This a common topic that comes up with prospects and even Commvault customers, so posting by “Why” response here.
Start here: http://commvault.com/office-365 and on Microsoft’s website: https://www.microsoft.com/commvault
In a single sentence: “You don’t depend on the Recycle Bin for data protection on your servers, do you? This is basically what Microsoft offers with Office/Microsoft 365.”
While the “Recycle Bin” can be used to recover items, for Exchange Online (EXO) it requires 30+ steps and OneDrive & SharePoint Online (SPO) only provides easy recovery of mass unexpected changes for the last 30 days. Furthermore, the max retention for EXO is 30 days and OneDrive & SharePoint is 93 days. In all three, recovering involves many steps and folder structure is normally lost. With Commvault, a few clicks can restore data quickly with folder structure kept intact.
Furthermore, the data can be retained in Commvault for any retention required and data recover can easily be delegated to non-senior staff. The most important fact is that if an item is not put on retention hold or retention hold is released items are purged with no way to recovery them.
Office\Microsoft 365 - key points on why Commvault is needed
Microsoft does not offer traditional backup and recovery of Microsoft 365 data. Microsoft is focused on providing a highly available service and they achieve that through real-time replication. Microsoft has left backup and recovery up to trusted ISV/Partners like Commvault to provide solutions.
- Microsoft does in place only data protection, not backup & recovery
- Retention in place ≠ Backup | Commvault > Recycle Bin
- Example, where KPMG lost 145K user's chat data due to retention policy change mistake
https://www.theregister.com/2020/08/24/kpmg_microsoft_teams/ - Microsoft 365 retention policy bug that looked like it lead to data loss
https://blog.jasonsherry.net/2020/10/29/m365-retention-policy-bug/
- Example, where KPMG lost 145K user's chat data due to retention policy change mistake
- Exchange deleted items only retained by default for 14 days with max of 30, unless retention hold used
https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-exchange-online-data-deletion - SharePoint and OneDrive deleted items and sites retain for 93 days, unless retention hold is enabled
https://docs.microsoft.com/en-us/microsoft-365/enterprise/microsoft-365-sharepoint-online-data-deletion- Deleted OneDrive user account's data retained for 30 days
- Limited recovery support for ransomware, logical/application corruption, and editing/overwriting of exiting items, etc in Exchange or SharePoint that allows for bulk recovery of previous version of items.
- From Microsoft’s own documentation “Step 1: Verify your backups”
https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/recover-from-ransomware - Video by Kevin Mitnick and ransomware risk in EXO:
https://blog.knowbe4.com/heads-up-new-ransomware-strain-encrypts-cloud-email-real-time-video
- From Microsoft’s own documentation “Step 1: Verify your backups”
- From Microsoft’s documentation: https://docs.microsoft.com/en-us/exchange/back-up-email
Point in time restoration of mailbox items is out of scope for the Exchange Online service, though there might be third-party solutions available that provide this functionality.
How do users backup Outlook data?
Exchange Online does not provide a way to perform a traditional backup of mailboxes. That is, there is no way to restore a mailbox to the state the mailbox was in when the backup was taken.
- Retention in place ≠ Backup | Commvault > Recycle Bin
- Fills the gap in OneDrive & SharePoint Recycle Bin, which has the following shortcomings
- Shows data in chorological order based on when it was deleted, by file without folder structure
- No search, only browsing of list of deleted items in OneDrive
- From: https://docs.microsoft.com/en-us/onedrive/retention-and-deletion
- "The Recycle Bin is not indexed and therefore searches do not find content there. This means that an eDiscovery hold can't locate any content in the Recycle Bin in order to hold it."
- Rollback "File Restore" of changes only supported for the last 30 days and is limited to Site owners
- Microsoft's document on Microsoft 365 File Restore info for OneDrive & SharePoint
- Bulk recovery from it is not available, which is critical in a ransomware scenario
- Cross premises search of Exchange, SharePoint, Files, Microsoft 365, and other data from a single console
- CV provides a single data management solution across applications, business data, and servers/VMs with support for data intelligence, deduplication, redundancy, DR, archiving, long term retention, and with a hardware & storage agnostic solution
- All data managed, archived and backed up by CV can be stored in any cloud and\or on-premises, or by Commvault’s SaaS offering Metallic
- CV is an Azure certified solution, so in addition to store data in Azure, CV can also run 100% in Azure or setup Azure as DR location and CV supports many other cloud storage and compute vendors.
- Easy end-user search and availability to all their protected data and quick and easy recover of items
- This off-loads IT from recovering deleted or “loss” items
- Native tools require 30+ steps to recovery mailbox item: https://docs.microsoft.com/en-us/office365/enterprise/recover-deleted-items-in-a-mailbox
- Native tools, Recycle Bin, for SPO & OneDrive only provide a flat chorological list of deleted files without support for recovering folder structure
- Can speed up migrations to M365 by reducing the data to migrate
- CV can be used to archive and remove older and larger items and non-active mailboxes from Exchange before the migration. It can also be used to backup files and SharePoint data that is no longer active.
- Users and admins can access the non-migrated data and\or restore it back to M365 at a later time if needed
- Messages backed up from any version of Exchange or EXO can also be restored back to any version of Exchange or EXO
- All data is available even if M365 is unavailable
- CV’s data access is independent from M365
To shorten this to only one bullet point: We offer better recovery for single items, folders, sites, and mailboxes than using native retention hold in Office\Microsoft 365.
- With a few clicks we can recovery items back to their previous state
- With EXO native tools you would have to go through an eDiscovery process, that puts the email items in a Discovery mailbox then export that data to a PST, then import that data from the PST back to the mailbox.
- https://docs.microsoft.com/en-us/exchange/recipients/user-mailboxes/recover-deleted-messages?view=exchserver-2019
- Example: We can recovery an entire mailbox with a few clicks, if it was ransomware encrypted.
- Ask Microsoft how they would recovery from this scenario: https://blog.knowbe4.com/heads-up-new-ransomware-strain-encrypts-cloud-email-real-time-video
- Example: Ransomware encrypts all files on a machine, including those from SharePoint and OneDrive and these encrypted versions are synchronized back to SharePoint.
- Rollback "File Restore" of changes only supported for the last 30 days, is limited to Site owners, and folder structure cannot be used to find what to recovery
- Microsoft's document on Microsoft 365 File Restore info for OneDrive & SharePoint
- https://techcommunity.microsoft.com/t5/Microsoft-OneDrive-Blog/Announcing-New-OneDrive-for-Business-feature-Files-Restore/ba-p/147436
- The other option is to manually recovery EACH file version for SharePoint: https://support.office.com/en-us/article/restore-a-previous-version-of-a-file-in-onedrive-159cad6d-d76e-4981-88ef-de6e96c93893
