By Patrick Lonz, President, Compliant WorkSpace

Moving your company to Microsoft 365 is all or nothing, however when you get there, your data isn’t backed up or archived, also Microsoft’s built-in tools that are supposed to protect you are complicated and can be easily disabled; a big problem for firms in healthcare, financial, legal or others that need to meet data compliance demands. That’s why we include our 365 Cloud Protect. A data backup and archiving plug-in to Microsoft 365 with features to meet your compliance demands surrounding data backup, archiving, supervision, and recovery of records on the Microsoft Cloud.

When You Realize What’s REALLY GOING ON

So, you’ve decided to move your company to the cloud, great decision – and you’re going with Microsoft 365? Good choice! We’re here to get you there as a managed Microsoft 365 cloud service provider. But there’s a few things we’ll need to talk about right off the bat. (I don’t want you to feel like Tom Cruise, when he finally makes it to the “party”, takes off his mask, and realizes what’s REALLY GOING ON.)

First, when you move to Microsoft 365, you need to realize it’s the whole kit & caboodle, I mean you’re going to transplant your complete IT back end to the cloud; forget about this idea floating around the tech world these days about a “hybrid cloud” – I honestly don’t know what that means, but if you’re a firm that moves some data to the cloud and left some in-house that would be a nightmare: you’re going to move everything, all at once.

This means you’ll probably need to move your in-house file server to SharePoint, take all the data off everyone’s PC and put it in individual OneDrive accounts, replace your email system with hosted Microsoft Exchange and scrap any video conferencing software you’re using to replace it with Teams. However (and this may sound crazy) but once you’ve spent all this time putting everything in the Microsoft cloud nothing is backed up, and I mean nothing. Also, nothing is retained for any amount of time. This means if an employee loses it and decides to delete everything, they can go ahead and do it anytime. Or worse – your IT support goes postal and deletes everything there’s nothing you can do. And get this, if you call Microsoft and ask them to restore your data, they’ll say, “Sorry we’re not in the backup business” then hang up on you.

“By default, firms are not fully protected when they move to Microsoft 365, that’s why we include 365 Cloud Protect for all our customers.” Patrick Lonz , President ,Compliant Workspace

Backup/Retention Tools Included with Microsoft 365 Don’t Work

But what about the tools included with Microsoft 365? Can’t you use those to backup and retain your data on the 365 Cloud? Perhaps you’ve already done your homework and read about creating Archive Policies or setting up an Archive Mailbox that will keep everyone’s email retained if they delete them, or the long-term recovery options Microsoft claims to include to protect other data on their cloud.

I did some research on this myself the other day in attempts to understand how to configure Microsoft 365 to prevent people from deleting data and found their “Data Handling Policy”. Right off you’ll see the policy says data contained in deleted user accounts are kept for 90 days only. OK, so if you delete a user all their data is soon gone after that? But I didn’t see a button saying: “Would you like to keep users’ data before you press delete?” That was strange.

And Microsoft’s approach to email archiving was even more bizarre. When I attempted to follow their logic on retaining employees’ email indefinitely for compliance, I found out I needed to create a Custom Archive Policy to move their emails to an additional Archive folder in their Outlook. Hold on, Microsoft is suggesting I move people’s email around in their Outlook to achieve compliance? People aren’t going to like it when you start randomly moving their emails around to meet data compliance on the cloud.

Nonetheless, continuing with my attempts to use Microsoft’s built-in Custom Archive Policy to retain peoples’ emails, let’s assume you get away with randomly moving employees’ emails around to a separate archive folder in Outlook. They can go ahead and simply delete this folder from Outlook. Which then goes into the Archive Deleted Items folder that’s kept for 14 days then gets moved to the Archive Recoverable Items folder. I don’t know about you but having emails moved and deleted and then moved again is a nightmare for compliance.

And the way Microsoft approaches the long-term data retention on SharePoint was even more convoluted. If I read it right, it says deleting a file in SharePoint sends it to the Site Recycle Bin where it can be deleted here by the user and then it’s held in the Site Collection Recycle Bin for 93 days after which it’s gone forever. Also, I couldn’t find any info on configuring retention on SharePoint. Point is here, if you can’t even protect your emails on Microsoft Exchange or files in SharePoint from users removing them, your data compliance strategy on Microsoft 365 is dead in the water right there.

Retention on the Cloud is the Basis of Any  Data Compliance

Making sure employees can’t delete anything is the basis of any data compliance plan, no matter what industry your company is in. If you’re a health care provider needing to meet HIPPA, a corporation worried about SOX or a financial firm that must submit your registration for rule 17a-4, you shouldn’t have to jump through hoops if you decide to move your office to Microsoft 365 and you need to meet any of these rules.

That’s why we include our 365 Cloud protect for all our customers. A backup and archiving plug-in to Microsoft 365 bundled with Compliant Workspace with all the features to make sure your firm meets any data compliance demands when you move to Microsoft 365.

Reason One: Automatically Protect Your Data on Microsoft 365

So now everyone’s on the Microsoft Cloud, you can pat yourself on the back: employees are creating docs in SharePoint and OneDrive; sending and receiving emails on Exchange, adding their contacts, using the calendar; chatting to their hearts content on Teams – congrats! Go ahead and take a break because our Automatic Protect feature in 365 Cloud Protect will take it from here. Since you have to realize it’s a new ball game now that you’re running your office on Microsoft 365.

I mean, unlike the old days where you had in-house systems for data storage and email (you had control over what people could do), now employees have more freedom to create data whenever they want, which is great, but for data compliance it’s a problem. For example, they can easily go ahead and add their own SharePoint sites, OneDrive folders, create personal and group chats on Teams, whenever they want. That’s why we have our Automatic Protect built in, so you don’t have to worry as employees are working on Microsoft 365. Best of all, our Automatic Protect is enabled by default for you when you move your office to their cloud with Compliant Workspace. At the same time, you are assured that anything created by anyone is protected on-the-fly.

Despite their best “PR efforts” Microsoft has completely opted out of the data compliance business with their 365 Cloud Platform.

Reason Two: Retain Data on the Microsoft Cloud

Now you’re grooving; you have everyone on Microsoft 365, as they are working on the cloud, they’re protected with our Automatic Cloud backup. You’re fully confident if they create anything, we will detect it to make sure there is a copy. The next thing we have to do when we’re talking about getting compliant is retaining your data, or long-term retention so that you can retrieve files on users OneDrive, your company SharePoint, emails from Exchange or Teams chats going back years if needed.  We have you covered there too.

Our 365 Cloud Protect has long-term archiving and retention built in as well. For 7 years, in fact we will make sure no one, or nothing can remove anything. Further, your data archive is retained separate from Microsoft on a secure web portal where it can be searched, which is important because you can give auditors access to it, compliance officers also can do their thing.

Best of all with our built-in archiving for Microsoft 365, there’s no need to create a custom policy that moves peoples’ emails around to another folder in their Outlook (which can simply be deleted anyway). With 365 Cloud Protect you also don’t need to worry if someone gets deleted off Microsoft 365 and you need their data after 90 days, or if someone goes and removes all their files off SharePoint, you don’t have to rely on the “Site Collection bin” within a 93-day window. We will retain any deleted user’s data forever.

But most important, your data is kept non-rewriteable in its original format – regulators love that! And get this, like our Automatic Protect, our archiving is preconfigured for you out-of-the-box.

Reason Three: Granular Protection for Exchange, SharePoint, OneDrive and Teams

I know I have been bashing Microsoft hard for their lack of protection on their cloud, their features to restore data are even worse. This is a really bad thing when we’re talking about being compliant because if you’re being audited you want to access employee’s data but you need to access it at a granular level.

For example, let’s say you need to restore one email from one employee that was there 3 yrs. ago, or a contact they had. You also may need to access a version of a file from SharePoint that was created on a site which was deleted long ago. You may even want to see private and group chats that may have been done on Teams years ago. 365 Cloud Protect can do that for you with our Granular Protection feature, a really important thing for compliance on the Microsoft 365 Cloud.

365 Cloud Protect gives you this level of access to your archived data (going back 7 yrs. – the standard for all main data compliance regulation). With our Granular Protection you will get:

  • Offline data exports from the archive

  • Non-destructive restores to the same user or another user
  • Customizable admin roles, very important if you want to give an auditor access to certain data for review

Reason four: Self-Service for Your Microsoft 365 Data

Finally, once you have your Microsoft 365 users fully protected, their data is retained, you can access it, you also want to give all users Self-Service access to their data. Our Self-Service feature lets you configure end-user access to let them restore lost items themselves. You don’t want employees calling you in the middle of the night asking you to restore a file they just deleted, also you don’t want regulators or compliance officers breathing down your neck during an audit.

Moving to Microsoft 365 is all or Nothing, Get Protected with Our 365 Cloud Protect

Moving to Microsoft 365 is all or nothing; you’ll need to scrap your in-house systems, but nothing is backed up when you make this move. What’s more, the tools Microsoft includes to backup and archive your data on their cloud, can be easily disabled.

Moving to Microsoft 365 is an all or nothing decision; you’ll need to move all employees’ emails and files, you will also need to scrap any in-house systems, like your teleconferencing, at the same time, nothing is backed up when you migrate everything there. What’s more, the tools Microsoft includes to backup and archive your data on their cloud, can be easily disabled.

That’s why we include our 365 Cloud Protect, for firms who move to Microsoft 365 with us. Our cloud backup and archiving plug-in to Microsoft 365 automatically detects and protects all your data stored on the Microsoft Cloud, archives it for 7 yrs., includes complete “granular” protection so that your employees can restore anything at any time, self-service access built-in

About Compliant Workspace

Compliant Workspace is a managed Microsoft 365 cloud service provider committed to giving small companies an option to move their firm to the Microsoft 365 Cloud. With our unique Consolidated 365 Service® we include our Pre-Set 365 Security Template, our 365 Cloud Protect and our 365 Cloud Migration Service that gives your firm an office in the Cloud – fully-secured, fully-protected: out-of-the-box.

Contact us today, and get your firm on the Microsoft Cloud