Cyber

Protecting your Microsoft Office 365

by Mark Rowe

Investment in cloud technology and migration has skyrocketed during the global pandemic and it is easy for organisations to get lost among the hype. However, security needs to remain top of mind and in this article, Michael Gogos, Product Manager at the IT management software company Quest Software, offers some tips on how organisations can securely accelerate their cloud migration, without compromising data security.

More and more organisations are leveraging the cloud to collaborate and ensure business continuity. Office 365, particularly, is gaining traction as the productivity platform of choice. More and more organisations are storing data on this cloud platform as a way to collaborate and share data while working remotely. However, organisations still need to have complete data visibility and users need to feel confident that their IT systems and data will be protected.

While Office 365 offers a number of system availability and data protection capabilities, data can still be damaged or lost. Therefore, it is crucial that organisations take proactive steps when it comes to data security; they should never assume that their Office 365 data is automatically protected. The way to do this, is through a comprehensive backup and recovery strategy which will enable businesses to achieve greater protection for Office 365.

Below are four simple yet effective tips:

1)Perform regular backups
SaaS applications, and the cloud in general, is just as susceptible to outages and recovery challenges as traditional on-premises data centres. This includes infrastructure failures or accidental mistakes, to purposeful malicious attacks. To help mitigate, IT teams should perform their own Office 365 backups. Maintain multiple copies of your backups on different devices and locations as this is one of your best defences against malicious attacks. Performing your own Office 365 backup allows the business to restore business-critical data to another location or system, including an on-premises resource. This makes it easier to help reduce the risk of business downtime, keeps productivity in-check and protects your brand.

2)Get acquainted with the Office 365 retention policies
Office 365 offers retention policies but be sure to read the fine print. Not all are considered long-term data retention required by various compliance regulations. Also, retention policies don’t protect data that is accidentally or maliciously changed. To bolster your Office 365 backup and recovery footprint, turn to third-party solutions that support a 3-2-1 backup strategy – one that allows the business to have multiple copies of data on separate devices and in different locations. This will give you the protection you need and the ability to recover changed, damaged or deleted files or data. Additionally, there is no limit to how long you choose to retain your data, making it easier to meet necessary compliance requirements.

3)Refrain from using data availability groups for individual mailbox backup and restore
Every mailbox database in Office 365 is hosted in a database availability group (DAG) and replicated to geographically dispersed data centres within region. Although every mailbox database has four copies, one of these copies is configured as a lagged copy, making it vulnerable to human error or malicious attacks. Find a solution that gives IT teams a granular level view of recovery options that provides them with the power to restore data – such as entire mailbox, individual emails and email attachments – when and where they want.

4)Recognise the value of your organisation’s Office 365 data
Often, it is not only the files or emails that are important but also the context and connections these emails and files have to other data. Imagine trying to rebuild that context when all you have are individual documents or chat records? This is where the true business value in Office 365 comes from. Consider Microsoft Teams, which has quickly become one of the most popular productivity and connectivity applications used by organisations. Teams allows co-workers to share and collaborate on documents and wikis and communicate across chat and video meetings. Protecting just the individual documents or chat records without the surrounding context of the team structure, connections and history, means that the business value of that context is unprotected. It is therefore critical that organisations have a clear understanding of the bigger picture and can see data access at every level.

One of the most critical aspects to improving security posture is visibility – understanding your data, how it connects and interrelates, and the risks to that data. Office 365 is just as susceptible to user errors, accidental deletion, corruption and malware as on-premises applications and data. For organisations that are looking to maintain and improve security, data protection should be at the forefront of any strategy or protocol. By following these simple tips and gaining the granular level of visibility needed, businesses will be in a far better position to leverage the benefits and collaboration Office 365 brings, while improving security through backup and recovery.

Related News

  • Cyber

    Malware education

    by Mark Rowe

    Daniel Warelow, Product Manager, Giacom and Kelvin Murray, Senior Threat Researcher, Webroot consider how to be cyber resilient in the face of…

  • Cyber

    Five cyber basics

    by Mark Rowe

    Steve Bradford, Senior Vice President EMEA at the identity security product company SailPoint, offers five ways to get to grips with the…

  • Cyber

    Cyber skills shortage

    by Mark Rowe

    To paraphrase iconic singer/songwriter Donovan Leitch, who borrowed the idea from a Buddhist saying: “First, there is a cybersecurity skills shortage, then…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing