40% of Organizations Not Doing Enough to Protect Office 365 Data

By not using third-party data backup tools, companies are leaving themselves open to attack, a new report finds.

IT organizations are taking a big risk by relying on Office 365 to deliver all the backup they need, according to a new report released today by Barracuda.
Based on responses from more than 1,000 IT professionals, business executives, and backup administrators, Barracuda found that 40% of IT organizations surveyed dont use third-party backup tools to protect Office 365 data.
Greg Arnette, director of data protection platform strategy at Barracuda, points out that while Microsoft does offer a resilient SaaS infrastructure to ensure availability, it does not protect data for historical restoration for long, and its service-level agreements dont protect against user error, malicious intent, or other data-destroying activity.
Microsoft will protect your data for an outage in a data center environment, Arnette says. But they will not detect threats such as account takeovers and ransomware. Those kind of attacks will look like the actions of a typical end user. The backup vendors are now doing more detection using cloud-based APIs to keep track of what changes over time.
According to the
study
, deleted emails are not backed up on Office 365 in the traditional sense. Rather, they are kept in the recycle bin for a maximum of 93 days before theyre deleted forever. For SharePoint and OneDrive, deleted information gets retained for a maximum of 14 days by Microsoft, and individuals must open a support ticket to retrieve it. SharePoint and OneDrive are unable to retrieve single items/files; they must restore an entire instance. Its unlikely that such short retention policies meet most compliance requirements.
Theres an assumption that if the data is in SaaS, its automatically backed up, but thats not the case, says Christophe Bertrand, a senior analyst at the Enterprise Strategy Group who covers data protection. Just because its in the cloud doesnt mean that you dont have to back it up. You are still responsible for protecting the data, making it recoverable and archiving it, especially email.
The Barracuda study also found that while 64% of global organizations say they back up data to the cloud, a sizeable 36% still don’t. The reason for this is unclear, according to the report, although there could be latent security concerns over doing so.
“We see this as a checkpoint in time where the industry is shifting to a cloud mentality,” Arnette says.
Related Content:
Microsoft, Amazon Top BEC’s Favorite Brands
Millions of Office 365 Accounts Hit with Password Stealers
Office 365 Missed 34,000 Phishing Emails Last Month
Vade Secure Launches Native, AI-Based Email Security Add-On for Office 365

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industrys most knowledgeable IT security experts. Check out the
Interop agenda
here.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
40% of Organizations Not Doing Enough to Protect Office 365 Data