Having a comprehensive and adaptable Microsoft 365 backup and recovery solution in place is increasingly important for Microsoft 365 (formerly Office 365) customers. Backup and recovery solutions capture a point-in-time copy of a file, database or even an entire computer and write the data out to a secondary storage device so that users can recover it in the future. This means that any data that’s deleted accidentally can easily be recovered, but it also means that files are protected against ransomware attacks. These threats involve a hacker holding data hostage until the victim pays a ransom.
Microsoft doesn’t provide full native backup for Microsoft 365. In fact, the default settings only protect data for 30-90 days on average. This can lead to a lot of complications when organizations believe their systems are backed up, and later find that items have disappeared. But if Microsoft hasn’t covered it, you might ask, why are backup and recovery so important?
Microsoft’s 2022 Digital Defense Report stated that 44% of organizations affected by ransomware in the past year did not have immutable backups for their compromised systems. This, according to their incident response team, greatly impacted recovery times and the ability for businesses to resume normal operations. So, with the risk of attack on the rise, it’s crucial that you have a strong backup and recovery solution in place to secure your data and help your businesses get back on its feet in the event of a breach.
In this article, we’ll explore the top solutions designed to protect your organization against data loss through backup and recovery. These include features such as real-time backups; rollback and restoration; role-based access to backups and reporting; and the protection of remote sites and public cloud workloads. We’ll give you some background information on the provider and the key features of each solution, as well as the type of customer that they are most suitable for.
Acquired by OpenText in 2021, CloudAlly is a leader in cloud-based data protection for small- to midsized businesses. Over 14,000 organizations globally rely on CloudAlly’s SaaS data protection platform to secure them against malicious and accidental data loss. CloudAlly Backup for Microsoft 365 is their enterprise-grade backup and recovery solution that integrates seamlessly with all Microsoft 365 plans. The solution was the first commercially available cloud backup solution for Microsoft 365, and supports backup and recovery for all M365 data (including Mail, Calendar, Contacts, and Tasks), as well as Teams, OneDrive, and SharePoint.
CloudAlly Backup for Microsoft 365 automatically creates daily backups of all M365 data, but the schedule for backups can be customized by admins. The platform integrates with Active Directory to automatically discover new users, so employee data is backed up as soon as they’re enrolled at the company. CloudAlly offers unlimited data retention and immutable storage to minimize accidental and malicious data loss. For added security, all backups are encrypted at rest using AES 256-bit encryption, and the platform offers support for two-factor authentication via OAuth and Okta. Organizations can choose which of CloudAlly’s global data centers to send their backups to—with options in the US, Canada, UK, Ireland, Germany, and Australia—helping to ensure compliance with data protection standards such as ISO 27001, HIPAA, and GDPR. To restore data, admins can perform granular searches to find the exact data they’d like to recover, then choose from multiple recovery options, including historical snapshot, cross-user restore, non-destructive restore, and mailbox recovery.
CloudAlly offers enterprise-grade backup and recovery for Microsoft 365 data, yet the platform is easy to manage thanks to its intuitive interface, out-of-the-box configurations, and 24/7/365 customer support. As such, CloudAlly Backup for Microsoft 365 is a strong solution for any SMB looking to secure their MS365 data long-term. We also recommend CloudAlly as being particularly suitable for educational institutions, as paid subscriptions are only required for staff accounts—students are free—, and non-profit organizations, as there are discounts available.
Veeam is a global market leader in backup and recovery solutions, holding the highest market share in EMEA (Europe, the Middle East and Africa) and the third-largest share worldwide. 82% of Fortune 500 companies are in the Veeam client pool and trust this vendor with their data. Veeam offers a range of solutions to fit business needs, with their Backup & Replication solution being one of their most popular flagship products. However, Veeam also offers Veeam Backup for Microsoft Office 365 as a standalone product to protect and restore Microsoft O365 data, including Office 365 mailboxes, Exchange, SharePoint, OneDrive, OneNote and Teams.
Veeam Backup for Microsoft Office 365 enables users to back up their data as often as every five minutes in Microsoft’s native format, which makes file recovery much quicker. A key benefit of this solution is its flexibility. When it comes to the data restoration itself, Veeam offers 25 recovery options to cover all incidents, from complete recovery to more granular file-level recovery. Users also have the option to choose what type of retention they want; traditional item-level storage, or snapshot-based incremental storage. Organizations can store their data in whichever way best suits them: on-premise with available local storage, or in the cloud using one of many available object storage options, including AWS S3, Azure Blob and IBM Cloud.
Customers praise Veeam’s solution for being easy to manage through the user-friendly dashboard interface once configured, though the initial setup can be complex, especially for hybrid environments. Its flexibility makes Veeam Backup for Microsoft Office 365 a strong solution for midmarket and enterprise organizations looking for reliable backup. But small businesses shouldn’t feel left out – Veeam has recently introduced Backup for Microsoft Office 365 Community Edition, which protects up to 10 users for free with no feature limitations.
Acquired in July 2021 by Hewlett Packard Enterprise, Zerto is a cloud data management and protection technology that offer data protection, backup, recovery and workload mobility solutions for on-premise virtual environments and public clouds. Zerto Backup for SaaS, powered by Keepit, is their cloud backup and recovery solution designed to protect the most widely-used SaaS solutions, including Microsoft 365, Dynamics 365, Google Workspace and Salesforce.
Zerto’s disaster recovery is founded on continuous data protection (CDP). It uses journal-based technology to log all changes that are made during a specific period, so that the user can recover data from any point-in-time, right down to the second. Cloud-to-cloud backup ensures the security of all Microsoft 365 data, including Exchange, Teams, Sharepoint and OneDrive. It also enables businesses to access their data even if their SaaS application is experiencing downtime. Zerto automatically retains all Microsoft 365 data for 12 months, but customers can set the retention period as needed with no limits. Restoration options span from full recoveries to granular data points, and with the Search & Restore feature, users can locate and restore data via a simple keyword search.
Deployed in the cloud, the solution is easy to set up and configure, with no on-premises installation required. We recommend Zerto for larger enterprises looking for all-in-one protection and disaster recovery for their Microsoft 365 data.
Rubrik offers three main backup and recovery products: Rubrik Cloud Data Management (RCDM), their core backup platform; Polaris, their SaaS-based platform; and Mosaic, which offers protection for NoSQL workloads. We’re going to focus on Rubrik Polaris. Polaris provides hybrid cloud enterprises with instant data backup and recovery for their Microsoft O365 applications, leveraging advanced search tools and granular restoration to mitigate data loss.
Polaris’ backups are long-term and scale with the organization’s O365 environment. Users can perform full restorations, but also more granular restorations, such as a OneDrive folder or individual email. The file-level search tool allows users to find specific backups quickly to ensure a smooth recovery from data loss. Polaris also features Radar, which uses machine learning to monitor the Polaris backup environment for any unusual activity, which allows the solution to quickly detect and remediate ransomware threats before they can cause damage. The machine learning element ensures that threat detection is up to date, securing data against new and emerging threats.
Finally, admins have access to full centralized management and reporting tools for all on-premise and cloud devices from a single platform. From here, they can view all backup and recovery activity, as well as automate policy assignments. This is particularly useful for large-scale MS O365 environments.
Rubrik Polaris allows organizations to protect their data within minutes of purchasing a subscription. The solution is fully compatible with Office 365 and Azure and can be connected with those subscriptions via OAuth. All data and metadata is encrypted and remains within the organization’s Azure subscription. Polaris is a strong backup and recovery solution for larger enterprises looking for an effective backup solution that’s easy to deploy and manage.
N-able is a cybersecurity provider that offers a range of solutions designed to help managed service providers (MSPs) better serve their clients, as well as manage their own security. N-able Backup is their cloud-based backup and recovery solution for physical and virtual servers, workstations, critical business documents and Microsoft O365. Compatible with on-premise, cloud and hybrid environments, it secures organizations no matter the state of their cloud transition. The solution offers storage in N-able private cloud for fast and reliable recovery and is managed from one centralized dashboard.
N-able Backup is optimized for fast data transfer between an organization’s systems and their global private cloud over the WAN. Storing backups in their own cloud means that there’s no need for hardware, helping to reduce the strain on system resources. However, organizations also have the option to write backups out to their own hardware if they wish to have a local copy to hand. N-able Backup provides a multi-tenant hosted dashboard that allows admins to check backup statuses, schedule backups and recover data across all servers, workstations and business-critical applications from one place. This eliminates the need for multiple backup solutions and makes the whole platform easier to manage. The solution offers multiple options for the recoveries themselves, including bare metal, physical-to-virtual and virtual-to-physical recoveries.
N-able Backup was designed specifically for the cloud and is optimized for efficient data transfer that minimizes strains on bandwidth and system resources. Customers praise this solution for its easy deployment and automation options for scheduling backups that reduce the need for manual configuration. N-able Backup is an ideal solution for MSPs and organizations looking for an effective backup and recovery solution with private cloud storage included, that’s simple to install and manage.
Druva offers data protection across data centers, cloud applications and endpoints via a SaaS platform. Their native cloud architecture allows customers to streamline their security, whilst reducing administrative overhead. Druva Phoenix is their scalable, cloud-native solution that secures data from human error, ransomware attacks, and non-compliance penalties as a result of gaps in data retention policies. It also gives admins critical insights into their Microsoft Office 365 data and projects via their dashboard.
Druva Phoenix detects, investigates and responds to insider threats before any accidental damage can be done. In the case of deletion, the solution restores data to its original location with an automated search and restore feature. The solution also offers protection against ransomware, notifying users of any data risks. It separates data and metadata to simplify cleansing and recovery and make restoration faster. This solution’s backups are all covered by the same consistent retention policy so that admins can easily monitor data compliance. From the dashboard, admins can view data activities chronologically by user, which makes it easier to identify and remediate sensitive data risks at rest.
As well as MS O365 backup, Druva’s Cloud Platform provides disaster recovery and endpoint backup. Each of their solutions is available on-premise and in cloud, and they’re able to cover branch/remote offices as well as an organization’s main office. No matter their location, admins can monitor recovery activity across all protected devices from a single interface.
Because Druva Phoenix is cloud-based, it doesn’t require any infrastructure installation. Admins can manage their data through one interface within 15 minutes of purchasing a subscription. We recommend it as a strong, comprehensive SaaS backup and recovery solution for mid-market and enterprise organizations.
Dell Technologies focuses on empowering organizations through digital transformation. They offer a range of solutions and products that secure IT infrastructure, individual employee devices and wider industries. PowerProtect Data Manager is Dell Technologies’ main data backup and recovery solution, designed to protect physical, virtual and cloud environments. The solution provides software defined data protection as well as automated discovery and deduplication. It’s available as a stand-alone solution and as a part of Dell’s Data Protection Suite, which also includes Avamar and NetWorker.
PowerProtect Data Manager is software defined, which allows it to protect data across both applications and cloud-native IT environments. Customers have the option to write backups out to the cloud for long-term retention and disaster recovery, as well as to self-manage backup and restore directly from native applications. The management console is also cloud-based. This means that admins can easily access backup information and monitor recoveries for any device from any location. From the console, admins also have complete oversight and governance to ensure compliance. PowerProtect also offers automated deduplication, which takes the strain off system resources. The solution is designed and delivered in a modular, agile way, which means that Dell can deliver updates and new features rapidly to help combat new and emerging threats.
Dell’s PowerProtect Data Manager is built around simplicity, agility and flexibility. Dell has released three new updates for it in the last year, demonstrating investment and dedication to providing security against even the latest threats. Customers praise this solution as being easy to use and manage, despite there not currently being a unified management console to cover both on-premise and public cloud environments. We recommend PowerProtect Data Manager for both SMBs and larger enterprises looking for a powerful, up to date data backup and recovery solution.
Datto, a Kaseya company, is a market-leading provider of network management, business continuity, and data protection tools for MSPs. SaaS Protection is Datto’s backup and disaster recovery solution for data stored in Microsoft 365 and Google Workspace applications. SaaS Protection offers automatic backups and flexible data recovery to help MSPs secure their clients’ cloud data against malicious and accidental data loss scenarios.
Datto’s SaaS Protection automatically creates backups thrice daily of all Exchange, Tasks, SharePoint, OneDrive, and Teams data. One backup up, data is written out to Datto’s private cloud (with storage centers in the US, UK, Australia, Canada, Germany, and Singapore) and stored in compliance with SOC 1 and SOC 2 Type II reporting standards. Admins can configure retention periods as needed, or choose to store data indefinitely. From the multi-tenant management portal, admins can easily manage their clients’ licenses, view the status of their backups, and restore or export data (including PST export for Exchange data) to a given point in time before the data loss occurred. SaaSProtection offers highly flexible restoration options, including cross-user restore, and the ability to restore individual objects or whole accounts while retaining file structure. The platform also offers a search tool, which makes it easier to locate specific data that needs to be restored.
Datto’s backup and recovery solution is designed specifically for MSPs. Users praise the platform for its ease of deployment and client onboarding, as well as its granular recovery capabilities. Its customizable and long-term retention periods, plus its compliance with SOC 1 and SOC 2 Type II make SaaS Protection particularly well-suited to MSPs protecting clients that are working with highly sensitive data or must comply with strict data protection regulations, such as those in the healthcare, finance, and legal sectors.
Commvault is a market leader in data and information management, offering intelligent, scalable solutions. Commvault Backup & Recovery is their enterprise data backup solution, designed to protect data for all workloads across both cloud and on-premise environments via a single web-based interface.
Commvault Backup & Recovery automates all of its file retention processes, as well its proactive discovery of newly added datasets. These processes are policy-driven, as are the monitoring and reporting features, which remove the need for lengthy scripts. Data is encrypted and written out to a secure cloud location. Deduplication technology removes duplicate or redundant data copies to improve storage efficiency and increase the amount of data that can be transferred at once.
Some customers find Commvault Backup & Recovery complex to deploy, due to the requirement for several components to be installed and configured, but most are in agreement that the powerful protection provided as a result is worth the effort of setting it up. We recommend Commvault Backup & Recovery as a strong solution for larger enterprises looking to back up a range of file systems, applications, databases and cloud-native SaaS.
Acronis is a leading backup software, disaster recovery and secure data access provider. They offer backup and recovery services for Microsoft 365 via their Cyber Protect Cloud solution, which also includes endpoint protection, email security, and data loss prevention (DLP). Acronis Cyber Protect Cloud Backup offers file backup and disaster recovery, as well as a secure file sync and share feature. It is one of the fastest recovery solutions on the market, using Acronis’ runVM technology to provide instantaneous recovery that minimizes user disruption and boosts company productivity.
Acronis Cyber Protect Cloud Backup solution offers proactive ransomware protection powered by AI technology, which prevents unauthorized file modification and encryption. It verifies the authenticity of backup copies before restoration to ensure complete security, and restoration is immediate and reliable. Admins can manage all data protection tasks through the solution’s management console. This console is web-based, so admins can assess information no matter their location. This flexibility also applies to the protection itself; Acronis Cyber Protect Cloud Backup protects all company data sources across 20+ different virtual, physical, cloud and mobile platforms, so that data is always secure no matter its size or where it’s stored.
Acronis’ data protection solutions are industry targeted, with solutions designed specifically for automotive, healthcare, energy and government verticals. Customer reviews report that the solution is easy to deploy and manage across both Windows and Linux servers. On top of this, Acronis’ products and documentation are available in 25 languages. All of this makes Acronis Cyber Protect Cloud Backup an ideal backup and recovery solution for medium to large global enterprises looking for data protection tailored to their industry needs.
What Is Backup And Recovery?
Backup and recovery solutions provide you with the ability to take point-in-time snapshots of your data and store them in a secondary storage facility. This facility could be your own on-premises environment, the provider’s private cloud platform, or even a popular public cloud like AWS or Azure. Keeping your backups separate from your live servers offers an added layer of protection, as any compromise to the latter won’t affect the former. For example, if your organization falls victim to a ransomware attack, your safely stored backups will remain untouched.
Having backups in place ensures that in the event of data loss or destruction due to human error, a technical glitch, a natural disaster, or a cyberattack, your backup and recovery provider can quickly restore your data to its previous state.
To ensure you’re always able to restore data from a backup, we recommend that you follow the “3-2-1” rule of backing up data: keep at least three copies of your data, stored in at least two different formats, and store at least one copy off-premises.
Who Is Responsible For Backing Up Microsoft 365 Data?
Microsoft 365 is a Software-as-a-Service (SaaS) application suite. SaaS applications are built on a shared responsibility model: Microsoft is responsible for the infrastructure, such as the datacenter, network controls, applications, virtualization, and operating system; you (the customer) are responsible for protecting your data. That includes securing your endpoints, accounts, and data, and implementing data backup, business continuity and disaster recovery (BCDR), and access management.
So, Microsoft will solve any issues related to software failures or downtime, but you have to protect your own data against loss or damage caused my human error, threat actors, or programmatic error.
Does Microsoft Backup 365 Data Natively?
Microsoft does create regular backups of your data in order to keep your data accessible in line with the 99.9% uptime promised in their service level agreement (SLA). However, these backups exist only to safeguard Microsoft; your organization, admins, and end users cannot access them.
Within Microsoft 365, different applications offer different retention periods for data, but these only offer protection for an average of 30-90 days:
- Inbox data is stored for two years before being archived
- Recycle Bin items are stored for one month before being deleted
- Deleted SharePoint Online and OneDrive items are stored for up to four months before being deleted
- The data of a user who has left the company is stored for one month before being deleted
If you want to be able to access and restore your Microsoft 365 data in the event of accidental or malicious loss, you need to create backups of that data yourself. The best way to do that is by using a third-party backup and recovery solution, like the ones listed in this guide.
What Features Should You Look For In A Backup And Recovery Solution For Microsoft 365?
While all backup and recovery solutions will offer slightly different feature sets in order to meet different use cases, there are some features that you should look for in any backup and recovery solution for Microsoft 365. These are:
- Compatibility with all the MS365 apps your business is using.
- Daily backups that are automated to free up your IT team from the responsibilities of running, monitoring, and managing backups.
- Granular search capabilities that enable admins to easily to locate individual pieces of data and restore or export them.
- Restoration options for both individual files and full systems.
- Retention periods and storage limits tailored to meet your organization’s needs. For example, HIPAA compliance may necessitate varying retention periods for different data types and a substantial or unlimited storage capacity.
- Security features such as encryption, role-based access, and multi-factor authentication for added protection.