Backup Unlicensed Office 365 Accounts with CloudAlly

Are you maintaining inactive Office 365 licenses to avoid losing data? Is the cost of maintaining licenses to adhere to data retention policies rising as your organization scales? Paying for inactive Office 365 licenses to prevent loss of data during employee onboarding/offboarding can eat into your budget, with no measurable ROI. 

Explore ways to backup unlicensed Office 365 accounts to simplify employee management, save on license costs and meet compliance requirements. 

The High Price of Inactive Office 365 Accounts

An active Office 365 license is required for Office 365 data to be stored and accessible. This means that when an employee leaves the organization, the license gets revoked and access stopped. This can be challenging for the modern organization which has a chunk of licenses that are used on an ad-hoc or rotational basis; such as those belonging to vendors, part-time employees, and/or ex-employees. The data held within these accounts is not only valuable but also helpful to onboard the employee, vendor or contractor filling the position. 

The catch is this – Office 365 permanently deletes the data held by inactive licenses after 30 days. Preserving the business-critical data within the unused accounts means paying for the licenses. Audit requirements also typically mandate a minimum data retention period for non-active accounts. This makes it all the more essential to maintain the inactive licenses to meet compliance measures. All while incurring significant licensing expenses.

Litigation Hold is Not a Workaround

What about Microsoft’s Litigation hold? Using Litigation hold to export data and then perform a cross-user restore of emails and data is non-intuitive and complex. This is because litigation hold is not meant to be a recovery tool; particularly to restore emails and user accounts. While the data can be exported, recovery is a manual process, and there is no direct restore option. Litigation hold also does not maintain a separate copy of data in another physical location, making it susceptible to data and security breaches.  

This makes it an unviable and cumbersome option to depend on for onboarding/offboarding employee data transfer, meeting compliance requirements and quickly recovering emails, accounts, or documents.

How CloudAlly Can Help

SaaS Backup is an easy, cost-effective, and secure option to save on the expense of maintaining inactive Office 365 licenses while avoiding data loss. Back up inactive account data, relinquish the license and restore it to the new user/licensed account when required. More significantly, SaaS backup is the only sure way to protect your organization from Office 365 data loss due to human error, malicious intent, malware attacks, and sync errors.

CloudAlly pioneered Office 365 SaaS backup almost a decade ago, and consequently, our products are tested, proven, and top-rated. Newsweek recently ranked us as a leading backup solution provider. Our Office 365 Backup includes support to activate Office 365 account backups that have their status as “Unlicensed”. These can be new accounts or group accounts created by the Office 365 system itself. With the account data backed up, you can release the license knowing that the data can be securely restored to the new user’s account when required. Thus ensuring the smooth transfer of all relevant data from the employees, vendors or contractors who are exiting with the newly joined ones; while saving on licensing costs. Secure and cost-effective backup and recovery that’s geared for the enterprise.

Protect your valuable Office 365 data, skip the stress of complying with data retention, and save on the high costs of Office 365 licenses with CloudAlly. Try a free trial or book a quick demo now!

5 Pointers for Comprehensive Office 365 Backup and Recovery

By Michael Schneider – Marketing Director


Office 365 Backup and Recovery

The average cost of a data breach is $3.92 million – and that is not counting the irreparable damage to the business, reputation, and customer trust. Add to that the fact that one in three organizations have experienced SaaS data loss and the prevalence of malware attacks and you have the perfect cyber-security crisis. How do you protect your organization from Office 365 data loss or corruption? Hence: Office 365 Backup and Recovery, is essential for business.

As the IT administrator, do you have a strategy to recover from a data breach? Can you recover an important document from last year? A crucial email from 100 days ago?  Office 365 backup and recovery is essential for quick disaster recuperation and seamless business continuity. 

Five pointers for comprehensive Office 365 data protection.

#1 Understand that Office 365 data needs protection

Microsoft product; Office 365 provides a secure, and highly-available service for enterprise productivity. However, it cannot protect you from data loss in your own company, due to human error, malicious intent, sync errors, and/or malware attacks. Additionally, compliance laws like the GDPR mandate that you share the onus of protecting your customer’s data. Office 365 data needs protection too, just as you would with an on-premise solution; it isn’t exempt because it is on the cloud.

#2 SaaS Backup and Recovery is your data’s safety net

Native Office 365 data restore capabilities are built for archival and not recovery. Moreover, they are non-existent after a few months. With Office 365 managing business-critical data, it is essential to have a long-term legal hold data recovery strategy. As the IT administrator, do you have a strategy to recover from a data breach? Can you recover an important document from last year? A crucial email from 100 days ago?

A reliable backup solution is your best defense against SaaS data loss. Moreover, if the backup is cloud-based it can harness the same advantages of cloud computing that your SaaS platform has – scalability, accessibility, and computational prowess. Automated SaaS backup stores an accurate copy of your data that can be quickly and easily restored in the event of data loss. As this accelerates disaster recovery and ensures business continuity, your organization can get back to business even after a data breach. Thus blunting its impact and mitigating the possible damage.

New call-to-action

#3 Check that SaaS Backup includes Exchange Online

Office 365 offers no native restore options beyond 93 days. Exchange Online mailboxes should be protected by policy-driven backup plans to help ensure that data is protected and that it expires when retention has been met. Make sure that your backup solution includes all critical mailbox data. Mailbox backups should include all the types of data contained within the mailbox, such as messages, contacts, calendar items, chat histories, etc.

#4 Choose SharePoint backup and recovery with granular controls

Many organizations rely heavily on SharePoint for a variety of business use cases such as the company intranet, project tracking, team collaboration, and content management. This data is too valuable to skip backing up.

Check that your Office 365 SharePoint data protection includes flexibility for backup and recovery for an entire site all the way down to the object level. Furthermore, SharePoint recovery should ensure permissions are applied to objects to control end-user access. It should also have the ability to restore permissions without overwriting any of the objects.

#5 Don’t exclude OneDrive for Business backup and recovery

OneDrive for Business is a file hosting and synchronization service for files, large and small.  OneDrive is often the main storage and collaboration platform for modern enterprises and hosts many business-critical documents. Don’t neglect OneDrive backups! OneDrive data needs to be protected from a holistic, administrative point of view so that it’s easy to provide recovery when an end-user ultimately needs data restored.

How CloudAlly can help?

CloudAlly’s SaaS backup and recovery solutions enable you to recover mail, calendar, contacts, SharePoint sites, and OneDrive documents. You can empower both legal requestors and end-users with just one self-service single search across their Office 365 data, and own storage with cloud-based backups.

For organizations that need to comply with regulatory requirements like GDPR, CloudAlly provides highly secure backup on Amazon AWS in the regional storage locations of your choice.

Try our full-featured trial now and give your Office 365 data comprehensive and secure protection.  

Office 365 Backup and Recovery, is essential for your business, 

Back it up today.

Multi-Factor Authentication (MFA) Is the New Office 365 Mandate – Does Your CSP Support It?

Office 365 MFA

By Monty Sagal – Director of Channel Enablement & Compliance

Office 365 MFAOffice 365 comes with top-of-the-line security built into its entire suite. However, it cannot protect you from SaaS data loss from your end. These include some of the most common causes of data loss due to human error, malicious intent, sync errors, and malware. Microsoft has mandated certain security requirements from its Cloud Solution Provider (CSP) program partners to minimize the risk of Office 365 data loss. Most organizations typically liaise with more than a few CSPs, so it’s essential that you check that they comply with Office 365 security requirements.  Hence: Office 365 MFA, is the topic of our blog post.

This article is about:

New Office 365’s CSP Security Mandates

The year-on-year increase in the number and inventiveness of malware, phishing, and ransomware attacks has made cybersecurity a top priority for organizations worldwide. Repercussions of malware attacks are exponentially compounded on the cloud – as breaches can cascade from one SaaS app to another. In view of that, Microsoft has added two requirements from CSPs:

  • Mandatory Multi-Factor Authentication (MFA): All user accounts in the partner tenant must enable MFA to be able to“transact in the Cloud Solution Provider through Partner Center or via APIs”.
  • Adoption of the Secure Application Model framework: All partners integrating with the Partner Center API must “adopt the Secure Application Model framework for any app + user auth model applications”. 

New call-to-action

 Why does MFA matter?

The reason why MFA is the gold standard for secure app authentication (which is why Microsoft is mandating Office 365 MFA), is because it eliminates the risk of breaches due to weak passwords. 

If you think your strong password policy suffices, know that it can be easily broken into by most of the common types of malware attacks such as phishing, credential stuffing, keystroke logging. This is because they use credential interception, database breaches, and/or network scanning to steal the exact password, making its perceived “strength” immaterial.

Compromised credentials are the major cause of data breaches, and by bypassing them, MFA has demonstrated success in blocking 99.9% of breaches. The reason behind it is its use of a combination of password, security token, and possibly even biometric verification to authenticate users.

Why you should check that your CSP supports MFA

While Microsoft has mandated MFA, it is worth checking that your CSP supports it. Incidents like the data breach at PCM which gave hackers access to the Office 365 credentials of the company’s clients highlighted how one breached vendor app means your data is at risk too. A partner’s breach is as good (rather bad) as your organization being breached.

We at CloudAlly give the utmost importance to our customer’s data protection. Long before Microsoft’s mandate, we implemented MFA for our Office 365 cloud backup solution, as we believe it to be the most secure method of app authentication. Furthermore, CloudAlly supports the Secure Application Model, with OAuth permission-based access. CloudAlly also comes with ISO 27001 Certification and is compliant with GDPR, and HIPAA. So you can be sure that your Office 365 data is securely backed up with us. 

Try our full-featured 14 Day Free Trial and trust your data protection with a stringently secure partner. Because security is just not worth compromising.  Click Here to read more about our Office 365 Backup.

How Can You Recover a Deleted SharePoint Site?

Recover a deleted SharePoint site

Your team has created an elegant SharePoint Team Site for your intranet – it is the mainstay of your company. And then someone mistakenly hits delete or the site gets corrupted. Or worse still, an entire Site Collection gets erroneously deleted by another admin. As the Office 365 or Sharepoint administrator, it would be up to you to recover them. We thought we’d help out with a step-wise list of instructions to: recover a deleted Sharepoint site, along with best practices for Office 365 data recovery. 

This article includes:

Steps to recover a deleted SharePoint site

Note, that we’re assuming that you as the Office 365 or SharePoint administrator have the required permissions. If not, check with your technical support.

Consider you have a SharePoint site for the ‘CRM Development’ project team and it is located at https://ppmdev.sharepoint.com/crm/

Recover a deleted SharePoint site


Oops! The site has been accidentally deleted, and you will receive a 404 error when you try to access the site. 

404 error on access

Perform the following steps to restore the deleted site.

Step 1: Go to Site Settings

  1. Go to the root site collection of the deleted site. The link in our example is https://ppmdev.sharepoint.com/  (without subsite link ‘crm’). 
  2. Log in as a user with the site collection admin permissions
  3. In the top navigation panel click Settings and then select Site settings on the dropdown menu

Go to Sharepoint's Site Settings

Step 2: Go to the Second-Stage Recycle Bin

Click Recycle bin under Site Collection Administration section

Go to Sharepoint's Second-Stage Recycle Bin

The recycle bin might be empty. Click Second-stage recycle bin at the bottom of the page

Second-stage recycle bin

Step 3: Restore your deleted site

Select the site you want to restore and then click Restore

Select the site you want to restore

The restored site will disappear from the list after the restoring process is completed

Restored Sharepoint site removed from the Bin

To verify that the site has been successfully restored, go to the site’s source link https://ppmdev.sharepoint.com/crm/.

Sharepoint Site successfully restored

For additional information, read more from the Microsoft help center

New call-to-action

Limitations to Restoring Sites from SharePoint Recycle Bin

Here’s the caveat, and it’s an important one. Deleted sites are stored only for a maximum of 90 days. After the 90 day period, the deleted sites are automatically and permanently deleted.

Moreover, the Site Collection Recycle Bin has a quota on the amount of data that can be stored in the bin. If the quota is exceeded, then the oldest items, including deleted sites, will be automatically and permanently deleted.

SharePoint Recovery Best Practices

Native options such as restoring sites from SharePoint Recycle Bin have time-based and size-based limitations. As the administrator, when faced with the stress of a deleted site or site collection, what if you found that it could not be retrieved because the Recycle Bin got purged or three months have elapsed. Understand that such built-in solutions are meant as a bandaid measure and not as a robust recovery solution. 

Additionally, SaaS solutions cannot protect your from data loss at your end, due to human error or malicious intent, malware attacks, or sync errors. With one in three organizations having experienced SaaS data loss, you need a dependable backup and recovery solution to quickly get your lost data back – accurately and from any point-in-time.

CloudAlly’s SharePoint backup solution, comprehensively backs up SharePoint Online Team Site (and all sub-sites), Public Site (and all sub-sites), private Site Collections and OneDrive for Business Sites. What’s more, it stores the backup indefinitely and in Amazon’s highly reliable data centers. CloudAlly makes recovery a breeze with provisions for non-destructive restores both at the granular item-level or of the complete site.  Learn More.

Contact us to see how CloudAlly can smoothen your SharePoint recovery.

How Can You Safeguard Against Data Loss in Office 365?

Office 365 Data Loss

It is a myth that Microsoft will protect you from data loss in Office 365. Microsoft is incrementally ensuring a reliable service, but the data within your Office 365 tenant is your responsibility. However, it cannot protect you from Office 365 data loss at your end – due to malware, human error or malicious intent.

This article contains:

YOU have the onus of protecting Office 365 data

As per Compliance Laws

As per governance laws like the GDPR, HiPAA, SOX, and many others, protecting your customer’s data is a responsibility that is shared between the controller (your organization) and the processor (third-party service providers like SaaS platforms). Moreover, in the event of a data breach or data loss, “shared accountability” and “joint liability” is mandated.

Need another reason? Compliance laws also insist on the organization having “the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident”. What that means, is that they mandate that you have a solution or capability to accurately backup and restore data.

As per your Cloud Service Provider

Office 365 Data LossMicrosoft provides a highly reliable service with Office 365, but they themselves recommend backup in their service agreement, “We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services” 

Do not be mistaken – your data in Office 365 is your responsibility!

Ways data loss occurs in Office 365

Human Error: Office 365  has not yet reached the maturity where it can decipher intent when all the rules of the service are followed. We are talking about accidental deletions of data by parties with no ill-intent – plain human error. According to Aberdeen Group, research shows that 70% of all data loss is accidental.

Malware: Then there are malicious actors such as hackers, ransomware, and malware that can cause massive data loss. While there is so much you can do to fully prevent these attacks, these do happen and you need countermeasures.

And don’t forget about the disgruntled employee causing data loss by malicious intent!

New call-to-action

Office 365 outages do happen

Service in the cloud means 99.9% uptime. In the first few months of 2019 alone, Office 365 has suffered two major outages. The second outage dated 28th January 2019 was a massive two-day outage

Another Microsoft outage caused data loss where Microsoft deleted several Transparent Data Encryption (TDE) databases in Azure, holding live customer information. 

We are talking no email access, no customer emails, no spreadsheets, no presentations – Basically bringing your enterprise to a halt. Can you quantify the financial loss in having your data unavailable or lost for that long? 

What about native Office 365 archives

Office 365 offers short preset retention periods for deleted emails and deleted items in OneDrive. However, they hold data only for a limited period of time, do not backup regularly (your data will be outdated), and restoring data from may be cumbersome. Such options are more of an archival mechanism than a true backup and restore solution.

So how do you safeguard against Office 365 data loss?

So now that you know that your data in Office 365 needs dependable protection against data loss, what should you do? Select a 

Cloudally provides a safe (ISO 27001 certified, GDPR, and HIPAA compliant), secure (Amazon S3 Secure Storage and AES-256 Encryption) and flexible cloud backup solutions for Office365, Sharepoint and OneDrive, We were also ranked #1 under best business tool category by Newsweek by over 10,000 IT Pros. We offer a full-featured 15-day free trial which you can activate and start backing up your data in minutes and are very highly rated and recommended by our users.

Contact us to have an expert guide you as you navigate the waters of data protection to achieve a reliable and secure enterprise.

Do you really need to backup office 365?

How to Ensure Business Continuity When Microsoft Backup Fails!

The importance of being earnest with the need for 3rd party backup!

One of Microsoft Windows 10’s most effective built-in backup features used to be its Registry backups. Though the Microsoft backup commands Do you really need to backup office 365?were still running and allegedly being performed successfully, the actual Registry backups had in fact no longer been created – for over a year. So, do you really need to backup office 365?

After numerous complaints, Microsoft explained what was happening, but such a long gap between Registry backups certainly caused problems for companies. This kind of issue demonstrates the importance of creating third-party backups, even if your operating system promises to provide recovery options.  Backup for online business solutions is also required because of the lack of restore possibilities beyond the built-in data retention periods, in solutions such as Office 365, G Suite, etc.

LINK


What this article is about: 

  • Microsoft’s Registry Backups
  • History of Problems with Windows 10
  • Registry Backup Work-Around in Windows 10
  • Using CloudAlly’s Backup for Business

New call-to-action
Microsoft’s Registry Backups 

In June of 2019, Ghacks picked up on the fact that Microsoft was no longer creating Registry backups. While it seemed like these backups were being created as usual, only registry hives, not files, were actually appearing in the RegBack folder.

This meant, of course, that users weren’t able to restore their Registries back to an earlier state by using one of these backups.

Microsoft didn’t address this issue for nearly a year, and when they did, Forbes’ Consumer Tech writer Gordon Kelly calls their delayed response “worrying on multiple levels.”

It turns out that Windows 10 hadn’t been creating Registry backups for nearly a year. However, the tech giant didn’t dub this failure to make backups a bug or a glitch but instead called it a change “by design.”

An explanation (belatedly) issued by Microsoft reads:

“Starting in Windows 10, version 1803, Windows no longer automatically backs up the system registry to the RegBack folder… 

This change is by design, and is intended to help reduce the overall disk footprint size of Windows. To recover a system with a corrupt registry hive, Microsoft recommends that you use a system restore point.”

 What’s particularly shocking about this change is that users were led to believe that their Registry backups were still running as usual. After all, in the Registry backup folder, backups were still being added, though the actual file size of these phantom files was only 0 KB.

Kelly explains why Microsoft’s surprisingly-late explanation of this change is so problematic:

“Backing up a registry is a crucial last line of defense for many businesses and everyday users. Should a Windows System Restore point fail, barring the use of third-party software, the registry backup is all you have.” 

History of Problems with Windows 10 

When Windows 10 1803 was released in April 2018, users started complaining about the Registry backup issue in Microsoft’s Feedback Hub. However, nobody responded to their complaints or offered a solution to their problem.

Kelly dubs what Microsoft was doing here a “deception,” though it’s difficult to understand why the company might have wanted to make such a change without letting its user know about it. A backup registry usually takes up 50 to 100 MB on a disk, and if administrators wanted to free up this space, it seems they could have made the choice to turn off registry backups on their own.

While it’s unclear why Microsoft might have made this change – and then left users in the dark about it for more than a year – in April 2019, the company did promise to offer its users more transparency and honesty. However, as the company didn’t issue an explanation about what had been going on with Registry backup until two months after that, it remains to be seen if the company will live up to its promise.

With problems like these, it’s perhaps no surprise that so many users are resisting the move to Windows 10, instead hanging on to Windows 7 as long as they can.

Registry Backup Work-Around in Windows 10 

 Though Microsoft automatically disabled Registry backups, the company also gave administrators a workaround that allows them to re-enable this backup using by changing the Registry key’s value. Here’s how to do it:

  1.  First, type regedit.exe into the start menu and open the Registry Editor.
  2. Next, open the Configuration Manager using the key. HKLM\System\CurrentControlSet\Control\Session Manager\Configuration Manager\
  3. From there, right click on the Configuration Manager and choose New > Dword (32-bit) Value. Call it EnablePeriodicBackup.
  4. After your backup has been created, double-click it to set its value to 1.
  5. Restart the computer.
  6. When Windows reboots, it will start backing up the Registry to the RegBack folder again and will use RegIdleBackup task to start performing regular backups again.

Do you really need to backup office 365?

CAPTION: From Microsoft 

Obviously, though, since Microsoft turned off this functionality, it doesn’t recommend this method for restoring corrupt registry hives. Instead, it suggests using a system restore point for this type of restoration.

Further, setting a Registry backup at this point is too little, too late for many users. Any user that wanted to restore the Registry to before Microsoft’s announcement in June 2019 – backups they believed they had – are out of luck, unless they were backing up their files with a third-party platform in the first place.

Using CloudAlly’s Backup for Business – on cloud solutions.

Business who wish to maintain business continuity, and be able to restore from any point in time with an unlimited retention period, for  solutions such as Microsoft Office 365 online, need to backup with 3rd party providers.

In turn, CloudAlly offers the security to know that your data will be recoverable.  CloudAlly backs up your data daily and allows for unlimited archiving. What’s more, you can use granular restore for single lost files or you can restore a mailbox or calendar, without losing updated information.