Beyond the Device: Safeguarding End User Data in the Digital Workforce Era

Vasu Subbiah, Sr. Director, Product Management

The Covid-19 pandemic started a transformation in the way people work. The shift towards remote and hybrid work has necessitated changes in data management practices. First, organizations need data management across their user data including Endpoints, Microsoft 365, and other SaaS applications because user, security, and regulatory needs apply to the data, regardless of where it is stored. Second, organizations need a documented cyber recovery plan to be able to recover from an attack because user data is both an attack vector and a target for cybercriminals.   


Every shift  (new technology adoption, operational or work culture) is preceded by an inflection point and the Covid-19 pandemic was the inflection point that accelerated the adoption of remote work practices, compelling enterprises to adapt their operations. Thus, the storage and security of data have become of paramount concern. This paper explores the challenges faced by enterprises in a hybrid work environment, focusing on platforms like Endpoints, M365, and other SaaS applications. It delves into the implications for data security threat surfaces and outlines strategies to protect data while adhering to governance and legal requirements. Furthermore, it addresses the challenges of data restoration at scale and offers insights into planning for effective data recovery. 

Data Storage in the Hybrid Work Environment

In the hybrid work environment, enterprises rely on a combination of their laptops and SaaS applications to execute their day-to-day activity, so their data is distributed across multiple repositories and geographic locations. Microsoft 365 has emerged as a popular choice due to its collaboration features (read ExchangeOnline) and integration with other productivity tools. SharePoint Online and OneDrive for Business provide a centralized repository for documents, while Teams serves as a hub for communication and file sharing. These platforms enable enterprises to access and collaborate on data regardless of their physical location. Regardless of where data is created, stored, and accessed (laptop or M365), it goes through the data lifecycle - from creation to usage through destruction. Data must be protected and secured throughout the lifecycle.

Flow chart

Protecting Data Consistently with Governance and Legal Requirements 

Companies must implement a robust data protection framework to safeguard data and adhere to governance and legal requirements. This framework should include backup, access controls, security, compliance, retention, and discovery. Regardless of where the data lives - laptop, M365, or elsewhere - it remains your responsibility. Data in M365 is subject to the same user needs, regulations, and cyber attacks as data on laptops or servers.  Unified compliance with regulations such as the General Data Protection Regulation (GDPR) and industry-specific standards enhances trust with clients and mitigates legal liabilities.

Following the data lifecycle, Druva’s solutions for endpoints and M365 have built-in workflows and capabilities to address data protection, governance, and compliance at scale globally for an enterprise (as illustrated in the figure below).

Flow chart

Implications for Data Security Threat Surfaces

As data is dispersed across platforms, the threat surface for data security expands. enterprises must be cognizant of potential vulnerabilities, including unauthorized access, data breaches, and insider threats. The distributed nature of data storage necessitates a comprehensive security strategy that encompasses encryption, access controls, multi-factor authentication, and regular security audits. Failure to address these concerns may expose sensitive client data to potential risks.

Additionally, as the threat vector increases, as a CIO you must ask the following questions:

  1. How do you secure the attack surface of your data (no matter where they are stored)?

  2. Is there built-in observability as the data changes?

  3. How do you rapidly curate and certify restores?

Druva’s Data Resiliency Platform addresses the security of data across endpoints and M365, which customers can manage at scale and globally.

End-user security features

Planning for Data Restoration at Scale

In the event of data loss or system failure, effective data restoration is crucial to minimize disruptions and ensure business continuity. Enterprises should establish comprehensive backup and recovery strategies that encompass both endpoints and SaaS applications. Regular backups, redundant storage systems, and automated backup processes are essential components of a reliable data restoration plan. Additionally, testing the restoration process periodically helps identify and address any potential gaps or shortcomings. 

Doing this ensures basic data availability hygiene but to ensure you can restore with confidence when you are impacted by a data security incident, Druva has introduced a new workflow in the form of Curated Snapshot. This ensures that the restore process is executed with a pristine snapshot that is free of any infected files and yet provides the enterprise user with a workable copy of the latest available version.


The hybrid work environment has necessitated significant changes in the way strategy and business consulting companies store, secure, and restore data. Platforms like M365 have become key repositories for enterprises, enabling seamless collaboration and remote work. However, this shift brings forth challenges in data security threat surfaces. To protect data consistent with governance and legal requirements, organizations must implement robust data protection frameworks encompassing encryption, access controls, and user training. Simultaneously, effective planning for data restoration at scale is essential to ensure business continuity. By addressing these challenges proactively your enterprise can ensure business continuity and data security.