Posts

How Can You Safeguard Against Data Loss in Office 365?

Office 365 Data Loss

It is a myth that Microsoft will protect you from data loss in Office 365. Microsoft is incrementally ensuring a reliable service, but the data within your Office 365 tenant is your responsibility. However, it cannot protect you from Office 365 data loss at your end – due to malware, human error or malicious intent.

This article contains:

YOU have the onus of protecting Office 365 data

As per Compliance Laws

As per governance laws like the GDPR, HiPAA, SOX, and many others, protecting your customer’s data is a responsibility that is shared between the controller (your organization) and the processor (third-party service providers like SaaS platforms). Moreover, in the event of a data breach or data loss, “shared accountability” and “joint liability” is mandated.

Need another reason? Compliance laws also insist on the organization having “the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident”. What that means, is that they mandate that you have a solution or capability to accurately backup and restore data.

As per your Cloud Service Provider

Office 365 Data LossMicrosoft provides a highly reliable service with Office 365, but they themselves recommend backup in their service agreement, “We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services” 

Do not be mistaken – your data in Office 365 is your responsibility!

Ways data loss occurs in Office 365

Human Error: Office 365  has not yet reached the maturity where it can decipher intent when all the rules of the service are followed. We are talking about accidental deletions of data by parties with no ill-intent – plain human error. According to Aberdeen Group, research shows that 70% of all data loss is accidental.

Malware: Then there are malicious actors such as hackers, ransomware, and malware that can cause massive data loss. While there is so much you can do to fully prevent these attacks, these do happen and you need countermeasures.

And don’t forget about the disgruntled employee causing data loss by malicious intent!

New call-to-action

Office 365 outages do happen

Service in the cloud means 99.9% uptime. In the first few months of 2019 alone, Office 365 has suffered two major outages. The second outage dated 28th January 2019 was a massive two-day outage

Another Microsoft outage caused data loss where Microsoft deleted several Transparent Data Encryption (TDE) databases in Azure, holding live customer information. 

We are talking no email access, no customer emails, no spreadsheets, no presentations – Basically bringing your enterprise to a halt. Can you quantify the financial loss in having your data unavailable or lost for that long? 

What about native Office 365 archives

Office 365 offers short preset retention periods for deleted emails and deleted items in OneDrive. However, they hold data only for a limited period of time, do not backup regularly (your data will be outdated), and restoring data from may be cumbersome. Such options are more of an archival mechanism than a true backup and restore solution.

So how do you safeguard against Office 365 data loss?

So now that you know that your data in Office 365 needs dependable protection against data loss, what should you do? Select a 

Cloudally provides a safe (ISO 27001 certified, GDPR, and HIPAA compliant), secure (Amazon S3 Secure Storage and AES-256 Encryption) and flexible cloud backup solutions for Office365, Sharepoint and OneDrive, We were also ranked #1 under best business tool category by Newsweek by over 10,000 IT Pros. We offer a full-featured 15-day free trial which you can activate and start backing up your data in minutes and are very highly rated and recommended by our users.

Contact us to have an expert guide you as you navigate the waters of data protection to achieve a reliable and secure enterprise.

Five Tips to Prevent SharePoint Sprawl

Five Tips to Prevent SharePoint Sprawl

Many companies use Microsoft SharePoint to manage documents and workflow processes, and to help organize all of the communications flying around between various offices. Enterprise clients can even use Office 365 and SharePoint to create websites and chart a course for other kinds of digital and off-line projects. But good SharePoint management goes a long way — and it’s important to understand how this type of software is best used in business.

One particular problem with SharePoint is called “SharePoint sprawl.” This is the idea that over time, the SharePoint architecture, the collections of files, folders and documents organized in the SharePoint system, becomes large, unwieldy and eventually, disorganized.

Here are five ways to control your SharePoint libraries and collections.


What this article is about:


Managing Permissions and Privileges

One of the most fundamental ways to cut down on SharePoint sprawl is to restrict the technical permissions to create new files and folders, or add to the architecture that’s already there. This starts with having a policy for SharePoint creation, and enforcing that policy as rigidly as possible. You might end up having a few point people with advanced permissions and a responsibility to look over the structure from time to time. These auditors can help make sure that the company isn’t generating too much activity that can have a negative impact on how well you organize SharePoint materials.

No Duplicates

It’s also a good idea to be vigilant about duplication. Suppose a document gets created at the team level, and put into a team folder. Maybe at the same time, someone at a management level is opening a folder for a group. Where does that document go? What if it goes both places?

Keeping an eagle eye out for duplicates is part of “pruning” the SharePoint structure to prevent sprawl.

New call-to-action

Good Governance

In general, data governance is a concern at most businesses of any significant size.

Data governance, again, revolves around planning and policy. When you start to look at how the business typically generates data, and how it’s stored, and how it moves in transit, there is the capability to fine-tune the data flow for individual business processes. This sets your business up for success, and also prevents the kinds of disorganization that people like to call “sprawl” or “bloating” in a system.

Effective Use of Metadata

Companies can also go over how to use features like tagging and managed keywords in SharePoint. These types of metadata allow for more agile file retrieval and better classification of data objects within the system. When you get acquainted with terms like “folksonomy” and understand collaborative processes better, your SharePoint policies will benefit from that.

Utilize External Software

You can also improve enterprise use of SharePoint in Office 365 with the addition of some third-party tools that help safeguard data in your company systems. Cloudally’s comprehensive backup platform assures that the data you need will be there when you need it — even if it’s months or years in the future. In many ways, managing data in SharePoint or anywhere else is managing a timeline, as well as a volume of data. Any limitations or restrictions in the native applications can be extremely harmful when it comes to processes like e-discovery. Talk to Cloudally about getting real, comprehensive protection for your valuable data. Ask our Support Team for more information.


Now that you know about how to prevent SharePoint sprawl, you might want to have a look at what we created for you…

Follow These Tips to Prevent Data Loss on O365

Does Your Company Use Office 365?

Make Sure You Follow These Tips to Prevent Data Loss

There’s a lot of buzz surrounding the use of the cloud in recent years. Cloud computing increases a business’ efficiency, it helps reduce overhead costs, enables companies to be more flexible and it supports collaboration as well as communication. But what about data loss in the cloud?

With a reliable cloud-based solution in place, it means employees don’t necessarily have to be physically present in the office to be productive. Teams can be scattered all over the world and still be able to work as efficiently as they would if they were in the same brick-and-mortar office.

With all this functionality, it’s almost surprising to find out that there’s one aspect of enterprise cloud solutions that remains especially vulnerable–data loss.

New call-to-action

Take the popular Software as a Service (SaaS) platform, Office 365, as an example. Being one of the more prominent cloud collaboration tools, you would assume that any data that gets deleted on it–for whatever reason–can be easily retrieved. But you’d be wrong. Unfortunately, Office 365 doesn’t protect users against data loss due to malicious attacks or user error. This is particularly worrying given that a study conducted by Aberdeen Group clearly illustrates the rise of cloud adoption among businesses. According to their research, 80 percent of respondents say that some form of SaaS application is now being used in their companies. And 32 percent say that they have experienced SaaS data loss in their own organization in some form. In fact,  CSO from IDG notes that data breaches and accidental deletion are among the top 12 cloud security threats for 2017.

With these in mind, implementing actionable measures to reduce your vulnerability is essential. Because the reality is, the convenience comes at the expense of your data. Protecting your data–whether from malicious attacks or admin carelessness–is in your hands. And it starts by knowing what actionable steps you can take–


With that in mind, here are 5 ways you can avoid data loss in Office 365.

1. Ensure all mobile devices that access the platform are secure

It’s likely that your company uses both company-issued and personal devices to access work email, contacts, calendar, and other important data. In fact, MarketsandMarkets surveyed bring-your-own-device (BYOD) trends for 2017 and notes a 36 percent rise at the start of 2017.  This number is even expected to jump to 50 percent at the start of 2018.

Given this, make sure that your team is able to implement and follow the company’s security policies carefully. Adding a feature that allows you to remotely protect proprietary information from malicious deletion or attacks is critical given how often data breaches happen today.

2. Implement multi-factor authentication for users

Malicious attacks today are getting more and more sophisticated. A single password—even one that uses a mix of upper and lower case letter, punctuation marks, and numbers—won’t be enough to keep data stored in Office 365 safe. It’s always better to be safe than sorry, so it’s best to enable multi-factor authentication to make it more difficult for hackers to access your account.

3. Avoid anonymous calendar sharing

One of the most useful features of Office 365 is its ability to share calendar information easily.

While it may seem like an innocuous feature unrelated to data breaches or loss, publicly sharing data can expose critical information about your business that would leave your company vulnerable to attacks. Hackers can use your schedules to determine how your company operates and identify which users are most vulnerable.

4. Establish role-based controls

Accessibility is one of the key advantages of Office 365. Be sure however to limit access to critical data. Carefully determine which users should and shouldn’t have access to specific files and features in your company. Talk to each department and coordinate with them to determine who should have access to what to minimize potential data leaks or loss.

5. Automate backups for your system

Office 365 unfortunately still only relies on the trash bin for data recovery. If someone hacks into your data, accidentally empties the bin, or maliciously destroys data, all your important data is gone forever. Implementing online data backups and disaster recovery will ensure that you have an archive of all your data, which you can recover if the need arises.

Office 365 has proven to be an essential tool for businesses today. But being responsible for the security of your company’s data means you have to be aware of the security risks you face while using it. To make sure that you protect your data from potential data loss, so get started with your free trial.

Office 365 Exchange Backup Procedures and Third-Party Backup with CloudAlly’s Office 365 Exchange Backup

O365 Exchange BackupOffice 365 Exchange Online is an immensely effective app, but it has one significant issue. While Office 365 offers a few limited built-in and one-time recovery options for Exchange Online, the app does not have a workable backup feature that lets you recover emails after they have been deleted for over 30 days. Never fear, though. You can safely operate Exchange Online if you use it in tandem with CloudAlly’s Office 365 Exchange Backup.

Read on for more information about Office 365 Online’s backup issues, Microsoft’s built-in solutions for a few of these issues, and CloudAlly’s Office 365 Exchange Backup.

Limited Backup in Exchange Online

One of the major drawbacks of Exchange Online is that its mailboxes are not backed up in the Office 365 infrastructure. Microsoft does offer DAG technologies in two datacenters that provide a reseed/repair process if your data fails. But this is not enough. Data can be lost in multiple ways, which is why having multiple backup options is so important. Here are a few common ways emails can be lost:

  • Human error
  • Malicious activity
  • Malware, spyware, or ransomware
  • Incomplete data recovery systems
  • Data corruption

Despite protests from Exchange administrators, Microsoft seems intent on sticking to its gun in not supporting Exchange Online mailboxes being backed up within the Office 365 infrastructure. Still, many administrators have lost essential information from databases that were improperly or infrequently backed up. Microsoft isn’t going to solve the problem or protect your data; so, what can you do to ensure that your company’s data is secure?

hbspt.cta.load(3820149, ‘5acee91c-7895-4eff-bc12-8e4b32cdf369’, {});

Microsoft’s Suggestions for Restoring Email in Office 365 Exchange

Microsoft has a few built-in recovery options in Exchange Online. Some are standard features, while others require you to modify the system settings yourself.

Single item recovery

You can restore a single missing item in Exchange Online without restoring an entire mailbox database. If the Managed Folder Assistant processes a Recoverable Items folder for a mailbox with only one item recovery, that item will not be purged in the Purges subfolder if its retention period (by default, deleted emails are stored for 14 days) has not already passed.

Deleted item retention

Office 365 Exchange lets you restore deleted emails for up to 14 days. But you can also tweak the settings to recover email that has been deleted for up to 30 days. Here’s how to do it.

  1. Connect to Exchange Online’s PowerShell. To do this, enter the command $UserCredential = Get-Credential in the Windows PowerShell Credential Request dialog box. Click “OK.”
  2. Next, run the following command: $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/ -Credential $UserCredential -Authentication Basic -AllowRedirection in the dialog box. Click “OK.”
  3. Next, run the following command ConnectionUrivalue (https://partner.outlook.cn/PowerShell).
  4. Finally, Run the following command: Import-PSSession $Session. You should now be connected to PowerShell.

5. You can choose to change only single users’ retention length. Say you are changing the retention length of a single user’s email. In this case, the user’s name is John Smith. Run the following command in the Exchange Management Shell: Set-Mailbox -Identity “John Smith” -RetainDeletedItemsFor 30 6. You can also change every user in your organization’s retention length by using the following command: Get-Mailbox -ResultSize unlimited -Filter {(RecipientTypeDetails -eq ‘UserMailbox’)} | Set-Mailbox -RetainDeletedItemsFor 30

New call-to-action

Placing a mailbox on litigation hold

A litigation hold solution helps you recover email that has been in deleted items longer than 30 days. It is meant to be used as a one-off recovery solution, not one that is sustainable or very often usable. A litigation hold recovers all versions of a deleted email; you can also set a specific hold length. Here are the steps for a litigation hold in Exchange Online:

  1. Enter PowerShell as described in Steps 1 through 4 above.
  2. Navigate to “Recipients” and “Mailboxes.”
  3. Choose the user mailbox that you want to put on litigation hold, and click “Edit.”
  4. Click “Mailbox features” on the mailbox properties page.
  5. Find “Litigation hold: Disabled” and click “Enable.”
  6. You can then specify several features of your litigation hold, including “Litigation hold duration (days),” “Note” (which lets you notify a user that his or her mailbox is on litigation hold), and “URL” (to provide users more information about litigation holds).
  7. Click “Save” on the litigation hold and again on the mailbox properties page.

Reasons Microsoft’s Backup Solutions Fall Short – “Cover Your Bases”

While Microsoft’s built-in solutions provide remedies to some issues with Exchange Online’s backup and recovery issues, these options are extremely limited and only solve a small number of problems that could arise. CloudAlly’s Office 365 Exchange Backup provides a complete and simple backup option. Instead of Microsoft’s limiting 30-day recovery time, Exchange that provides you with unlimited data storage and retention.

CloudAlly’s Office 365 Exchange Backup gives you piece of mind in backing up Exchange Online. But since there are so many ways that emails can be lost, it makes good sense to use as many backup options as possible. While Microsoft offers built-in backup options for Exchange Online, all these solutions are less complete than CloudAlly’s Exchange Backup. For complete safety, you may want to consider implementing Microsoft’s suggested backups and CloudAlly’s Exchange Backup when integrating Exchange Online into your company’s workflow.

Our Backup ensures that your Office 365 Exchange will be secured and recoverable, no matter what happens to your emails. In addition to email, Office 365 Exchange Backup backs up your contacts, calendar, and tasks so that even if something happens to this information, you’ll be able to retrieve it – and you can easily set up backup support for all your users. Exchange Backup automatically discovers new users, or lets you add new employees to the Backup manually.

Office 365 Exchange Backup backs up your data in two ways. The first backs up data so you can find emails lost at a certain time. From there, you can search for your missing email on a precise, specific level. The second backup allows you to export your Office 365 emails to be stored locally.

Ready to see what security feels like? Try our Office 365 Backup for free for 15 days.

Office 365: Threat Intelligence and Data Governance Tools

Microsoft Office 365: Threat Intelligence and Data Governance Tools

Threat Intelligence and Data Governance ToolsThere is a lot that’s new about Microsoft’s Office 365 cloud version of its traditional desktop software. Some of the biggest new benefits have to do with two major pillars of an enterprise strategy: first, identifying and mitigating threats in a network, and second, establishing policies and procedures for data governance. Threat Intelligence and Data Governance Tools, are significant to our work process in Microsoft Office 365.

 

Why do companies need good data governance and threat intelligence systems in place?

Lots of experts are looking at studies by Ponemon, one of which estimates the average cost of a data breach at around $4 million — there is also this article from writer Michael Panciroli in April that sites some troubling statistics, for example, an assertion that 45% of surveyed companies don’t have good enough data governance to protect them from serious legal and security risks.

That kind of gap is what these new cloud features of Office 365 are meant to address — to help client companies to get more effective cybersecurity in place, perform better advanced data governance, and know more about their business data assets.

Major Benefits of Microsoft Office 365 Threat Intelligence

There is a ton of functionality built into Microsoft Office 365 Threat Intelligence that’s related to foiling hackers, conquering malware, and generally keeping a network safe and clean.

One essential element is the Microsoft Intelligent Security Graph — this new feature of Microsoft’s cloud security platform does two major things. One is that it’s a comprehensive data aggregation center that takes in diverse input from hundreds of different sources, along with many of the 350 billion authentications that Microsoft manages each month. The other is that it utilizes machine learning components to increase its threat mitigation power even more. (See more detail on the strengths of Microsoft’s Intelligent Security Graph from Microsoft Vice President of Enterprise Client & Mobility Brad Anderson in this testimonial video.)

In other words, part of the strength of Microsoft Office 365 Threat Intelligence tools is the amount of raw data available to a machine learning system that can work with it and make it into actionable results — for instance, offering real-time tools and alerts, isolating and dealing with content that looks suspicious, and integrating with other security information and event management tools.

Aside from the Intelligent Security Graph, the Office 365 platform also now offers a new Advanced Threat Protection (ATP) reporting interface with all sorts of dashboard views related to network activity. The ability to extend this to desktop clients, and to infiltrate areas of an enterprise network, is very useful to business leaders who need to keep an eagle eye out for disturbing warning signs of inappropriate activity. Maybe it’s a logon from a suspicious location, or activity by an employee that hasn’t been on staff for years. Another major red flag is a significant volume of file deletions, which is another real-time indicator that Microsoft Office 365 Threat Intelligence can analyze.

Relating Microsoft Office 365 Threat Intelligence to Advanced Data Governance

Businesses know that data governance is critically important. Many of them also understand how having access to raw data and tools to filter and refine that data adds to the threat intelligence that they benefit from in-house. But not every business understands how new Microsoft Office 365 tools can enhance data governance in concrete ways. For instance, cloud policy recommendations will help to define data that should be kept and stored in an archive, or data that can safely be discarded. That’s just one aspect of having a security and compliance portal that helps businesses to build and classify their data.

Along with having good data governance and threat intelligence software capabilities, CloudAlly’s Office 365 backup and recovery service is another important part of a fundamental cyber security system. By providing automated daily backups and the ability to restore or export data from any point in time, CloudAlly ensures ongoing business continuity in the event of data loss.

Office 365 add-Ons

Best Microsoft Office 365 Productivity Add-Ons

In a recent article featured in KitGuru online magazine, the latest Office 365 add-Ons were illustrated with CloudAlly Office 365 Backup Solution topping the chart.

The article titled: Extending 365: 7 Tools to Improve Your Microsoft Office Experience, explicitly pointed out CloudAlly backup as one of the best Office 365 tools.  CloudAlly is again recognized as a leading productivity tool by ‘techies’ who value the simple but yet safe cloud-to-cloud backup solution.

Microsoft’s Office 365 is an incredibly powerful and comprehensive suite on its own, but with add-ons you can supercharge your Office 365 productivity, being able to restore your data from any point in time.

Try out CloudAlly backup solutions for: G Suite, Office 365, Box.com and others.

Free 14 day trial