Storing and sharing data is not unique to the digital age and has always been an essential part of the business. What has changed is the way we achieve this exchange. In the evolution of technologies came the evolution of communication. To exchange large data sets, we no longer need to copy information physically to hand it to another stakeholder. This can be achieved by storing data to a public cloud provider, which both parties have trust in. This kind of trusted transaction can help with sharing data both externally and internally. One of the most notable public cloud providers who facilitate this kind of exchange is Microsoft, with OneDrive and OneDrive for Business.
What is OneDrive for Business?
When it comes to Microsoft cloud storage, there are many types of services available; this article will cover OneDrive for Business. It is essential to note that there is a difference between OneDrive and OneDrive for Business. OneDrive is a cloud storage provided by Microsoft for personal use and gives 5GB of free storage. OneDrive for Business is a part of the Microsoft 365 application suite and provides 1TB of storage. It is possible to buy OneDrive for Business as a separate product, but it costs the same as buying it with a suite and comes with less protection. Along with the expanded space, OneDrive for Business in Microsoft 365 suite comes with native data retention, eDiscovery, and file audit/reporting. OneDrive for Business also comes with the option to sync your files locally right through Windows File Explorer.
Native OneDrive for Business protection
OneDrive for Business in the Microsoft 365 suite comes with many features that offer both protection and peace of mind regarding business data. This protection offers, but is not limited to, data retention, eDiscovery and auditing. This section will explore some of these features and caveats to be aware of when it comes to native protection.
When deleting data, there is a concept of a hard and soft delete cycle. When a file is deleted, it enters into the soft delete cycle where it is still accessible to the end user and the administrator for restoration back to the original location. The file remains in the Recycle Bin for up to 93 days before it is automatically deleted. If the Recycle Bin is full, it will automatically start deleting the oldest files before the 93-day window. When the file is deleted, it enters a hard delete cycle, meaning it can no longer be accessed. Another thing to be aware of is the Recycle Bin is not indexed, so searches, such as eDiscovery, cannot be executed on the content in this directory.
The question that often follows this is, “What if a user’s OneDrive for Business account is removed entirely?” If an account is removed, it will be flagged for deletion based on the retention period specified on the OneDrive administrator side, the default is 30 days. For this retention period, rights can be delegated to another user so that files can be copied from this location if necessary. Once the retention period has expired, notifications will be sent out warning that this account will be deleted in seven days. If no action is taken, the OneDrive for Business account will be sent to the site collection Recyle Bin. Here it becomes much harder to recover, and no one will have access to the content, including any shared documents.
eDiscovery is a great strategy, but it can have a steep learning curve and will not always have the expected result. The first important point to note is that setting up a preservation hold and eDiscovery hold is not a backup. Microsoft defines eDiscovery as a tool to deliver electronic information as evidence in legal cases. In fact, you will be hard-pressed finding any Microsoft documentation or legitimate agency contradicting this point. The next important note is when the preservation hold is used with OneDrive for Business, the files in this hold count against the total storage quota. Preservation holds can also be modified at any time unless a preservation lock is used. When using Preservation holds, be sure to use caution because once a hold is in place, no administrator can reduce this hold or remove files before the retention that is specified. The last important note is that eDiscovery will not restore files to the original location. Since this is a tool to deliver evidence in legal cases, the data can only be exported to hand over. The data can be manually uploaded back to the original data sources, but in many cases, this is a long process and does not emulate as expected.
Native OneDrive protection vs third-party Microsoft 365 protection
When signing up for OneDrive for Business, a trust relationship is formed. This relationship defines who is responsible for what components within the structure. Microsoft depicts this agreement in the Microsoft Shared Responsibility Model. Each service relationship is determined by the type of service offered, Software as a Service, Platform as a Service, and Infrastructure as a Service. One Drive for Business falls under the category of Software as a Service, also known as SaaS. In this agreement, Microsoft agrees to protect the physical backend, the applications that the data sits on, and the authentication server’s availability. The customer is responsible for the credentials used to access the service, what devices are connected, and the data itself. This means if a compromised set of credentials, including administrator credentials, or rouge device alters the data in any way, Microsoft is not responsible for recovering that data.
With a set of compromised credentials, it can be effortless to permanently delete data from your OneDrive for Business, the native Recycle Bin, and the site collection Recycle Bin data. The process can even be automated with PowerShell! With the configuration of preservation holds and eDiscovery holds, the damage on the backend can, in some cases, be mitigated, but the frontend user and business view will be inaccessible. Even when the backend is able to access a form of the data, in most cases, this data cannot be directly restored to the original location or with the original permissions. This could mean hours, days, or possibly longer where the business end cannot access their data, creating a productivity loss. Third-party backup solutions help bridge the gap between an attack causing irreparable damage to business data back down to just a bad day.
Why Veeam Backup for Microsoft Office 365?
Veeam Backup for Microsoft Office 365 is Veeam’s backup solution for Microsoft SaaS applications, including SharePoint Online, Exchange Online, Microsoft Teams, and OneDrive for Business. In this software, Veeam can back up Microsoft 365 data to secure locations both on-prem and various object storages. This backup allows for a secondary level of protection with a separation of privileges so that one set of compromised credentials does not break the defense. Veeam also backs up all permissions and settings from the gathered data, allowing for a smooth restoration to the original locations. Restores offer the flexibility to restore one or as many user’s data at once to the original location, making it a breeze to restore an entire organization in just a few clicks, if necessary. The restore types also expand to restore to new locations, exporting the data, and emailing the data directly to an end user. Each application backed up has a restore explorer tailored to the application data. Integrated into each explorer is an advanced search that can search across an entire organization’s backup to granularly return results. This search can make it easy to find a file and perform an eDiscovery-like operation. Veeam Backup for Microsoft Office 365 makes it simple to recover Microsoft 365 data in any situation.
AVM Cloud Fusion is a solution dedicated to solving business backup including Office 365 challenges. Partnering with industry leader, Veeam, we are able to provide businesses a peace of mind when it comes to their IT challenges while they can focus on their business.