Microsoft 365 remains a big target for cyberattacks as the most popular office productivity suite. Of course, Microsoft has been steadily upping its security game in response. Microsoft 365 security center was rolled out in 2019 and remains a source for administrators looking for info, advice and tools related to security.
More recently, Microsoft has continued to add to its security center with security tools such as Defender for Endpoint, Defender for Office 365, Microsoft 365 Defender and more.
In a helpful Microsoft article that lays out concrete steps on how to recover from a ransomware attack, we find this statement: “Even if you take every precaution to protect your organization, you can still fall victim to a ransomware attack. Ransomware is big business, and the attacks are very sophisticated.” The article goes on to lay out eight steps that include such tasks as disabling Exchange ActiveSync and OneDrive Sync if you suspect an attack on email and how to remove malware using Microsoft Defender and other tools.
But Step 1 is interesting: the first step is to verify the backup. Microsoft makes clear that even in Microsoft 365, the data your clients create is theirs—and therefore theirs’ to protect. The article states “If you have offline backups, you can probably restore the encrypted data after you've removed the ransomware payload (malware) from your environment” (emphasis in original article).
“Offline backup” is an evolving term. It used to mean offline tape storage or “air gapped” storage. But these days there are secure storage options that can function like offline storage. Offsite or cloud-based storage of data is a good idea for backing up your SaaS data to restore from data unaffected by an attack or unwanted encryption.
Backing up these productivity suites (whether Microsoft 365 or Google Workspace) should be part your clients’ data retention plans—especially if a client needs to store long-term data for compliance reasons. Many businesses worry about the added complexity of backing up SaaS data. It’s tough in large organizations to just keep up with all the data being created by on-premises apps, let alone cloud-based ones.
The good news is that you can provide your clients with an answer to both the cost and complexity question. StorageCraft, an Arcserve company, offers a solution that makes backup of these office productivity suites easier. StorageCraft Cloud Backup provides secure storage for SaaS productivity suite data. Data is transmitted and stored in encrypted format and resides in secure Azure or Amazon S3 data servers. Users can recover at the granular level (files and folders) from Exchange, OneDrive for Business, SharePoint and more—in seconds.
Regardless of what tools your client uses for ransomware defense, it’s always good to plan for the worst case. Encourage your clients to safeguard their Microsoft 365 data with secure backups that ensure recovery—even when ransomware does succeed.