, have been quickly closed. However, the economy is still very much feeling the aftereffects of the pandemic and Brexit. So it’s easy to understand why some companies may have taken their eye off the ball – and fallen victim to the perfect cybersecurity storm.

So how many SaaS applications and their data are recoverable and protected, and who is responsible for overseeing the processes and strategies to ensure SaaS application continuity? When you frame these questions in these terms, it’s clear that organisations, regardless of size, need custom-built tools to support lasting data retention policies. Businesses might imagine that using a SaaS platform lets them off the hook, and they don’t need to worry about protecting the associated data. But this would be a mistake for three crucial reasons:

Human error 

When it comes to data loss, human error – whether unknowing, unintentional, or completely innocent – is all too common. Stanford University research suggests that around 88% of data breaches are caused by an employee mistake – the UK’s Information Commissioner’s Office agrees, suggesting the figure is approximately 90%. Whether it’s mistakenly altering a site or file in error, including sensitive information in an email or instant message, or removing a user profile, the impact on regular operations can be far-reaching and long-lasting.

Higher ransoms and multiple hits from cybercriminals

The link between growing cybercrime activity and remote working is well documented. But it’s emerged that the price tag paid by victims has increased too. Companies can now expect to pay an average of $200,000 (£150,000) to regain access to their data. But cybercriminals holding data hostage are like all blackmailers and rarely settle for one hit. Knowing the reputational and financial damage that a data leak or lost data can cause, they come back time and again for more money.

Maintaining compliance 

Human error and cyberattacks can compromise compliance with internal company regulations and – more damagingly – national legal standards. Microsoft-native controls do offer some replication capabilities, but they’re not designed to meet data retention and recovery SLAs. SaaS-based data backup and recovery solutions offer the option to get unlimited retention, unlimited storage, and comprehensive recovery options that extend beyond Office 365 capabilities. This should enable administrators to meet stringent SLA requirements and maintain compliance.

Are You Planning a SaaS-Based Backup and Recovery Strategy?

As a minimum, businesses need long-term retention, data source separation, granular backup, and flexible recovery options. This level of control eliminates downtime and improves protection against data loss by enabling businesses to restore data with greater speed and precision – even at scale. For this reason, industry experts and many analysts see third-party solutions as a key way to defend data against cybercriminals. With that in mind, there are four points to consider when beginning your search for one:

Don’t be afraid to automate

Regardless of your organisation’s size, automating your 365 backup processes is one of the first – and possibly most effective – steps you can take to protect your data and ensure a quick recovery. Consistency here is critical, as the more regularly you backup your data, the greater your chances are of recovering from a malware attack or system outage.

Self-isolate

Use third-party SaaS-based data protection solutions to protect and isolate copies of Office 365 data outside application and production environments. This improves the chances that compromised businesses can quickly recover data.

Embrace granularity  

There’s no point in backing up your data if you’re unable to find and restore it when you need it – especially when you’re under pressure because of a cyberattack. For this reason, we recommend adopting a solution that lets you quickly pinpoint specific data and records linked to your SaaS applications.

Organisations need the ability to perform restores, preserve critical data sets, and manage production and sandbox environments in a targeted way. Much of this will come down to granular search and restore, but it’s also good practice to use immediate restores as well as point-in-time and version-level recovery tools.

Take a multi-layer approach to security  

Staying secure makes it easier to maintain compliance with data privacy regulations. Look for a solution that offers privacy protocols, stringent standards, and zero-trust access controls. This could include air-gapped and isolated backups, in-built GDPR compliance, and encryption for data, whether it’s in-flight or at rest. Multi-layering your security also allows you to add role-based, SSO, SAML authentication controls.

Responsibility is Often Shared

It’s a common misconception that cloud service providers like Microsoft are responsible for administering their SaaS applications and protecting user data that’s created and stored within them. But like other cloud service providers, including Salesforce and Google, Microsoft follows a shared responsibility model.

This means Microsoft is accountable for maintaining infrastructure, availability, uptime, and access. But users are responsible for protecting their own data – whether it’s entering, housed in, or leaving the solution. IT professionals should, therefore, recognise the burden of safeguarding Microsoft 365 data ultimately lies with them. Organisations must take this responsibility seriously and assess and re-evaluate their 365 environment protection before it’s too late.

By Shai Nuni, Vice President of Metallic EMEA at Commvault.

Guest Contributor
Follow on Twitter @eWeekUK

Popular Articles