Posts

Follow These Tips to Prevent Data Loss on O365

Does Your Company Use Office 365?

Make Sure You Follow These Tips to Prevent Data Loss

There’s a lot of buzz surrounding the use of the cloud in recent years. Cloud computing increases a business’ efficiency, it helps reduce overhead costs, enables companies to be more flexible and it supports collaboration as well as communication. But what about data loss in the cloud?

With a reliable cloud-based solution in place, it means employees don’t necessarily have to be physically present in the office to be productive. Teams can be scattered all over the world and still be able to work as efficiently as they would if they were in the same brick-and-mortar office.

With all this functionality, it’s almost surprising to find out that there’s one aspect of enterprise cloud solutions that remains especially vulnerable–data loss.

Take the popular Software as a Service (SaaS) platform, Office 365, as an example. Being one of the more prominent cloud collaboration tools, you would assume that any data that gets deleted on it–for whatever reason–can be easily retrieved. But you’d be wrong. Unfortunately, Office 365 doesn’t protect users against data loss due to malicious attacks or user error. This is particularly worrying given that a study conducted by Aberdeen Group clearly illustrates the rise of cloud adoption among businesses. According to their research, 80 percent of respondents say that some form of SaaS application is now being used in their companies. And 32 percent say that they have experienced SaaS data loss in their own organization in some form. In fact,  CSO from IDG notes that data breaches and accidental deletion are among the top 12 cloud security threats for 2017.

With these in mind, implementing actionable measures to reduce your vulnerability is essential. Because the reality is, the convenience comes at the expense of your data. Protecting your data–whether from malicious attacks or admin carelessness–is in your hands. And it starts by knowing what actionable steps you can take–


With that in mind, here are 5 ways you can avoid data loss in Office 365.

1. Ensure all mobile devices that access the platform are secure

It’s likely that your company uses both company-issued and personal devices to access work email, contacts, calendar, and other important data. In fact, MarketsandMarkets surveyed bring-your-own-device (BYOD) trends for 2017 and notes a 36 percent rise at the start of 2017.  This number is even expected to jump to 50 percent at the start of 2018.

Given this, make sure that your team is able to implement and follow the company’s security policies carefully. Adding a feature that allows you to remotely protect proprietary information from malicious deletion or attacks is critical given how often data breaches happen today.

2. Implement multi-factor authentication for users

Malicious attacks today are getting more and more sophisticated. A single password—even one that uses a mix of upper and lower case letter, punctuation marks, and numbers—won’t be enough to keep data stored in Office 365 safe. It’s always better to be safe than sorry, so it’s best to enable multi-factor authentication to make it more difficult for hackers to access your account.

3. Avoid anonymous calendar sharing

One of the most useful features of Office 365 is its ability to share calendar information easily.

While it may seem like an innocuous feature unrelated to data breaches or loss, publicly sharing data can expose critical information about your business that would leave your company vulnerable to attacks. Hackers can use your schedules to determine how your company operates and identify which users are most vulnerable.

4. Establish role-based controls

Accessibility is one of the key advantages of Office 365. Be sure however to limit access to critical data. Carefully determine which users should and shouldn’t have access to specific files and features in your company. Talk to each department and coordinate with them to determine who should have access to what to minimize potential data leaks or loss.

5. Automate backups for your system

Office 365 unfortunately still only relies on the trash bin for data recovery. If someone hacks into your data, accidentally empties the bin, or maliciously destroys data, all your important data is gone forever. Implementing online data backups and disaster recovery will ensure that you have an archive of all your data, which you can recover if the need arises.

Office 365 has proven to be an essential tool for businesses today. But being responsible for the security of your company’s data means you have to be aware of the security risks you face while using it. To make sure that you protect your data from potential data loss, so get started with your free trial.

Office 365 Exchange Backup Procedures and Third-Party Backup with CloudAlly’s Office 365 Exchange Backup

Office 365 Exchange Backup Procedures and Third-Party Backup with CloudAlly’s Office 365 Exchange Backup

O365 Exchange BackupOffice 365 Exchange Online is an immensely effective app, but it has one significant issue. While Office 365 offers a few limited built-in and one-time recovery options for Exchange Online, the app does not have a workable backup feature that lets you recover emails after they have been deleted for over 30 days. Never fear, though. You can safely operate Exchange Online if you use it in tandem with CloudAlly’s Office 365 Exchange Backup.

Read on for more information about Office 365 Online’s backup issues, Microsoft’s built-in solutions for a few of these issues, and CloudAlly’s Office 365 Exchange Backup.

Limited Backup in Exchange Online

One of the major drawbacks of Exchange Online is that its mailboxes are not backed up in the Office 365 infrastructure. Microsoft does offer DAG technologies in two datacenters that provide a reseed/repair process if your data fails. But this is not enough. Data can be lost in multiple ways, which is why having multiple backup options is so important. Here are a few common ways emails can be lost:

  • Human error
  • Malicious activity
  • Malware, spyware, or ransomware
  • Incomplete data recovery systems
  • Data corruption

Despite protests from Exchange administrators, Microsoft seems intent on sticking to its gun in not supporting Exchange Online mailboxes being backed up within the Office 365 infrastructure. Still, many administrators have lost essential information from databases that were improperly or infrequently backed up. Microsoft isn’t going to solve the problem or protect your data; so, what can you do to ensure that your company’s data is secure?

Microsoft’s Suggestions for Restoring Email in Office 365 Exchange

Microsoft has a few built-in recovery options in Exchange Online. Some are standard features, while others require you to modify the system settings yourself.

Single item recovery

You can restore a single missing item in Exchange Online without restoring an entire mailbox database. If the Managed Folder Assistant processes a Recoverable Items folder for a mailbox with only one item recovery, that item will not be purged in the Purges subfolder if its retention period (by default, deleted emails are stored for 14 days) has not already passed.

Deleted item retention

Office 365 Exchange lets you restore deleted emails for up to 14 days. But you can also tweak the settings to recover email that has been deleted for up to 30 days. Here’s how to do it.

  1. Connect to Exchange Online’s PowerShell. To do this, enter the command $UserCredential = Get-Credential in the Windows PowerShell Credential Request dialog box. Click “OK.”
  2. Next, run the following command: $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection in the dialog box. Click “OK.”
  3. Next, run the following command ConnectionUrivalue (https://partner.outlook.cn/PowerShell).
  4. Finally, Run the following command: Import-PSSession $Session. You should now be connected to PowerShell.

5. You can choose to change only single users’ retention length. Say you are changing the retention length of a single user’s email. In this case, the user’s name is John Smith. Run the following command in the Exchange Management Shell: Set-Mailbox -Identity “John Smith” -RetainDeletedItemsFor 30 6. You can also change every user in your organization’s retention length by using the following command: Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq ‘UserMailbox’)} | Set-Mailbox -RetainDeletedItemsFor 30

Placing a mailbox on litigation hold

A litigation hold solution helps you recover email that has been in deleted items longer than 30 days. It is meant to be used as a one-off recovery solution, not one that is sustainable or very often usable. A litigation hold recovers all versions of a deleted email; you can also set a specific hold length. Here are the steps for a litigation hold in Exchange Online:

  1. Enter PowerShell as described in Steps 1 through 4 above.
  2. Navigate to “Recipients” and “Mailboxes.”
  3. Choose the user mailbox that you want to put on litigation hold, and click “Edit.”
  4. Click “Mailbox features” on the mailbox properties page.
  5. Find “Litigation hold: Disabled” and click “Enable.”
  6. You can then specify several features of your litigation hold, including “Litigation hold duration (days),” “Note” (which lets you notify a user that his or her mailbox is on litigation hold), and “URL” (to provide users more information about litigation holds).
  7. Click “Save” on the litigation hold and again on the mailbox properties page.

Reasons Microsoft’s Backup Solutions Fall Short – “Cover Your Bases”

While Microsoft’s built-in solutions provide remedies to some issues with Exchange Online’s backup and recovery issues, these options are extremely limited and only solve a small number of problems that could arise. CloudAlly’s Office 365 Exchange Backup provides a complete and simple backup option. Instead of Microsoft’s limiting 30-day recovery time, Exchange that provides you with unlimited data storage and retention.

CloudAlly’s Office 365 Exchange Backup gives you piece of mind in backing up Exchange Online. But since there are so many ways that emails can be lost, it makes good sense to use as many backup options as possible. While Microsoft offers built-in backup options for Exchange Online, all these solutions are less complete than CloudAlly’s Exchange Backup. For complete safety, you may want to consider implementing Microsoft’s suggested backups and CloudAlly’s Exchange Backup when integrating Exchange Online into your company’s workflow.

Our Backup ensures that your Office 365 Exchange will be secured and recoverable, no matter what happens to your emails. In addition to email, Office 365 Exchange Backup backs up your contacts, calendar, and tasks so that even if something happens to this information, you’ll be able to retrieve it – and you can easily set up backup support for all your users. Exchange Backup automatically discovers new users, or lets you add new employees to the Backup manually.

Office 365 Exchange Backup backs up your data in two ways. The first backs up data so you can find emails lost at a certain time. From there, you can search for your missing email on a precise, specific level. The second backup allows you to export your Office 365 emails to be stored locally.

Ready to see what security feels like? Try our Office 365 Backup for free for 15 days.

Office 365: Threat Intelligence and Data Governance Tools

Microsoft Office 365: Threat Intelligence and Data Governance Tools

Threat Intelligence and Data Governance ToolsThere is a lot that’s new about Microsoft’s Office 365 cloud version of its traditional desktop software. Some of the biggest new benefits have to do with two major pillars of an enterprise strategy: first, identifying and mitigating threats in a network, and second, establishing policies and procedures for data governance. Threat Intelligence and Data Governance Tools, are significant to our work process in Microsoft Office 365.

 

Why do companies need good data governance and threat intelligence systems in place?

Lots of experts are looking at studies by Ponemon, one of which estimates the average cost of a data breach at around $4 million — there is also this article from writer Michael Panciroli in April that sites some troubling statistics, for example, an assertion that 45% of surveyed companies don’t have good enough data governance to protect them from serious legal and security risks.

That kind of gap is what these new cloud features of Office 365 are meant to address — to help client companies to get more effective cybersecurity in place, perform better advanced data governance, and know more about their business data assets.

Major Benefits of Microsoft Office 365 Threat Intelligence

There is a ton of functionality built into Microsoft Office 365 Threat Intelligence that’s related to foiling hackers, conquering malware, and generally keeping a network safe and clean.

One essential element is the Microsoft Intelligent Security Graph — this new feature of Microsoft’s cloud security platform does two major things. One is that it’s a comprehensive data aggregation center that takes in diverse input from hundreds of different sources, along with many of the 350 billion authentications that Microsoft manages each month. The other is that it utilizes machine learning components to increase its threat mitigation power even more. (See more detail on the strengths of Microsoft’s Intelligent Security Graph from Microsoft Vice President of Enterprise Client & Mobility Brad Anderson in this testimonial video.)

In other words, part of the strength of Microsoft Office 365 Threat Intelligence tools is the amount of raw data available to a machine learning system that can work with it and make it into actionable results — for instance, offering real-time tools and alerts, isolating and dealing with content that looks suspicious, and integrating with other security information and event management tools.

Aside from the Intelligent Security Graph, the Office 365 platform also now offers a new Advanced Threat Protection (ATP) reporting interface with all sorts of dashboard views related to network activity. The ability to extend this to desktop clients, and to infiltrate areas of an enterprise network, is very useful to business leaders who need to keep an eagle eye out for disturbing warning signs of inappropriate activity. Maybe it’s a logon from a suspicious location, or activity by an employee that hasn’t been on staff for years. Another major red flag is a significant volume of file deletions, which is another real-time indicator that Microsoft Office 365 Threat Intelligence can analyze.

Relating Microsoft Office 365 Threat Intelligence to Advanced Data Governance

Businesses know that data governance is critically important. Many of them also understand how having access to raw data and tools to filter and refine that data adds to the threat intelligence that they benefit from in-house. But not every business understands how new Microsoft Office 365 tools can enhance data governance in concrete ways. For instance, cloud policy recommendations will help to define data that should be kept and stored in an archive, or data that can safely be discarded. That’s just one aspect of having a security and compliance portal that helps businesses to build and classify their data.

Along with having good data governance and threat intelligence software capabilities, CloudAlly’s Office 365 backup and recovery service is another important part of a fundamental cyber security system. By providing automated daily backups and the ability to restore or export data from any point in time, CloudAlly ensures ongoing business continuity in the event of data loss.

Office 365 add-Ons

Office 365 add-Ons

Best Microsoft Office 365 Productivity Add-Ons

In a recent article featured in KitGuru online magazine, the latest Office 365 add-Ons were illustrated with CloudAlly Office 365 Backup Solution topping the chart.

The article titled: Extending 365: 7 Tools to Improve Your Microsoft Office Experience, explicitly pointed out CloudAlly backup as one of the best Office 365 tools.  CloudAlly is again recognized as a leading productivity tool by ‘techies’ who value the simple but yet safe cloud-to-cloud backup solution.

Microsoft’s Office 365 is an incredibly powerful and comprehensive suite on its own, but with add-ons you can supercharge your Office 365 productivity, being able to restore your data from any point in time.

Try out CloudAlly backup solutions for: G Suite, Office 365, Box.com and others.

Free 14 day trial

Office 365 add-Ons

 

 

How to Recover a Deleted Contact in Office 365

How to Recover a Deleted Contact
in Office 365

Office 365 recover deleted items administrator

Having contacts in your email makes sending and receiving messages much easier. Instead of having to remember the email address or phone number, you can just click on a name, and there is the information you want to take.

Adding and recovering lost contacts in Office 365 is a simple task. It takes only a few clicks.

Add Contacts in Office 365

There are a couple of different ways to add contacts to your Office 365 account. It all depends on how you access email on your work computer. If you log into your Office 365 portal, choose the Outlook app launcher by clicking on the mail tile.

Once inside the email application, open the message of the contact you want to add. Depending on which type of application you are in, do the following.

  • Com: On the contact card that appears, click Add.
  • Outlook on the web: On the contact card that displays, click the three dots next to the person’s initials or picture. Click Add to contacts.
  • Outlook application on the computer: On the contact card, do the same on the web.

You can also manually input contact information by logging into your Office 365 portal and selecting the Contacts tile. Click Add and fill out the form.

Restoring Deleted Contacts in Office 365

Removing a contact is simple. However, sometimes you remove the wrong one. If you catch your mistake within 30 days, Office 365 allows you to restore the information back into your contact list seamlessly.

To restore contacts using Office 365:

  1. Log into your Office 365 portal and navigate to the Mail application using the Mail tile.
  2. In Outlook, select Manage.
  3. Click on Restore deleted contacts.
  4. In the Recover deleted items window that appears, check the box next to the name or names to restore.
  5. Select Recover, located at the top of the window. Then click OK.

Office restores the name, or names, back to your contact list. This restoration is nondestructive, so you do not have to worry about losing names added after the time you deleted the newly restored contact.

If you do not notice the deletion within 30 days, there is no way for Office 365 to recover the lost names. However, there is another way. Having an online backup of your Office 365 accounts, none of your employees will worry about losing their contact information.

CloudAlly offers complete Office 365 backup, including backup of email, calendar, and contact information for each employee using Office 365. Restoration takes a few clicks.

Log into your CloudAlly account and navigate to the Restore and Download page.  Once on the Restore and Download page, select the Office 365 account which holds the contact information to restore.

  1. Search for the contact using the Search Via and selecting a contact and entering at least part of the name to restore.
  2. Select the name from the search results and click Restore.
  3. In the confirmation window, ensure the email address to restore to is accurate. Change it if necessary. Click Restore.

Once restored, the administrator receives an email notification.

Start to backup your office 365 Exchange with a Free 14 day trial.

 

 

 

How to Secure Office 365

How to Secure Office 365

Office 365 Exchange Security Best Practices

Using Office 365 is a simple way to get all your employees on the same page. Of course, having a service that is accessible both in the office and on-the-go, means security is an even bigger consideration. How do you ensure your company’s Office 365 service is secure? How to secure Office 365 ?

Microsoft has built-in security tools to help keep unauthorized users out. While most of these features are available to every account holder, it must first be enabled. They are not turned on automatically.

Multi-factor Authentication

All Office 365 accounts use a single log-in to access email and cloud services. This simplistic approach makes it easy for the user; it does make it easy for an outsider to break into multiple accounts. Chances are, once they are in one employee account, the easier it is to get into another employee’s account.

To better protect your accounts, you can turn on multi-factor authentication for each of your employees.  To do so start by signing in to your Office 365 and go to the Office 365 admin center.

  1. Navigate to Users and select Active Users.
  2. In the Admin center select, More and Setup Azure multi-factor auth.
  3. Find the users you want to enable multi-factor authentication. If necessary, change the view at the top to see all your users.
  4. Check the box next to users whom you want multi-factor authentication enabled.
  5. On the right-hand side, select Enable.
  6. In the new dialog box, click enable multi-factor auth.

Now, users can set up two-factor verification.

Two-factor Authentication

After turning on the multi-factor authentication, you must set up the two-factor verification service. This feature requires that you enter an additional code upon signing into browser based accounts. The randomly generated code comes via text message, phone call, secondary email, or through a Microsoft Authenticator app.

Each employee logs into their account to start the process after the multi-factor authentication.

  1. Once logged in, select Set it now.
  2. Choose the authentication method that best suits you and follows the prompts.
  3. Once finished, Micorsoft prompts you for the secondary code the next time you log. You receive the code via the method chosen during setup.

You can choose multiple verification methods, which is recommended, in the event you cannot access your conventional method.

Setting Up App Password

Once the multi-factor authentication is enabled, you can allow your employees to create application passwords for your different apps. If they are using a non-browser application such as Outlook, you must have a particular app password to log in, not your traditional password.

Office 2016 administrators also have the option of setting up a two-factor authentication for their users. When using a two-factor authentication, non-browser applications require individual passcodes.

To set up an app password:

  1. Login to Office 365, you must use both your password and verification code.
  2. Choose to set and then Office 365
  3. Select Security and Privacy, then Additional security verification.
  4. On the Addition Security Verification page, choose “update my phone numbers used for account security.” This option brings up the page with the app password setting.
  5. Select app passwords at the top of the page
  6. Click on create. Microsoft generates a random password.
  7. Copy the password to clipboard; you do not need to memorize or write it down.
  8. Open the application needing the password.
  9. When prompted, paste the passcode into the password box. Make sure you check the “remember my credentials” box before clicking OK.

Once stored, the application saves the app password in memory. Anytime you change your account password you need to regenerate a new app password for each application.

Microsoft offers limited backup support for Office 365 services. While maintaining high-security protocols, such as multi-factor authentication, can help protect files, having a backup service such as CloudAlly in place can ensure you never lose important documents.

View CloudAlly backup for Office 365 Solution Case Study.