Follow These Tips to Prevent Data Loss on O365

Does Your Company Use Office 365?

Make Sure You Follow These Tips to Prevent Data Loss

There’s a lot of buzz surrounding the use of the cloud in recent years. Cloud computing increases a business’ efficiency, it helps reduce overhead costs, enables companies to be more flexible and it supports collaboration as well as communication. But what about data loss in the cloud?

With a reliable cloud-based solution in place, it means employees don’t necessarily have to be physically present in the office to be productive. Teams can be scattered all over the world and still be able to work as efficiently as they would if they were in the same brick-and-mortar office.

With all this functionality, it’s almost surprising to find out that there’s one aspect of enterprise cloud solutions that remains especially vulnerable–data loss.

Take the popular Software as a Service (SaaS) platform, Office 365, as an example. Being one of the more prominent cloud collaboration tools, you would assume that any data that gets deleted on it–for whatever reason–can be easily retrieved. But you’d be wrong. Unfortunately, Office 365 doesn’t protect users against data loss due to malicious attacks or user error. This is particularly worrying given that a study conducted by Aberdeen Group clearly illustrates the rise of cloud adoption among businesses. According to their research, 80 percent of respondents say that some form of SaaS application is now being used in their companies. And 32 percent say that they have experienced SaaS data loss in their own organization in some form. In fact,  CSO from IDG notes that data breaches and accidental deletion are among the top 12 cloud security threats for 2017.

With these in mind, implementing actionable measures to reduce your vulnerability is essential. Because the reality is, the convenience comes at the expense of your data. Protecting your data–whether from malicious attacks or admin carelessness–is in your hands. And it starts by knowing what actionable steps you can take–

With that in mind, here are 5 ways you can avoid data loss in Office 365.

1. Ensure all mobile devices that access the platform are secure

It’s likely that your company uses both company-issued and personal devices to access work email, contacts, calendar, and other important data. In fact, MarketsandMarkets surveyed bring-your-own-device (BYOD) trends for 2017 and notes a 36 percent rise at the start of 2017.  This number is even expected to jump to 50 percent at the start of 2018.

Given this, make sure that your team is able to implement and follow the company’s security policies carefully. Adding a feature that allows you to remotely protect proprietary information from malicious deletion or attacks is critical given how often data breaches happen today.

2. Implement multi-factor authentication for users

Malicious attacks today are getting more and more sophisticated. A single password—even one that uses a mix of upper and lower case letter, punctuation marks, and numbers—won’t be enough to keep data stored in Office 365 safe. It’s always better to be safe than sorry, so it’s best to enable multi-factor authentication to make it more difficult for hackers to access your account.

3. Avoid anonymous calendar sharing

One of the most useful features of Office 365 is its ability to share calendar information easily.

While it may seem like an innocuous feature unrelated to data breaches or loss, publicly sharing data can expose critical information about your business that would leave your company vulnerable to attacks. Hackers can use your schedules to determine how your company operates and identify which users are most vulnerable.

4. Establish role-based controls

Accessibility is one of the key advantages of Office 365. Be sure however to limit access to critical data. Carefully determine which users should and shouldn’t have access to specific files and features in your company. Talk to each department and coordinate with them to determine who should have access to what to minimize potential data leaks or loss.

5. Automate backups for your system

Office 365 unfortunately still only relies on the trash bin for data recovery. If someone hacks into your data, accidentally empties the bin, or maliciously destroys data, all your important data is gone forever. Implementing online data backups and disaster recovery will ensure that you have an archive of all your data, which you can recover if the need arises.

Office 365 has proven to be an essential tool for businesses today. But being responsible for the security of your company’s data means you have to be aware of the security risks you face while using it. To make sure that you protect your data from potential data loss, so get started with your free trial.

Office 365 Exchange Backup Procedures and Third-Party Backup with CloudAlly’s Office 365 Exchange Backup

O365 Exchange BackupOffice 365 Exchange Online is an immensely effective app, but it has one significant issue. While Office 365 offers a few limited built-in and one-time recovery options for Exchange Online, the app does not have a workable backup feature that lets you recover emails after they have been deleted for over 30 days. Never fear, though. You can safely operate Exchange Online if you use it in tandem with CloudAlly’s Office 365 Exchange Backup.

Read on for more information about Office 365 Online’s backup issues, Microsoft’s built-in solutions for a few of these issues, and CloudAlly’s Office 365 Exchange Backup.

Limited Backup in Exchange Online

One of the major drawbacks of Exchange Online is that its mailboxes are not backed up in the Office 365 infrastructure. Microsoft does offer DAG technologies in two datacenters that provide a reseed/repair process if your data fails. But this is not enough. Data can be lost in multiple ways, which is why having multiple backup options is so important. Here are a few common ways emails can be lost:

  • Human error
  • Malicious activity
  • Malware, spyware, or ransomware
  • Incomplete data recovery systems
  • Data corruption

Despite protests from Exchange administrators, Microsoft seems intent on sticking to its gun in not supporting Exchange Online mailboxes being backed up within the Office 365 infrastructure. Still, many administrators have lost essential information from databases that were improperly or infrequently backed up. Microsoft isn’t going to solve the problem or protect your data; so, what can you do to ensure that your company’s data is secure?

Microsoft’s Suggestions for Restoring Email in Office 365 Exchange

Microsoft has a few built-in recovery options in Exchange Online. Some are standard features, while others require you to modify the system settings yourself.

Single item recovery

You can restore a single missing item in Exchange Online without restoring an entire mailbox database. If the Managed Folder Assistant processes a Recoverable Items folder for a mailbox with only one item recovery, that item will not be purged in the Purges subfolder if its retention period (by default, deleted emails are stored for 14 days) has not already passed.

Deleted item retention

Office 365 Exchange lets you restore deleted emails for up to 14 days. But you can also tweak the settings to recover email that has been deleted for up to 30 days. Here’s how to do it.

  1. Connect to Exchange Online’s PowerShell. To do this, enter the command $UserCredential = Get-Credential in the Windows PowerShell Credential Request dialog box. Click “OK.”
  2. Next, run the following command: $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection in the dialog box. Click “OK.”
  3. Next, run the following command ConnectionUrivalue (
  4. Finally, Run the following command: Import-PSSession $Session. You should now be connected to PowerShell.

5. You can choose to change only single users’ retention length. Say you are changing the retention length of a single user’s email. In this case, the user’s name is John Smith. Run the following command in the Exchange Management Shell: Set-Mailbox -Identity “John Smith” -RetainDeletedItemsFor 30 6. You can also change every user in your organization’s retention length by using the following command: Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq ‘UserMailbox’)} | Set-Mailbox -RetainDeletedItemsFor 30

Placing a mailbox on litigation hold

A litigation hold solution helps you recover email that has been in deleted items longer than 30 days. It is meant to be used as a one-off recovery solution, not one that is sustainable or very often usable. A litigation hold recovers all versions of a deleted email; you can also set a specific hold length. Here are the steps for a litigation hold in Exchange Online:

  1. Enter PowerShell as described in Steps 1 through 4 above.
  2. Navigate to “Recipients” and “Mailboxes.”
  3. Choose the user mailbox that you want to put on litigation hold, and click “Edit.”
  4. Click “Mailbox features” on the mailbox properties page.
  5. Find “Litigation hold: Disabled” and click “Enable.”
  6. You can then specify several features of your litigation hold, including “Litigation hold duration (days),” “Note” (which lets you notify a user that his or her mailbox is on litigation hold), and “URL” (to provide users more information about litigation holds).
  7. Click “Save” on the litigation hold and again on the mailbox properties page.

Reasons Microsoft’s Backup Solutions Fall Short – “Cover Your Bases”

While Microsoft’s built-in solutions provide remedies to some issues with Exchange Online’s backup and recovery issues, these options are extremely limited and only solve a small number of problems that could arise. CloudAlly’s Office 365 Exchange Backup provides a complete and simple backup option. Instead of Microsoft’s limiting 30-day recovery time, Exchange that provides you with unlimited data storage and retention.

CloudAlly’s Office 365 Exchange Backup gives you piece of mind in backing up Exchange Online. But since there are so many ways that emails can be lost, it makes good sense to use as many backup options as possible. While Microsoft offers built-in backup options for Exchange Online, all these solutions are less complete than CloudAlly’s Exchange Backup. For complete safety, you may want to consider implementing Microsoft’s suggested backups and CloudAlly’s Exchange Backup when integrating Exchange Online into your company’s workflow.

Our Backup ensures that your Office 365 Exchange will be secured and recoverable, no matter what happens to your emails. In addition to email, Office 365 Exchange Backup backs up your contacts, calendar, and tasks so that even if something happens to this information, you’ll be able to retrieve it – and you can easily set up backup support for all your users. Exchange Backup automatically discovers new users, or lets you add new employees to the Backup manually.

Office 365 Exchange Backup backs up your data in two ways. The first backs up data so you can find emails lost at a certain time. From there, you can search for your missing email on a precise, specific level. The second backup allows you to export your Office 365 emails to be stored locally.

Ready to see what security feels like? Try our Office 365 Backup for free for 15 days.

Office 365: Threat Intelligence and Data Governance Tools

Microsoft Office 365: Threat Intelligence and Data Governance Tools

Threat Intelligence and Data Governance ToolsThere is a lot that’s new about Microsoft’s Office 365 cloud version of its traditional desktop software. Some of the biggest new benefits have to do with two major pillars of an enterprise strategy: first, identifying and mitigating threats in a network, and second, establishing policies and procedures for data governance. Threat Intelligence and Data Governance Tools, are significant to our work process in Microsoft Office 365.


Why do companies need good data governance and threat intelligence systems in place?

Lots of experts are looking at studies by Ponemon, one of which estimates the average cost of a data breach at around $4 million — there is also this article from writer Michael Panciroli in April that sites some troubling statistics, for example, an assertion that 45% of surveyed companies don’t have good enough data governance to protect them from serious legal and security risks.

That kind of gap is what these new cloud features of Office 365 are meant to address — to help client companies to get more effective cybersecurity in place, perform better advanced data governance, and know more about their business data assets.

Major Benefits of Microsoft Office 365 Threat Intelligence

There is a ton of functionality built into Microsoft Office 365 Threat Intelligence that’s related to foiling hackers, conquering malware, and generally keeping a network safe and clean.

One essential element is the Microsoft Intelligent Security Graph — this new feature of Microsoft’s cloud security platform does two major things. One is that it’s a comprehensive data aggregation center that takes in diverse input from hundreds of different sources, along with many of the 350 billion authentications that Microsoft manages each month. The other is that it utilizes machine learning components to increase its threat mitigation power even more. (See more detail on the strengths of Microsoft’s Intelligent Security Graph from Microsoft Vice President of Enterprise Client & Mobility Brad Anderson in this testimonial video.)

In other words, part of the strength of Microsoft Office 365 Threat Intelligence tools is the amount of raw data available to a machine learning system that can work with it and make it into actionable results — for instance, offering real-time tools and alerts, isolating and dealing with content that looks suspicious, and integrating with other security information and event management tools.

Aside from the Intelligent Security Graph, the Office 365 platform also now offers a new Advanced Threat Protection (ATP) reporting interface with all sorts of dashboard views related to network activity. The ability to extend this to desktop clients, and to infiltrate areas of an enterprise network, is very useful to business leaders who need to keep an eagle eye out for disturbing warning signs of inappropriate activity. Maybe it’s a logon from a suspicious location, or activity by an employee that hasn’t been on staff for years. Another major red flag is a significant volume of file deletions, which is another real-time indicator that Microsoft Office 365 Threat Intelligence can analyze.

Relating Microsoft Office 365 Threat Intelligence to Advanced Data Governance

Businesses know that data governance is critically important. Many of them also understand how having access to raw data and tools to filter and refine that data adds to the threat intelligence that they benefit from in-house. But not every business understands how new Microsoft Office 365 tools can enhance data governance in concrete ways. For instance, cloud policy recommendations will help to define data that should be kept and stored in an archive, or data that can safely be discarded. That’s just one aspect of having a security and compliance portal that helps businesses to build and classify their data.

Along with having good data governance and threat intelligence software capabilities, CloudAlly’s Office 365 backup and recovery service is another important part of a fundamental cyber security system. By providing automated daily backups and the ability to restore or export data from any point in time, CloudAlly ensures ongoing business continuity in the event of data loss.

Does Microsoft Backup Office 365 To Cloud?

How is it possible to get a full Data Restore and
Recovery for Office 365?

Office 365 backup and recovery —

As your company’s information technology leader you have been in pursuit of better collaboration and storage capabilities, and have made the move to Microsoft Office 365, and while this is a powerful cloud-based suite of tools, that doesn’t mean your data is secure.  So, does Microsoft Backup Office 365 To Cloud?

Just because MS solutions are on cloud, it doesn’t mean the complete Microsoft 365 Solution: Office 365 ExchangeSharePoint, and OneDrive solutions is backed up by Microsoft. You will discover this when you attempt & fail to restore your data from any point in time, without having a backup & restore add-on in place, as well.  Then, how is it possible to get a full Data Restore and Recovery for Office 365?

It is your responsibility to protect your corporate data when using the Microsoft cloud.  Business best practice guidelines require automated backup and recovery but, unfortunately, many companies don’t take the necessary steps to protect themselves from accidental or malicious data destruction.  One in 3 companies report losing SaaS data, and of those companies, 64% admit to losing data due to user error.

If you don’t backup your Microsoft cloud data your business could be at risk of massive exposure for the simple reason that Microsoft does not provide the ability to recover data that has been accidentally or maliciously deleted or corrupted. The recycle bin is fine for short-term and item-level recovery, but doesn’t provide the ability to perform a point-in-time recovery of lost or corrupt data.  As data storage services, SharePoint and OneDrive are not only prone to sync errors, and accidental or malicious data loss, they’re also at risk from malware and ransomware such as CryptoLocker.

As data storage services, SharePoint and OneDrive are not only prone to sync errors, and accidental or malicious data loss, they’re also at risk from malware and ransomware such as CryptoLocker.

Data Protection and Recovery for the Microsoft Cloud

CloudAlly offers the most reliable and trusted Microsoft Office 365 backup and recovery solution for your IT team. It ensures that all historical versions of your Office 365, How is it possible to get a full Data Restore and Recovery for Office 365?SharePoint, and OneDrive data—including all emails, calendars, contacts, tasks, and sties—are safely stored and easily recoverable. And our Outlook compatible .pst export means that your Office data is still available even if MS Azure is temporarily unavailable. It’s effortless.

CloudAlly provides accurate data restoration from any point in time and at any hierarchical level. Administrators can perform a non-destructive restore, or export data with a single click, reducing the risk of lost productivity and meeting even the fastest recovery time objectives.

View Our Microsoft Cloud Backup / Office 365 Backup Video below:

For SharePoint & OneDrive Backup Video CLICK HERE

Download our latest Microsoft Office 365, SharePoint, and OneDrive – Backup Brochure

G Suite Vs Office 365

Businesses are always looking for new ways to help their teams work together while keeping their overhead low. To do this, many administrators choose to use services such as G SuiteVs. Office 365 to gain the word processing, spreadsheet, and power point capabilities while connecting their employees with a way to store and collaborate on files. Let’s look at the two major players, G Suite and Office 365.


Both G Suite and Office 365 offer businesses new methods of productivity. Each has competing features that make them appealing to their key demographic and allow employees to create, store, and share documents and files.

G Suite Features

G Suite was, until end of 2016, formerly known as Google Apps. This program is Google’s answer to the question of how to help businesses with the tools needed for everyday use in addition to offering a space for employees to work together.

To help employees with the tools they need to create files, G Suite includes a variety of applications. All the applications are available online and are accessible from anywhere with the user’s G Suite log in information. These apps include:

  • Docs
  • Sheets
  • Slides
  • Forms

Docs, Sheets, and Slides are the Google equivalent of Office products. Forms is a form creation program that allows employees to create questionnaires and surveys. Google then analyzes them for you quickly.

They also tackled online storage with Google Drive and, to a lesser extent, Google Groups. Groups are not an exact storage area as it is a communication tool. However, the files shared with the group do remain stored there until someone removes them.

To allow employees to work together and communicate, Google offers a wide array of options, all of which G Suite includes. Co-workers talk using

  • Gmail (which comes with a custom domain email @yourcompany)
  • Google Calendar
  • Google+
  • Google Hangouts with Video Chat
  • Google Groups

To help workers keep on track, Google Keep and Google Tasks work as a scrap pad to help workers with their list of things they need to do. Keep allows users to capture and organize ideas. Tasks work as a checklist of what needs completing.

Google Sites is a content management area for data storage and company intranet. Sites are easy-to-build websites. The sites built here allow co-workers to share and collaborate as well.

Office 365 Features

Like G Suite, Office 365 is Microsoft’s answer to the business need for anywhere access. At the core of the service are the popular and familiar applications. Unlike with Google, some of the Office 365 services offer local copies in addition to web-based versions of the applications.

Web and Desktop Apps include:

  • Word
  • Excel
  • PowerPoint
  • Outlook

Desktop apps only:

  • Access
  • Publisher
  • One Note

Each desktop application license covers up to five devices such as tablets, phones, PCs or Macs. It allows employees to load the applications on their mobile devices, work computers, and personal systems used for work purposes.

Office 365 comes with 1TB OneDrive storage per user. Like Google Drive, OneDrive is a place for users can create, edit, download, and share documents and other media.

As for collaboration where users can talk and work together, Office 365 offers a variety of options. Select plans come with a dedicated email with custom domain addresses. However, the straight Business plan does not come with email, but Microsoft does offer free email at

In addition to email, Office offers:

  • Skype for Business for chat and video calling
  • Teams for chat
  • Yammer for chat
  • Exchange for messaging

Select plans include SharePoint which for intranet use to allow employees a central location to work together on projects.

Security (Office 365 Vs G Suite)

When it comes to security, both companies work hard to protect their users. Both try to monitor their servers for weaknesses and offer patches as quickly as they can to holes in their infrastructure. Both providers offer HIPAA compliance to their consumers, with the appropriate paperwork.

G Suite Security

When it comes to security, Google tries to have their users’ best interest in mind. In fact, Google is not only HIPAA compliant but also certified with ISO 27001, ISO 27018, EY Point, and AICPA/SOC. These certifications highlight their dedication to security.

G Suite comes with Spam, phishing, and malware prevention. They also have brand phishing defense as part of their security infrastructure.

On the user-controlled side, administrators can turn on two-step verification which forces users to use an alternate code in addition to their log-in credentials to access their files. Administrators also control the single-point sign on to unify access to other enterprise cloud applications and management of mobile devices.

Additionally, Google offers data loss protection (DLP) to allow administrators to protect proprietary information from being emailed to outside sources. Any messages that contain the information set in the DLP is either blocked from being sent or quarantined. Quarantined emails alert the sender to allow them to remove any sensitive data before sending.

Office 365 Security

Like Google, Microsoft ensures company data is secure. Microsoft uses service-side encryption to protect data both at rest on servers and during transfers between the user’s device and Microsoft’s servers.

When the files are on the servers, Office uses both file-level and volume-level encryption. Multiple types of encryption protect data in transit. This encoding includes Internet Protocol Security (IPsec) and Transport Layer Security (TLS). Microsoft uses third-party auditors to verify their cryptography independently.

Along with TLS and IPsec, Microsoft uses Advanced Threat Protection (ATP) to filter potentially dangerous email messages from company Office 365 inboxes (available on select plans). The protection keeps spam, viruses, and malware out without having to set additional settings.

Additionally, Microsoft offers the same two-factor authentication that Google provides their customers. The authenticating code arrives by text, phone call, or using a mobile application. Clients using two-factor authentication may also need application passwords to use non-browser based clients such as Outlook or Skype for Business.

Plans and Pricing

Both G Suite and Office 365 offer a tiered business system that allows clients to pick the best plan for their company.

G Suite

G Suite has three plans for businesses to choose. All options come with a 15-day free trial.

Plan NameCost per User per Month

The Basic Plan includes:

  • Email
  • Video and Voice Conferencing
  • Shared Calendar
  • Docs, Sheets, Slides
  • 24/7 customer support via email, phone, or online
  • Security admin controls
  • 30GB storage

Business Plans include everything from the Basic plan plus:

  • Unlimited Cloud (or 1TB per user if there are fewer than five users)
  • Smart search across G Suite with Cloud Search
  • Archive and set retention policies for email and chats
  • eDiscovery for email, cats, and files
  • Audit reports to track activity

Enterprise Plans include everything from Business and Basic plans plus:

  • Data Loss Prevention for Gmail
  • Data Loss Prevention for Google Drive
  • Hosted S/MIME for Gmail
  • Integrated Gmail with Compliant 3rd Party Archiving tools

Office 365

Office 365 also has a tiered solution for companies to choose. There are three primary plans to accommodate businesses with 300 or fewer employees. Microsoft also offers Enterprise level plans for larger corporations. Business Premium, E3 and E5 Enterprise plans come with a 30-day free trial.

Small Businesses
Plan NameCost Per User Per Month (Annual)Cost Per User Per Month (monthly)
Business Essential$5.00$6.00
Business Premium$12.50$15.00

Business Essential includes:

  • Online web apps of Word, Excel, PowerPoint, and Outlook
  • 1 TB OneDrive storage per user
  • Skype for Business
  • Exchange
  • SharePoint
  • Teams

Business includes:

  • Online web apps of Word, Excel, PowerPoint
  • Desktop apps of Word, Excel, PowerPoint, Outlook, OneNote, Access, and Publisher
  • 1 TB OneDrive storage per user

Business Premium includes everything from the essential plan plus:

  • Desktop apps of Word, Excel, PowerPoint, Outlook, Access, Publisher, and OneNote
Enterprise Level
Plan NameCost Per User Per Month (annual)
Pro Plus$12.00

E1 includes:

  • Online applications of Word, Excel, PowerPoint, and Outlook
  • 1TB OneDrive per user
  • Hosted Email 50GB
  • SharePoint
  • Video Conferencing for up to 250 people
  • Skype Meeting broadcast for up to 10,000 people
  • Teams
  • Manual retention/deletion policies
  • Tasks
  • Planner
  • 24/7 web/phone support
  • No limit to number of users

Pro Plus includes:

  • Desktop apps of Word, Excel, PowerPoint, Outlook, OneNote, Access, and Publisher
  • Online applications of Word, Excel, PowerPoint, and Outlook
  • 1TB OneDrive per user
  • 24/7 web/phone support
  • No limit to number of users

E3 includes everything found in the E1 tier plus:

  • Desktop apps of Word, Excel, PowerPoint, Outlook, OneNote, Access, and Publisher
  • Unlimited OneDrive Storage
  • Yammer messaging
  • eDiscovery with in-place search, hold, and export
  • Schedule management with StaffHub

E5 includes all E3 benefits plus additional security measures and calling features such as:

  • Exchange Online Advanced Threat Protection
  • Custom lock box for mail access control
  • Advanced data governance
  • Organization analytics
  • Phone system with add-on calling plan
  • Audio conferencing with a dial-in phone number.

No matter if you choose to go with G Suite or Office 365 for your business needs, it is crucial that you back up information created and stored in these services. CloudAlly offers continuous backup for all your employees using either G Suite or Office 365.  Both G Suite and Office 365 exchange start at $3 per user per month or $30 per user per year.

Try out our ROI calculator – Figure out the cost of not backing up your data.

Office 365 add-Ons

Best Microsoft Office 365 Productivity Add-Ons

In a recent article featured in KitGuru online magazine, the latest Office 365 add-Ons were illustrated with CloudAlly Office 365 Backup Solution topping the chart.

The article titled: Extending 365: 7 Tools to Improve Your Microsoft Office Experience, explicitly pointed out CloudAlly backup as one of the best Office 365 tools.  CloudAlly is again recognized as a leading productivity tool by ‘techies’ who value the simple but yet safe cloud-to-cloud backup solution.

Microsoft’s Office 365 is an incredibly powerful and comprehensive suite on its own, but with add-ons you can supercharge your Office 365 productivity, being able to restore your data from any point in time.

Try out CloudAlly backup solutions for: G Suite, Office 365, and others.

Free 14 day trial

Office 365 add-Ons