Don't believe the myths – you need to back up Microsoft 365
There’s a common misconception among SaaS users that backup isn’t necessary for their data because it exists in the cloud. However, this is patently untrue. SaaS applications are just as vulnerable to data loss as on-premises apps. In fact, Gartner predicts that by 2022, 70% of businesses will suffer unrecoverable data loss in SaaS applications. Why? Because people delete files, open phishing emails, accidentally download malware, and more. SaaS vendors are unable to distinguish if certain user actions are done in error or deliberately.
SaaS application data loss scenarios
Up to 85% of a small or midsized company's intellectual property flows through Outlook, so it's vital that your MSP can offer reliable backup and recovery services.
Other scenarios where you could lose data from your SaaS environment include:
- Malicious deletion by a disgruntled employee or outside entity
- Malware damage or ransomware attacks
- Operational errors such as accidental data overwrites
- Lost data due to canceled app licenses
Increased dependency on collaboration tools
Microsoft Teams now has 75 million daily active users, adding 31 million in just over a month with the global shift to remote work. Given the shared responsibility model for data protection and the impact of an outage on Microsoft Teams, it should be considered essential to protect Teams.
Microsoft Teams has become such a critical tool for many businesses to discuss, share, and collaborate on projects. Without the proper tools in place to protect Teams data against cyber threats, businesses are extremely vulnerable to a data disaster. To complicate matters, not all backup systems are able to cover the entire content of a Teams environment, including the public channel's content, conversations, and calendar meetings.
Even Microsoft and Google tell you to back up your SaaS environment
Didn't they tell you? Well, actually they did - it's in the terms and conditions of service they asked you to accept when you signed up.
Many vendors, including Microsoft and Google, operate under the “Shared Responsibility Model” - they only claim responsibility for areas that they have complete control over. Microsoft and Google must maintain the availability of their applications and protect their servers from disaster scenarios, but the end user is responsible for the data being created within their applications. Take a look at the image below to see the relative data protection responsibilities between you (or your MSP) and Microsoft:
