What if I told you that your data in the cloud isn't as safe as you think it is?
Wait a minute, I hear you saying. Aren't you the guy who's been touting the security advantages of the cloud? Haven't you been saying that Microsoft Office 365 security is better in many ways than most companies' on-premises servers?
That's very observant of you (and thanks for reading my previous posts, I'm flattered). I have indeed been saying those things. So what now? Am I changing my tune, doing an about-face, and telling you to pull all your data out of the cloud and back to a server in your office? No, not at all. So why would I say your data in the cloud probably isn't as safe as you might think it is? It's probably not for the reasons you're thinking.
(As I'm discussing "the cloud" here, I'm mainly talking about Microsoft's Office 365 business and enterprise services, which are the dominant cloud platform that we are working with, and the platform that most of our customers are using.)
Start with What's Good:
Let's first talk about the things Microsoft does well, those things that make me say your data may be more secure in Office 365 than it is on your server.
- Security: From a security standpoint, Microsoft has teams of experts and loads of technology deployed, especially machine learning technology, to monitor for threats and attacks both from the outside as well as through email attachments and phishing attacks. The physical security of the Microsoft data centers also far exceeds that of most offices' server closets.
- Resilience: Then there is resilience, a.k.a. continuity. Service continuity is designed into Office 365 enable it to recover quickly from hardware or application failure, data corruption, and even catastrophic outages. For example, if a natural disaster renders an entire Microsoft data center inoperable, services are restored by redirecting requests to another data center, which contains replicated copies of your data. Chances are that's better than the server in your office, too.
- Data Loss Prevention: We could also talk about the data loss protection that is available in Office 365, though perhaps not as widely known. For example, you can set rules to prevent outbound emails that contain sensitive information (e.g. account numbers or social security numbers). You can also enable Information Rights Management to prevent unauthorized use or viewing of files, even when they leave your control, such as a file synced to an employee's laptop or mobile device.
All of the above means your data is, or can be, very secure in Office 365, perhaps even more secure than it would be on your own servers. So back to my opening question - what if it's not as safe as you think? Why wouldn't it be?
Continuity vs. Redundancy
While Microsoft is very good about protecting you from system failures and outages, and guarding against unauthorized access to your data, there are other factors we need to protect against. One factor is *authorized* users. We're all human, and it isn't unheard of that one of your users might accidentally wipe out something they don't intend to. Or a disgruntled user might wipe out some things they DO intend to. A bug in some synchronization software could cause data loss, for another example.
There are some safeguards available to get around accidental deletions, like Recycle Bins and Deleted Items folders, but they aren't always consistent across different types of data, and a malicious actor could potentially remove data from those also, leaving you vulnerable. That's also unlikely to help in the event of something like a corrupted mailbox.
But these are all using features within the Office 365 system to mitigate loss. A fundamental tenet of data protection is to store the data in multiple distinct places. Most often, we accomplish this through backups.
Doesn't Microsoft do backups?
Good question. There are backups, but keep in mind that they are designed to help Microsoft meet its contractual obligations of uptime and access. They are not designed for, nor generally available to, Microsoft's customers. Restores are all or nothing in terms of restoring an entire site. If you had to get back a folder from before it got automatically purged from the Recycle Bin, you might be left with an unpleasant choice between losing that folder or losing all the files your company has modified since that folder got purged.
New Castema Service: Cloud to Cloud Backup
At Castema, we know that the number one priority is to protect your data. That's why we are pleased to announce the new Castema Office 365 Cloud Backup Solution to offer protection for the increasing number of companies using Office 365 in their business. This solution includes a cloud-to-cloud backup with unlimited storage, for your Office 365 Mailboxes, SharePoint Team Sites, OneDrive for Business, and Office 365 Groups.
In the interest of not keeping all your eggs in one basket, we think it's best to guard against something going wrong at Microsoft as well. That could be a site wide failure, or something more mundane, like a billing dispute that disrupts your access. Some of the solutions we evaluated use Microsoft's Azure cloud storage to store the backups, but a widespread Microsoft outage could render Azure storage unavailable if Office 365 were also down. We have chosen to host the cloud backups in Amazon AWS, as a further redundancy and protection for your data.
How Can I Get It?
That's easy, just be a Castema Managed IT customer. This 365 Cloud Backup Solution will be included in the pricing of Fully Managed IT for new customers and will be available to existing Managed IT customers at a significant introductory discount.
Please contact me to learn more.