Having a comprehensive and adaptable Microsoft 365 backup and recovery solution in place is increasingly important for Microsoft 365 (formerly Office 365) customers. Backup and recovery solutions capture a point-in-time copy of a file, database, or even an entire computer and write the data out to a secondary storage device so that users can recover it in the future. This means that any data that’s deleted accidentally can easily be recovered, but it also means that files are protected against ransomware attacks. These threats involve a hacker holding data hostage until the victim pays a ransom.
Microsoft doesn’t provide full native Microsoft 365 backup and recovery. In fact, the default settings only protect data for 30-90 days on average. This can lead to a lot of complications when organizations believe their systems are backed up, and later find that items have disappeared. But if Microsoft hasn’t covered it, you might ask, why are backup and recovery so important?
Microsoft’s 2022 Digital Defense Report stated that 44% of organizations affected by ransomware in the past year did not have immutable backups for their compromised systems. This, according to their incident response team, greatly impacted recovery times and the ability of businesses to resume normal operations. So, with the risk of attack on the rise, it’s crucial that you have a strong backup and recovery solution in place to secure your data and help your businesses get back on its feet in the event of a breach.
In this article, we’ll explore the top Microsoft 365 backup and recovery solutions designed to protect your organization against data loss. These include features such as real-time backups; rollback and restoration; role-based access to backups and reporting; and the protection of remote sites and public cloud workloads. We’ll give you some background information on the provider and the key features of each solution, as well as the type of customer that they are most suitable for.
Acquired by OpenText in 2021, CloudAlly is a leader in cloud-based data protection for small- to midsized businesses. Over 14,000 organizations globally rely on CloudAlly’s SaaS data protection platform to secure them against malicious and accidental data loss. CloudAlly Backup for Microsoft 365 is their enterprise-grade backup and recovery solution that integrates seamlessly with all Microsoft 365 plans. The solution was the first commercially available cloud backup solution for Microsoft 365, and supports backup and recovery for all M365 data (including Mail, Calendar, Contacts, and Tasks), as well as Teams, OneDrive, and SharePoint.
CloudAlly Backup for Microsoft 365 automatically creates daily backups of all M365 data, but the schedule for backups can be customized by admins. The platform integrates with Active Directory to automatically discover new users, so employee data is backed up as soon as they’re enrolled at the company. CloudAlly offers unlimited data retention and immutable storage to minimize accidental and malicious data loss. For added security, all backups are encrypted at rest using AES 256-bit encryption, and the platform offers support for two-factor authentication via OAuth and Okta. Organizations can choose which of CloudAlly’s global data centers to send their backups to—with options in the US, Canada, UK, Ireland, Germany, and Australia—helping to ensure compliance with data protection standards such as ISO 27001, HIPAA, and GDPR. To restore data, admins can perform granular searches to find the exact data they’d like to recover, then choose from multiple recovery options, including historical snapshot, cross-user restore, non-destructive restore, and mailbox recovery.
CloudAlly offers enterprise-grade backup and recovery for Microsoft 365 data, yet the platform is easy to manage thanks to its intuitive interface, out-of-the-box configurations, and 24/7/365 customer support. As such, CloudAlly Backup for Microsoft 365 is a strong solution for any SMB looking to secure their MS365 data long-term. We also recommend CloudAlly as being particularly suitable for educational institutions, as paid subscriptions are only required for staff accounts—students are free—, and non-profit organizations, as there are discounts available.
Veeam is a global market leader in backup and recovery solutions, holding the highest market share in EMEA (Europe, the Middle East and Africa) and the third-largest share worldwide. 82% of Fortune 500 companies are in the Veeam client pool and trust this vendor with their data. Veeam offers a range of solutions to fit business needs, with their Backup & Replication solution being one of their most popular flagship products. However, Veeam also offers Veeam Backup for Microsoft Office 365 as a standalone product to protect and restore Microsoft O365 data, including Office 365 mailboxes, Exchange, SharePoint, OneDrive, OneNote and Teams.
Veeam Backup for Microsoft Office 365 enables users to back up their data as often as every five minutes in Microsoft’s native format, which makes file recovery much quicker. A key benefit of this solution is its flexibility. When it comes to the data restoration itself, Veeam offers 25 recovery options to cover all incidents, from complete recovery to more granular file-level recovery. Users also have the option to choose what type of retention they want; traditional item-level storage, or snapshot-based incremental storage. Organizations can store their data in whichever way best suits them: on-premise with available local storage, or in the cloud using one of many available object storage options, including AWS S3, Azure Blob and IBM Cloud.
Customers praise Veeam’s solution for being easy to manage through the user-friendly dashboard interface once configured, though the initial setup can be complex, especially for hybrid environments. Its flexibility makes Veeam Backup for Microsoft Office 365 a strong solution for midmarket and enterprise organizations looking for reliable backup. But small businesses shouldn’t feel left out – Veeam has recently introduced Backup for Microsoft Office 365 Community Edition, which protects up to 10 users for free with no feature limitations.
Acquired in July 2021 by Hewlett Packard Enterprise, Zerto is a cloud data management and protection technology that offer data protection, backup, recovery and workload mobility solutions for on-premise virtual environments and public clouds. Zerto Backup for SaaS, powered by Keepit, is their cloud backup and recovery solution designed to protect the most widely-used SaaS solutions, including Microsoft 365, Dynamics 365, Google Workspace and Salesforce.
Zerto’s disaster recovery is founded on continuous data protection (CDP). It uses journal-based technology to log all changes that are made during a specific period, so that the user can recover data from any point-in-time, right down to the second. Cloud-to-cloud backup ensures the security of all Microsoft 365 data, including Exchange, Teams, Sharepoint and OneDrive. It also enables businesses to access their data even if their SaaS application is experiencing downtime. Zerto automatically retains all Microsoft 365 data for 12 months, but customers can set the retention period as needed with no limits. Restoration options span from full recoveries to granular data points, and with the Search & Restore feature, users can locate and restore data via a simple keyword search.
Deployed in the cloud, the solution is easy to set up and configure, with no on-premises installation required. We recommend Zerto for larger enterprises looking for all-in-one protection and disaster recovery for their Microsoft 365 data.
Rubrik is a backup and recovery provider that offers a range of solutions for data resilience, observability, and threat remediation. Rubrik Microsoft 365 Protection is their backup and recovery solution for Microsoft 365 environments. It provides automatic data backup and recovery for Microsoft 365 applications, including Exchange Online, OneDrive, SharePoint, and Teams, and delivers advanced search tools and granular restoration to mitigate data loss.
Rubrik Microsoft 365 Protection automatically discovers new users, sites, and teams, and creates backups of all new data. Data is retained according to admin-defined retention periods. Admins can use the search tool to find specific data, then carry out granular or bulk recoveries to the original user or another location via API calls. Admins can also schedule reports into backup and recovery task status, compliance, and SLA audits, or generate reports on-demand. Rubrik’s backup solution also offers comprehensive security for backups: backups are stored in a secure environment logically isolated from the Microsoft tenant, ensuring they remain secure even if threat actors tamper with Microsoft security tools in the live production environment. It also offers role-based access controls, multi-factor authentication, and automatic classification of sensitive data. Finally, Rubrik plans to add an anomaly detection feature that monitors backups for deletions, modification, and encryption.
Rubrik’s solution is fully compatible with Microsoft 365, with API integrations that enable it to automatically detect at start securing new users, as well as troubleshoot Microsoft 365 outages. We recommend Rubrik Microsoft 365 Protection as a strong backup and recovery solution for larger enterprises looking for an effective backup solution that’s easy to deploy and manage. Its identification and classification of sensitive data, and automatic alerting on policy violations, also make this platform well-suited to organizations in highly regulated industries that are frequently handling PII.
N-able is a cybersecurity provider that offers a range of solutions designed to help managed service providers (MSPs) better serve their clients, as well as manage their own security. Cove Data Protection is their cloud-first data protection service, which offers backup, archiving, and disaster recovery for servers, workstations, and Microsoft 365 domains—all of which are delivered via one unified, multi-tenant dashboard.
N-able Cove Data Protection is optimized for fast data transfer between an organization’s systems and their global private cloud over the WAN, eliminating the need for hardware and helping to reduce the strain on system resources. The platform backups up Exchange data up to six times a day, and SharePoint and OneDrive data up for four times a day. It retains data for up to seven years in N-able’s global data centers, which enable complete data sovereignty. Cove Data Protection provides a multi-tenant hosted dashboard that allows admins to check backup statuses, schedule backups and recover data across Exchange, SharePoint, and OneDrive—as well as servers and workstations—from one place. This eliminates the need for multiple backup solutions and makes the whole platform easier to manage.
N-able Cove Data Protection was designed specifically for the cloud and is optimized for efficient data transfer that minimizes strains on bandwidth and system resources. The platform is straightforward to deploy and offers robust automation that minimizes the need for manual backup scheduling, helping MSPs to save time and resource. Overall, N-able Cove Data Protection is a strong solution for MSPs looking for an effective backup and recovery solution with private cloud storage included, that’s simple to install and manage. However, we recommend that any business that needs to protect sensitive data (e.g., PHI, legal documents) check that the seven-year data retention period fulfils their compliance requirements.
Druva is a leading provider of resiliency tools designed to help organizations secure data stored in their endpoints, applications, and workloads, whilst ensuring compliance. inSync is Druva’s backup and recovery solution for data stored in SaaS applications, including Microsoft 365, Google Workspace, Slack, and Salesforce. inSync enables businesses to ensure productivity and business continuity in the event of accidental or malicious data loss, while helping businesses achieve (and prove) compliance with data protection and privacy standards.
Druva inSync offers automated, cloud-to-cloud backup of all Microsoft 365 data, including OneDrive, Exchange Online, SharePoint, and Teams. The platform deduplicates backups to minimize pressure on storage, while making it easier to find specific records for recovery. Admins can search for records via a full text search tool, and can restore individual items or complete full-system restores. They can also access full audit trails of all backup and user activity. inSync secures data at rest with AES 256-bit encryption and in transit with TLS 1.2, and it offers role-based access support for single sign-on via ADFS and Okta. Finally, the platform is FedRAMP authorized and alignment with EDRM and Department of Justice (US) requirements for legal hold management, and offers support for SOC 2 Type 2, HIPAA, and Privacy Shield compliance.
inSync is a cloud-native solution powered by Druva Cloud Architecture and built on AWS. This makes it very quick to deploy, and allows it to offer on-demand scalability. The platform offers strong backup for Microsoft 365 environments, as well as robust eDiscovery functionality. This, alongside its support for multiple data protection standards, makes inSync a strong backup solution for mid-market and large enterprises that need to securely backup sensitive data such as PII, PHI, and legal records.
Dell Technologies focuses on empowering organizations through digital transformation. They offer a range of solutions and products that secure IT infrastructure, individual employee devices and wider industries. Dell APEX Backup Services delivers data protection as-a-Service, securing businesses with all-in-one backup, disaster recovery, and long-term retention while eliminating the need for complex hardware installations. Dell APEX Backup Services for SaaS apps for specifically on securing data stored in Microsoft 365, Google Workspace, and Salesforce.
Dell APEX Backup Services for SaaS apps automatically creates point-in-time backups of all Microsoft 365 data and stores them in an isolated, immutable storage facility with no purge timeframes. Data is read and written back to the Microsoft 365 tenant via Microsoft APIs, and each connection is authenticated and encrypted. The platform offers flexible IT-led and self-service recovery options, including mailbox, individual file or bulk recovery, “in-place,” “as a copy”, and “point-in-time” recovery, and recovery outside Microsoft 365. Users can restore files in multiple formats, and the platform’s robust eDiscovery tools allow for quick file searching and export. Finally, admins can also generate detailed audit logs of employee activities to help achieve and prove compliance.
Dell APEX Backup Services are built around simplicity, agility and flexibility. Being cloud-based, the platform is easy to deploy and highly scalable. Its unlimited retention periods and highly flexible restoration options make Dell APEX Backup Services for SaaS apps a strong solution for mid-market and larger enterprises looking to backup large volumes of Microsoft 365 data, and its broad range of security features enables businesses to maintain the security and integrity of that data.
Datto, a Kaseya company, is a market-leading provider of network management, business continuity, and data protection tools for MSPs. SaaS Protection is Datto’s backup and disaster recovery solution for data stored in Microsoft 365 and Google Workspace applications. SaaS Protection offers automatic backups and flexible data recovery to help MSPs secure their clients’ cloud data against malicious and accidental data loss scenarios.
Datto’s SaaS Protection automatically creates backups thrice daily of all Exchange, Tasks, SharePoint, OneDrive, and Teams data. One backed up, data is written out to Datto’s private cloud (with storage centers in the US, UK, Australia, Canada, Germany, and Singapore) and stored in compliance with SOC 1 and SOC 2 Type II reporting standards. Admins can configure retention periods as needed, or choose to store data indefinitely. From the multi-tenant management portal, admins can easily manage their clients’ licenses, view the status of their backups, and restore or export data (including PST export for Exchange data) to a given point in time before the data loss occurred. SaaSProtection offers highly flexible restoration options, including cross-user restore, and the ability to restore individual objects or whole accounts while retaining file structure. The platform also offers a search tool, which makes it easier to locate specific data that needs to be restored.
Datto’s backup and recovery solution is designed specifically for MSPs. Users praise the platform for its ease of deployment and client onboarding, as well as its granular recovery capabilities. Its customizable and long-term retention periods, plus its compliance with SOC 1 and SOC 2 Type II make SaaS Protection particularly well-suited to MSPs protecting clients that are working with highly sensitive data or must comply with strict data protection regulations, such as those in the healthcare, finance, and legal sectors.
Commvault is a market leader in data and information management, offering intelligent, scalable solutions. Metallic DMaaS is Commvault’s data management portfolio, which delivers enterprise-grade protection that’s easy to deploy and manage. Within that portfolio, Metallic Backup for Microsoft 365 is Commvault’s backup and disaster recovery solution for Exchange Online, Teams, SharePoint Online, OneDrive, and Microsoft Project data.
Metallic Backup for Microsoft 365 automatically creates backups of all Microsoft 365 data and writes them out to a secure, air-gapped storage location. Commvault has on-prem and cloud storage options in multiple locations around the world to help support data storage and residency requirements for compliance. Admins can choose from pre-configured retention plans, or create custom retention policies for different types of data to meet compliance requirements. Metallic Backup for Microsoft 365 offers granular search and restore options, which enable admins to easily locate backups and restore them to their original location or a new one, with point-in-time, in-place, and out-of-place, and self-service recovery options. Metallic Backup for Microsoft 365 also offers robust security controls, including zero-trust access, to protect data against internal and external threats.
Metallic Backup for Microsoft 365 is a highly flexible solution. It comes via two price plans—Standard and Enterprise—with the option to add on eDiscovery. This add-on, alongside the platform’s ability to create multiple custom retention policies for different types of data, make it well-suited to any-sized organization that handles sensitive data such as PHI or legal documents, and must comply with strict data privacy and protection requirements.
Acronis is a leading backup software, disaster recovery and secure data access provider. They offer backup and recovery services for Microsoft 365 via their Cyber Protect Cloud solution, which also includes endpoint protection, email security, and data loss prevention (DLP). Acronis Cyber Protect Cloud Backup offers file backup and disaster recovery, as well as a secure file sync and share feature. It is one of the fastest recovery solutions on the market, using Acronis’ runVM technology to provide instantaneous recovery that minimizes user disruption and boosts company productivity.
Acronis Cyber Protect Cloud Backup solution offers proactive ransomware protection powered by AI technology, which prevents unauthorized file modification and encryption. It verifies the authenticity of backup copies before restoration to ensure complete security, and restoration is immediate and reliable. Admins can manage all data protection tasks through the solution’s management console. This console is web-based, so admins can assess information no matter their location. This flexibility also applies to the protection itself; Acronis Cyber Protect Cloud Backup protects all company data sources across 20+ different virtual, physical, cloud and mobile platforms, so that data is always secure no matter its size or where it’s stored.
Acronis’ data protection solutions are industry targeted, with solutions designed specifically for automotive, healthcare, energy and government verticals. Customer reviews report that the solution is easy to deploy and manage across both Windows and Linux servers. On top of this, Acronis’ products and documentation are available in 25 languages. All of this makes Acronis Cyber Protect Cloud Backup an ideal backup and recovery solution for medium to large global enterprises looking for data protection tailored to their industry needs.
FAQs
What Is Backup And Recovery?
Backup and recovery solutions provide you with the ability to take point-in-time snapshots of your data and store them in a secondary storage facility. This facility could be your own on-premises environment, the provider’s private cloud platform, or even a popular public cloud like AWS or Azure. Keeping your backups separate from your live servers offers an added layer of protection, as any compromise to the latter won’t affect the former. For example, if your organization falls victim to a ransomware attack, your safely stored backups will remain untouched.
Having backups in place ensures that in the event of data loss or destruction due to human error, a technical glitch, a natural disaster, or a cyberattack, your backup and recovery provider can quickly restore your data to its previous state.
To ensure you’re always able to restore data from a backup, we recommend that you follow the “3-2-1” rule of backing up data: keep at least three copies of your data, stored in at least two different formats, and store at least one copy off-premises.
Who Is Responsible For Backing Up Microsoft 365 Data?
Microsoft 365 is a Software-as-a-Service (SaaS) application suite. SaaS applications are built on a shared responsibility model: Microsoft is responsible for the infrastructure, such as the datacenter, network controls, applications, virtualization, and operating system; you (the customer) are responsible for protecting your data. That includes securing your endpoints, accounts, and data, and implementing data backup, business continuity and disaster recovery (BCDR), and access management.
So, Microsoft will solve any issues related to software failures or downtime, but you have to protect your own data against loss or damage caused my human error, threat actors, or programmatic error.
Does Microsoft Backup 365 Data Natively?
Microsoft does create regular backups of your data in order to keep your data accessible in line with the 99.9% uptime promised in their service level agreement (SLA). However, these backups exist only to safeguard Microsoft; your organization, admins, and end users cannot access them.
Within Microsoft 365, different applications offer different retention periods for data, but these only offer protection for an average of 30-90 days:
- Inbox data is stored for two years before being archived
- Recycle Bin items are stored for one month before being deleted
- Deleted SharePoint Online and OneDrive items are stored for up to four months before being deleted
- The data of a user who has left the company is stored for one month before being deleted
If you want to be able to access and restore your Microsoft 365 data in the event of accidental or malicious loss, you need to create backups of that data yourself. The best way to do that is by using a third-party backup and recovery solution, like the ones listed in this guide.
What Features Should You Look For In A Backup And Recovery Solution For Microsoft 365?
While all backup and recovery solutions will offer slightly different feature sets in order to meet different use cases, there are some features that you should look for in any backup and recovery solution for Microsoft 365. These are:
- Compatibility with all the MS365 apps your business is using.
- Daily backups that are automated to free up your IT team from the responsibilities of running, monitoring, and managing backups.
- Granular search capabilities that enable admins to easily to locate individual pieces of data and restore or export them.
- Restoration options for both individual files and full systems.
- Retention periods and storage limits tailored to meet your organization’s needs. For example, HIPAA compliance may necessitate varying retention periods for different data types and a substantial or unlimited storage capacity.
- Security features such as encryption, role-based access, and multi-factor authentication for added protection.
