carloscastilla - Fotolia
Microsoft 365 subscriptions have a shared responsibility model. This understanding means Microsoft maintains the health of 365 applications and the underlying infrastructure, but subscribers protect their own data. As a result, backups are essential.
Just as they do for other IT resources, organizations should develop a backup strategy for Microsoft 365. There are four key components to define as part of a Microsoft 365 backup policy.
1. Where to write the backups
Since Microsoft 365 is a cloud service, consider backing data up to a cloud-based target, rather than bringing the data on premises. However, do not store backups within the Microsoft 365 cloud. Otherwise, a Microsoft 365 data loss incident might potentially harm backups as well.
2. The degree of redundancy
A certain amount of redundancy is required to adequately protect data. Ideally, have at least two separate backup copies stored in two different locations. For example, back data up to the cloud and then replicate it to a different region so that the backup and its replica are not stored in the same data center. Alternatively, replicate the backup to an entirely different cloud platform.
3. Data retention practices
Any Microsoft 365 backup policy should include data retention. The Microsoft 365 cloud has its own native data retention policies for deleted items, but IT should define data retention policies for backups as well. These policies stipulate the length of time to retain backups. They determine how far back in time an organization can go if a restoration is necessary.
4. Backup frequency
Data backup frequency varies based on the application. Some backup applications can protect Microsoft 365 data on a continuous basis, while others require admins to create a backup schedule. While both approaches work, schedule Microsoft 365 backups in a way that aligns with business and compliance requirements.
Dig Deeper on Cloud backup
Related Q&A from Brien Posey
Microsoft Teams storage limits can be complex for organizations to track. Learn the details and how to add Microsoft 365 storage to avoid capacity ... Continue Reading
Consider the fine print of encrypting data at rest. For example, access control permissions can make or break a storage encryption plan. Continue Reading
It's critical for an organization to know what data it needs to retain and where to store it. Some data is required for retention by law, so a ... Continue Reading