Should You Back Up Your Data in Microsoft Office 365?

In one word? “Maybe”

It is a business decision that may depend on a diverse set of factors including:

  • What are your business objectives, requirements, policies, etc?
  • How do your retention policies align with your objectives?
  • Do you have to backup for auditing purposes? If so, what has to be backed up?
  • What has your legal counsel advised?
  • Have there been significant reasons to recover data in the past?
  • What is the corporate culture around recovering data beyond the scope of built-in retention policies?
  • Can you rest well without a traditional backup?

Does Microsoft backup your data in the cloud?
Not in the sense that you may be thinking. Microsoft focuses on reliability, redundancy, and cloud scalability. Always refer to the Office 365 Service Descriptions for the details of what the Office 365 platform and each of its services and features includes, is limited to, and more.
How does Microsoft safeguard your data?
In general, redundancy and service specific methods. We’ll explore the major services at a very high level:

Exchange Online

Microsoft has long promoted the concept of data redundancy with Database Availability Groups and replication to multiple copies of mailbox databases and the same applies to the cloud. Microsoft leverages geographically dispersed data centers to prevent loss of data in a specific location.

Retention and recovery support for an organization’s email includes mailbox replication at data centers and the ability to restore mailboxes and deleted items.

  • Deleted mailbox recovery for up to 30 days
  • Deleted item recovery for up to 30 days
  • Implement longer term email preservation or time-based In-Place Holds
  • Develop data governance strategy and use retention policies
  • Take advantage of In-place and litigation holds to preserve data

SharePoint Online and OneDrive for Business

  • Data redundancy, 90-day Recycle Bin, Versioning
  • Data governance using Retention policies, Data Loss Prevention, eDiscovery, service-level encryption
  • OneDrive for Business point-in-time Files Restore for up to 30 days
  • Implement longer term preservation and legal holds

Common Arguments for Backing Up Data in Office 365

  • Point-in-time recovery
  • Malware infection
  • Ransomware that encrypts your data
  • Malicious insider threats
  • Rogue admin
  • Human error
  • Data corruption


Is there a single 3rd party tool for the Office 365 platform – all services and features?
Not at this time, although some are closer than others. This means it may require more than one tool to accomplish backups for the different services, which increases costs and complexity. Oh, and don’t forget, Office 365 changes occur frequently which means 3rd party backup services will have to keep up with the constant rate of change. We all know how on-premises updates can be held back due to backup solution incompatibilities.

Key Takeaways:

  • User Voice – voice your feedback, ideas, and suggestions. Microsoft is listening.
  • What are your company’s requirements?
  • What are your industry requirements?
  • Do you have a data governance strategy? Keep what you should and get rid of what you shouldn’t.
  • Shared responsibility –
    • Educate yourself on the native retention and recovery capabilities of the Office 365 Services.
    • Microsoft provides many ways to safeguard data, but it is ultimately the customer’s responsibility to ensure data can be recovered beyond the means provided by Microsoft.

“Educate yourself on the native retention and recovery capabilities in Office 365 and if those capabilities do not meet your organization’s needs then evaluate third-party solution providers.”

Contact our team of experts today to assist you with your organization’s specific business needs! info@eGroup-us.com

Scott Barr

Scott Barr

Director of Cloud Practice - eGroup | Enabling Technologies

Last updated on July 27th, 2023 at 12:05 pm