Why to backup Office 365? Here's what Microsoft recommends

Should You Backup Office 365? And If Yes, Then How?

Should You Backup Office 365

Short answer: Yes. You need to backup Office 365 data to keep it secure. Now let’s see why.

Despite Microsoft’s advanced security features, data loss happens. There are many reasons behind data loss: external threats, accidental data deletion, and more.

The cost of data loss may reach millions of dollars. Your company needs to keep its vital data secure to avoid financial and reputational risks. Such risks are one of the key concerns expressed by our customers when considering our backup. Office 365 doesn’t back up your data fully to protect it. And here is the proof.

Microsoft’s Backup and Recovery Policy

The main thing to understand about Office 365 service-level agreement is that it addresses availability, not recoverability of your data. According to Brien Posey, Microsoft’s MVP, Microsoft creates backups for internal use, protecting the whole cloud from critical failures.

Yet, you need to protect your items: mailboxes, contacts, and so on. They are often left beyond the reach of the native Office 365 recovery tools.

In fact, Office 365 has security gaps related to backup and recovery. That’s why many companies use additional Office 365 backup solutions to make their Office 365 environments more secure.

“Why should I backup Office 365?” you may ask. Because that’s what Microsoft recommends you. An extract from Microsoft Services Agreement:

why backup office 365

That’s why having a backup is definitely a good idea. But how to ensure that your cloud data is safe?

Office 365 Backup Best Practices

Let’s talk about the best backup practices in the cloud. Here’s what makes your backup data safe:

  1. Frequent backups. Ideally, it would be best if you had your data backed up several times a day.
  2. Customizable retention. You have to determine how long you need to keep your data recoverable.
  3. Reliable location. If you store your backup data in the cloud, you have to choose among the most secure clouds.
  4. The 3-2-1 strategy. There should be several backup copies stored separately. We’ll elaborate on this practice later in the article.
  5. Folder hierarchy preservation. When you recover your files, they should be restored to their original locations.
  6. Backup versioning. It’s great to have several copies to choose from. Just in case the most recent is damaged.

Limitations of the Native Office 365 Backup & Recovery Tools

Office 365 allows you to recover deleted items. However,  the native Office 365 recovery tools are quite limited. The basic recovery from Deleted Items helps with recent accidentally deleted emails, but what about other cases? Long-deleted or purged files, corrupted mailboxes, items lost due to cyber attacks or incorrect migrations – these are just a few things Microsoft will not help you to restore. Here are the limitations of the native recovery:

  1. Recovery is time-limited. Office 365 retention time is quite limited. By default, the items are kept around for up to 30 days (14 days by default). Moreover, the purged items will be lost. However, you might need to restore your long deleted files and emails. For example, for compliance or reporting purposes. That’s why you’ll need an Office 365 email backup.
  2. No point-in-time recovery. Let’s say, your mailbox has got corrupted and the version history is turned off. Your data becomes lost forever as there is no way to choose the “clean” version and restore it.
  3. Recovery is overcomplicated. Unlike professional backup software, O365 is not a one-click solution. For example, Office 365 recovery via In-Place eDiscovery & Hold has many conditions and steps, that are too time-consuming and still not always helpful.
  4. Office 365 doesn’t follow user data backup best practices. There is a basic rule of a safe backup. It’s called the 3-2-1 rule. According to this practice, there should be 3 backups stored on 2 media, with at least 1 off-site copy.

Yet, Microsoft stores backup data in the same cloud, as the source data. To put it simply, the data copy in the Microsoft cloud is vulnerable to the same threats as the data it backs up. Of course, it makes the security of your data incomplete. However, Office 365 is not a backup service, so it wasn’t supposed to follow the best backup practices.

Long story short, Microsoft provides no reliable backup. If Microsoft doesn’t back up your data, who does? 

Third-party Office 365 Backup Solutions

If your data gets lost or damaged and you can’t restore it with the native tools, a third-party backup is the best way for you. Unlike Office 365, third-party software provides a full backup to ensure your data is truly secure. With third-party backup software:

  • You can back up your Outlook and Onedrive items, including Calendars and Contacts.
  • You have better retention options. The backup data can be stored indefinitely.
  • You have the point-in-time data restore, meaning you choose the version to recover.
  • Your source and backup data are kept separately. Your Microsoft Office 365 backup data will be stored in the cloud of your choice (Amazon AWS or Google’s GCP).
  • You have advanced options to monitor data storage and usage.
  • You have the same folder hierarchy of restored data as in your original files so you can restore your items exactly to the folders they were deleted from.
  • Save your time and effort with a user-friendly interface.

Get a demo to learn more about our backup and ransomware protection solutions for O365.

So, how to back up your Office 365 data? Here’s the guide:


Need to create a backup only for a specific O365 service? Here are backup guides for Outlook, OneDrive, and Contacts.