Data loss is a major concern for Office 365 customers because Microsoft’s backup policies cannot guarantee a complete and speedy restore of lost data. Even when data is retrievable, the process is long and complicated, and retention policies vary for each application included in the cloud platform.
Applications like OneDrive and SharePoint power much of the collaboration capabilities within Office 365. However, that collaboration can be put in jeopardy when user error, hacking, sync issues, or malicious insiders cause data loss. Both apps leverage a primary and secondary recycle bin with 93-day retention periods, but these can also be emptied at any time which means that data is unretrievable. Exchange Online also has its own retention policies. By default, deleted emails go into the Deleted Items folder. Once they are purged from this (or if a customer hard- deletes Exchange items), they are sent to a secondary “Recoverable Items” folder, which has a 14-day default retention period (can be extended to 30 days). And while this may sound like the answer to all your backup and retention hopes and dreams, consider this:
Retention policies and capabilities vary from service to service within Office 365, and new services like Microsoft Teams often don’t have similar safeguards available.
Policies are always evolving and tend to be very complicated. If you aren’t constantly monitoring your organization’s data and investing time to understand the complex landscape, it’s easy for things – like critical data – to fall through the cracks.
Office 365 backup and retention policies can only protect you from data loss in very limited scenarios, and can’t take the place of 3rd party backup solutions.
Backup and retention policies are not a substitute for a complete backup and restore solution.
Microsoft does all they can to put safeguards in place so that their customers don’t lose data. But the bottom line is, Microsoft Office 365 does not specialize in data backup and recovery. Ultimately, you are responsible for these activities in order to keep your organization’s data safe in the cloud.