Office 365 Data Protection

Agenda

• Sh

• Welcome and Introductions – Chris Riley- Tony Paul Pugliese,

Enterprise Systems Engineer - System Source• Microsoft’s Office 365 platform

• Data archiving, retention, and recovery

• Exchange Online Archive

• Exchange Message Records Management policies

• Exchange Journaling

• SharePoint / OneDrive retention policies and Files Recovery

• Summary

• - Courtney Vick, Territory Manager - Barracuda

• Sh

Audio – In presentation mode until end

Control Panel

View webinar in full screen mode

Feel Free to submit written questions

Open Q & A at the end

(please raise your hand & we will unmute your

line)

Survey at conclusion of webinar

During the Webinar…

We Hope You are

Enjoying Your

Pizza!!

Please double check with your receptionist

then contact Mike Jones:

mjones@syssrc.com We will research and replace with an e-card

(We are recording the webinar – so don’t think twice about stepping away

for a few minutes to go pick it up at your front desk!)

System Source is a regional systems integratorWe have the people, processes and tools to help clients improve, maintain and acquire IT and Audio-Visual systems.

• We help IMPROVE IT operations. Clients ask us to train their staff for more productivity or rent our classrooms for private classes.

• We design PRESENTATION rooms including collaborative conference and classrooms.

• IMPROVING IT often requires top CONSULTANTS.

Tony Paul PuglieseEnterprise Systems Engineer - System Source

Office 365 Platform

Office 365 Platform• Geo-redundant network

• 99.9% uptime SLA

• Data encrypted at rest and in transit

• Provides a variety of security features and data fault tolerance

Office 365 PlatformMicrosoft manages the services

Microsoft responsibilites

Hardware and service redundancy

Service remains available during outages and maintenance windows

Data is replicated over multiple data centers

Office 365 PlatformMicrosoft manages the services

Microsoft responsibilites

Hardware and service redundancy

Service remains available during outages and maintenance windows

Data is replicated over multiple data centers

https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-platform-service-description/service-health-and-continuity

Office 365 PlatformMicrosoft manages the services…

so the Customer doesn’t have to!

Customer NOT responsible for server / service operations. Customer can NOT -

attach to specific server remote desktop

reboot servers

allocate disk space

change any server hardware

change OS-level configuration

change or access network shares or disk drive letters

upgrade server OS, drivers, or application software

Office 365 PlatformShared Responsibility ModelMicrosoft manages the services …

Customer manages the data

Microsoft Customer

Hardware and service redundancy Provides data for and consumes data services: email, databases, chats, files, …

Service remains available during outages and maintenance windows

Configures services and policies to fit organization requirementsConfigures user account access to services, shared data.

Data is replicated over multiple data centers

Configure how long to keep data with data retention policiesBackup data to alternate or local repositoryRecover data as needed

Some reasons for backup

• Users• “I accidentally deleted some email / files …”

Some reasons for backup

• Users• “I accidentally deleted some email / files … in January …”

Some reasons for backup

• Users• “I accidentally deleted some email / files … in January … of last year.”

Some reasons for backup

• Users• “I accidentally deleted some email / files … in January … of last year. Can

Microsoft restore it from tape?”

Some reasons for backup• Users

• “I accidentally deleted some email / files … in January … of last year. Can Microsoft restore it from tape?”

• “I’ve been hit by a virus, and now my files are encrypted….”• Employee turnover.

• Malware• zero-day threats, cryptojacking, DDoS, Botnet attacks, and more.• Ransomware is an all too common attack from malware

• Phishing – Spear, whaling, lateral• More than 90% of cyberattacks and resulting data breaches start with a spear phishing

campaign

Data replication is NOT data backup!

Data Archiving, Retention, and Recovery

Exchange Online Archive

• Archive mailbox = Alternate storage

• Optional

• Reduce size of primary mailbox

• Messages moved by policy rules or manual user action

• Archive ≠ backup!

Exchange Retention• Default retention policy applied to all mailboxes.

• Deleted Items folder – no longer purged by default (was 14 days max)

• Items permanently Deleted – expire / unrecoverable after 30 days (max)

• Messages older than 2 years moved to Archive

• can make different retention policies sets for different user groups.

• Applies to Exchange Only – new retention policies cover Exchange, SharePoint, and OneDrive

Exchange Retention

• Messaging Records Management (MRM) policies provide granular configuration of data retention.• Tags define an action and / or conditions

• Retention Policies are a collection of tags applied to mailboxes

• Messages are assigned tags by user or policy

• In-place and Litigation holds (Exchange Online Plan 2) prevent messages from really being deleted.• moved to hidden Recoverable Items folder to preserve items

• eDiscovery by designated users to search messages.

Exchange Retention

• Exchange “Retention” policies misnamed

• No guarantees!

• Dubious compliance / regulatory usage.

Exchange Journaling

• Can record all communications, inbound, outbound, internal.

• Compliance support for regulations and regulated organizations (SOx, SEC, Financial and Health sectors)

• Messages are wrapped up with meta-data and sent to one or more external “journaling mailbox”.

• message sent to journal before recipient

• Journaled messages sent on-premises or third-party cloud service

• No journal storage within Microsoft

SharePoint and OneDrive Recovery and Retention

• Office 365 Groups and Teams use SharePoint libraries and OneDrive to store data. • Recovery and retention capabilities apply to SharePoint, Groups and Teams

• Deleted messages go to the Recycle Bin for 93 days• If a document is purged from Recycle Bin, it will go to the site collection

Recycle Bin for the remainder of the 93 days

SharePoint and OneDrive Recovery and Retention• Files Restore – A newer feature that provides rollback

capabilities for libraries• Requires version history and recycle bin enabled• Up to 30 days• Entire library recovered to selected point-in-time

• Preservation Hold• Retention policies can be applied to libraries• When a policy is applied, a (hidden) Preservation Hold

library is created• Old file versions / deleted files kept here after new version

saved or deletion from SharePoint library.• Files stored here reduce tenant available SharePoint storage• Used for compliance, such as SEC Rule 17a-4

Summary

Office 365 is meant to be reliable, running on redundant services and systems.

Reliably deleting information, even redundantly, is not always useful. To have a safe configuration you will need a combination of:

• Data retention (within Office 365 + optional externally “journaled” data)

• Data backup (external to Office 365)

• Data restoration (external to Office 365)

Courtney VickTerritory Manager - Barracuda

• Sh

Thank you for attending today!