Blog: Recovery

Many organizations are adopting Microsoft 365 (formerly Office 365) and businesses nationwide are seeing the benefits of improved productivity through its email and collaboration solution. Organizations of all sizes can benefit from a seamless user experience between mobile and on-premise environments.

While Microsoft 365 offers great flexibility, it mostly focuses on infrastructure management rather than data management. Meaning: You are responsible for your data.

Some businesses who have migrated their workloads to Microsoft 365 do not realize that the same reasons they had for backing up and protecting that data on-premises applies even in the cloud.

If you are still considering Microsoft 365 for office productivity and collaboration, this article may be for you: Microsoft 365: Is it the right choice for your business?

Without proper backup and recovery, your data is at risk, because Microsoft isn't providing complete protection. It's important to create a backup and recovery strategy to ensure you avoid permanently losing your critical data.

It's important to understand the difference in responsibilities of Microsoft and Microsoft 365 user organizations. Microsoft hosts the infrastructure, but you are responsible for your data.


What is Microsoft's Responsibility?

Cloud Infrastructure Uptime — Microsoft focuses on the infrastructure management rather than data management. By focusing on infrastructure, Microsoft ensures its cloud service is online and operational. Guaranteed uptime is based on your agreement level and outlined in the availability SLA (Service Level Agreement).

Basic Data Replication — Microsoft provides basic data replication with datacenter-to-datacenter geo redundancy, and limited retention for short-time data recovery.

Data Processing Compliance — Compliance and controls for data processing are limited to the processor, not the data itself. Microsoft ensures data privacy, regulatory controls, and industry certifications for compliance are in place and maintained for the infrastructure of its cloud service.

Physical Infrastructure Security — Security functions for Microsoft 365 are limited to physical infrastructure, not data. It includes app-level security, logical security, and access controls for users and administrators.


What is the Customer's Responsibility?

Business Data in Microsoft 365 — The customer is the owner of the data that resides in the Microsoft 365 data centers. As the owner, the customer controls the data and who can access the data. All responsibility of the data is on the user to ensure data security, privacy, and retention.

Enterprise-grade Backup and Long-Term Data Retention — Implementing an enterprise-grade backup solution for Microsoft 365 can give businesses confidence to recover from security breaches, compliance exposure, and data loss. With enterprise-grade backup, a copy of the data is stored outside the environment. In the event of an incident, it provides granular and point-in-time recovery options.

Data Owner Compliance — As the data owner, the customer has the ultimate responsibility of data for internal legal and compliance teams. The customer answers to the demands from corporate and industry regulations.

Security Functions to Protect Data — Protection of data is the responsibility of the user, not Microsoft. Security controls must be implemented to protect the data from internal threats, such as accidental deletion, insider threat, and disgruntled employees, and external threats, such as malware, ransomware, and rogue applications.


What happens when Microsoft 365 is used without backup?

Microsoft only provides basic and limited retention. If you don't implement a backup strategy outside of Microsoft's native capabilities, you are opening up your business for unnecessary risk. Lack of a Microsoft 365 backup plan is a risky data strategy.

Without proper backup and recovery, your organization can expose itself to the following risks:

  • Data loss from accidental deletions
  • Ransomware attacks and security breaches
  • Insufficient retention time for regulatory compliance policies
  • Lack of data control due to potential SaaS lock-in

Organizations investing in productivity and collaboration tools should also consider their backup and retention needs as a factor in efficiency and productivity. Considering a third-party backup solution is critical for data loss avoidance.


What is the best strategy for Microsoft 365 backup?

Your data is your business. By taking a data-driven approach to your backup strategy, you recognize the critical importance of your data for your business stability.

Make Microsoft 365 Backup a Key Priority

Backup for cloud services (SaaS), such as Microsoft 365, is imperative for security and data control. Full oversight and control of data is a boardroom priority. Without backup, organizations do not have an exit strategy or freedom from SaaS lock-in because they are not in complete control of their data. Backup should be part of the conversation when buying SaaS and not an afterthought.

Consider Enterprise-grade Data Protection

When investing in backup solutions, consider integration between the Microsoft 365 environment and your existing data protection environment. Evaluate automation, security, and integration between systems when comparing enterprise-grade data protection and recovery features. Integrating SaaS into enterprise data protection can help unify data management.


What to look for in a Microsoft 365 backup solution

1) Freedom to use existing on-premise capacity for Microsoft 365 backup, or the ability to leverage another cloud for cloud backup.
2) Basic features provided, such as incremental backups, granular recovery, automation, and policy-based retention capabilities.
3) A solution capable of managing and protecting hybrid deployments and the ability to ease the full adoption of SaaS.
4) Integration between Microsoft 365 and the customer's existing data protection environment.
5) Advanced security features such as access control, SaaS usage metrics, and multifactor authentication for additional security.
6) Ability to scale up or down as business and data demand changes and as SaaS is rolled out more widely within the company.


Investing in productivity tools and the corresponding backup is an exciting adventure. When you are ready for a guide, we are here to help. We can advise on and implement a solution that fits your business needs. Contact us today to schedule a consultation.


 

Recuva (they pronounce it "recover") is a free utility that can be run from a USB drive or installed on a system.  It's easy to use and has options to pick the type of file (pictures, email, music, documents, etc.) and file locations - or just show all undeletable files on a specific drive. [more]

There is a deep scan option, but if this is necessary, it may be difficult to restore the files.

This is a good way to restore files that may have been accidently deleted or files that have disappeared because of disk errors.  It may be a good thing to use in combination with SpinRite (not free, but a very useful utility when disk hardware errors occur).

http://www.piriform.com/recuva

http://www.grc.com/sr/spinrite.htm


 

I recently found myself in a situation where some pictures, that to me were priceless, had been deleted from my camera memory card. Unfortunately those pictures had not been moved or copied to any other media. Like most of us I wanted a free method of recovering them. I found a software called Recuva, which is a freeware Windows utility to restore files that have been accidentally deleted. This includes files emptied from the Recycle bin as well as images and other files that have been deleted by user error from digital camera memory cards or MP3 players. It will even bring back files that have been deleted by bugs, crashes and viruses! [more]

I download the program and installed it to my USB thumb drive. It installs as a simple .exe, which when ran opens a simple little GUI that allows you to scan any drive, filtering by pictures, music, documents, video or show all files found. After it finds the files you select them from the list and recover them to the location of your choice. I was actually able to find pictures deleted off the memory card over a year ago.

If interested you can download and read more about it hear. http://www.recuva.com/

 

For most people who are running Exchange, the combination of “Recover Deleted Items” and standard backups will be enough to restore most deleted emails. But what about when a user is using a PST file instead of an Exchange mailbox and they deleted an item from the Deleted Items folder? Instead of having to listen to a users agonizing sobs when you deliver the “I’m sorry, we tried everything we could but we were unable to save him” line, try the below ‘the gloves are off’ recovery method. [more]

A PST is essentially a database. Items are records within the database and there is an index that points to each item. When you empty the Deleted Items folder, Outlook doesn't actually delete the items, it just deletes the items' listings from the index. The item is still in the PST, but unrecoverable because Outlook has no idea where it is without the pointer in the index. The space the item takes up is called "whitespace".

When you Compact a PST, the item is finally removed permanently and the whitespace is recovered, often shrinking the PST by many megabytes. Once the PST has 20% "whitespace", Outlook begins compacting the PST. If the Deleted Items folder contained a lot of messages, Outlook may begin compacting the PST immediately and the items will be deleted forever within a few minutes.

To recover the items which are no longer in the index you need to force Outlook to rebuild the index by causing corruption. You can cause corruption by using a Hex editor to delete some characters from the beginning of the PST file. If you delete the wrong ones you'll cause corruption but not in the index and Outlook won't rebuild the index.

Recover the Deleted Items

Acquire a simple Hex Editor. I like XVI32 since it is simple and doesn’t require installation.

  1. Open 'Outlook.pst' in the Hex editor.
  2. Delete positions 7 through 13 with the spacebar. (On the right side of the screen if you are using XVI32) As you clear the characters, the editor displays the code “20” in their position. (On the left side of the screen if using XVI32.)
  3. Save the PST, it is now corrupted.
  4. Run the Inbox Repair Tool, SCANPST.exe, to recover the file. Use Windows Search utility to find it.
  5. The Inbox Repair Tool creates a backup and repairs the damage and recreates the PST.
  6. Open Outlook. The Deleted Items folder should now contain the deleted messages, unless Outlook has already deleted them for good by compacting the PST.
  7. Enjoy your tickertape parade when you save the day with your techo-wizardry.