office 365 data protection - system source€¦ · •message sent to journal before recipient...
TRANSCRIPT
Office 365 Data Protection
Agenda
• Sh
• Welcome and Introductions – Chris Riley- Tony Paul Pugliese,
Enterprise Systems Engineer - System Source• Microsoft’s Office 365 platform
• Data archiving, retention, and recovery
• Exchange Online Archive
• Exchange Message Records Management policies
• Exchange Journaling
• SharePoint / OneDrive retention policies and Files Recovery
• Summary
• - Courtney Vick, Territory Manager - Barracuda
• Sh
Audio – In presentation mode until end
Control Panel
View webinar in full screen mode
Feel Free to submit written questions
Open Q & A at the end
(please raise your hand & we will unmute your
line)
Survey at conclusion of webinar
During the Webinar…
We Hope You are
Enjoying Your
Pizza!!
Please double check with your receptionist
then contact Mike Jones:
[email protected] We will research and replace with an e-card
(We are recording the webinar – so don’t think twice about stepping away
for a few minutes to go pick it up at your front desk!)
System Source is a regional systems integratorWe have the people, processes and tools to help clients improve, maintain and acquire IT and Audio-Visual systems.
• We help IMPROVE IT operations. Clients ask us to train their staff for more productivity or rent our classrooms for private classes.
• We design PRESENTATION rooms including collaborative conference and classrooms.
• IMPROVING IT often requires top CONSULTANTS.
Tony Paul PuglieseEnterprise Systems Engineer - System Source
Office 365 Platform
Office 365 Platform• Geo-redundant network
• 99.9% uptime SLA
• Data encrypted at rest and in transit
• Provides a variety of security features and data fault tolerance
Office 365 PlatformMicrosoft manages the services
Microsoft responsibilites
Hardware and service redundancy
Service remains available during outages and maintenance windows
Data is replicated over multiple data centers
Office 365 PlatformMicrosoft manages the services
Microsoft responsibilites
Hardware and service redundancy
Service remains available during outages and maintenance windows
Data is replicated over multiple data centers
https://docs.microsoft.com/en-us/office365/servicedescriptions/office-365-platform-service-description/service-health-and-continuity
Office 365 PlatformMicrosoft manages the services…
so the Customer doesn’t have to!
Customer NOT responsible for server / service operations. Customer can NOT -
attach to specific server remote desktop
reboot servers
allocate disk space
change any server hardware
change OS-level configuration
change or access network shares or disk drive letters
upgrade server OS, drivers, or application software
Office 365 PlatformShared Responsibility ModelMicrosoft manages the services …
Customer manages the data
Microsoft Customer
Hardware and service redundancy Provides data for and consumes data services: email, databases, chats, files, …
Service remains available during outages and maintenance windows
Configures services and policies to fit organization requirementsConfigures user account access to services, shared data.
Data is replicated over multiple data centers
Configure how long to keep data with data retention policiesBackup data to alternate or local repositoryRecover data as needed
Some reasons for backup
• Users• “I accidentally deleted some email / files …”
Some reasons for backup
• Users• “I accidentally deleted some email / files … in January …”
Some reasons for backup
• Users• “I accidentally deleted some email / files … in January … of last year.”
Some reasons for backup
• Users• “I accidentally deleted some email / files … in January … of last year. Can
Microsoft restore it from tape?”
Some reasons for backup• Users
• “I accidentally deleted some email / files … in January … of last year. Can Microsoft restore it from tape?”
• “I’ve been hit by a virus, and now my files are encrypted….”• Employee turnover.
• Malware• zero-day threats, cryptojacking, DDoS, Botnet attacks, and more.• Ransomware is an all too common attack from malware
• Phishing – Spear, whaling, lateral• More than 90% of cyberattacks and resulting data breaches start with a spear phishing
campaign
Data replication is NOT data backup!
Data Archiving, Retention, and Recovery
Exchange Online Archive
• Archive mailbox = Alternate storage
• Optional
• Reduce size of primary mailbox
• Messages moved by policy rules or manual user action
• Archive ≠ backup!
Exchange Retention• Default retention policy applied to all mailboxes.
• Deleted Items folder – no longer purged by default (was 14 days max)
• Items permanently Deleted – expire / unrecoverable after 30 days (max)
• Messages older than 2 years moved to Archive
• can make different retention policies sets for different user groups.
• Applies to Exchange Only – new retention policies cover Exchange, SharePoint, and OneDrive
Exchange Retention
• Messaging Records Management (MRM) policies provide granular configuration of data retention.• Tags define an action and / or conditions
• Retention Policies are a collection of tags applied to mailboxes
• Messages are assigned tags by user or policy
• In-place and Litigation holds (Exchange Online Plan 2) prevent messages from really being deleted.• moved to hidden Recoverable Items folder to preserve items
• eDiscovery by designated users to search messages.
Exchange Retention
• Exchange “Retention” policies misnamed
• No guarantees!
• Dubious compliance / regulatory usage.
Exchange Journaling
• Can record all communications, inbound, outbound, internal.
• Compliance support for regulations and regulated organizations (SOx, SEC, Financial and Health sectors)
• Messages are wrapped up with meta-data and sent to one or more external “journaling mailbox”.
• message sent to journal before recipient
• Journaled messages sent on-premises or third-party cloud service
• No journal storage within Microsoft
SharePoint and OneDrive Recovery and Retention
• Office 365 Groups and Teams use SharePoint libraries and OneDrive to store data. • Recovery and retention capabilities apply to SharePoint, Groups and Teams
• Deleted messages go to the Recycle Bin for 93 days• If a document is purged from Recycle Bin, it will go to the site collection
Recycle Bin for the remainder of the 93 days
SharePoint and OneDrive Recovery and Retention• Files Restore – A newer feature that provides rollback
capabilities for libraries• Requires version history and recycle bin enabled• Up to 30 days• Entire library recovered to selected point-in-time
• Preservation Hold• Retention policies can be applied to libraries• When a policy is applied, a (hidden) Preservation Hold
library is created• Old file versions / deleted files kept here after new version
saved or deletion from SharePoint library.• Files stored here reduce tenant available SharePoint storage• Used for compliance, such as SEC Rule 17a-4
Summary
Office 365 is meant to be reliable, running on redundant services and systems.
Reliably deleting information, even redundantly, is not always useful. To have a safe configuration you will need a combination of:
• Data retention (within Office 365 + optional externally “journaled” data)
• Data backup (external to Office 365)
• Data restoration (external to Office 365)
Courtney VickTerritory Manager - Barracuda
• Sh
Thank you for attending today!