Protect Microsoft Teams — Collaboration without compromises

In today’s global economy with an international workforce, disruption due to travel restrictions caused by the emerging COVID-19 pandemic can translate into real business impacts if employees in a company are not presented with alternative avenues for collaboration. In response to travel restrictions, companies like Google are experimenting with remote collaboration at an unprecedented level. Who knows, if this grand experiment results in successful business outcomes, “collaboration-as-a-service” could be the answer to reducing traffic jams and greenhouse gas emissions.

Microsoft bets big on collaboration-as-a-service

Teams is Microsoft’s latest venture into the “collaboration-as-a-service” market empowering users to work together using their favorite apps in a virtual setting. Microsoft already offers a free version of Teams that includes web versions of Microsoft 365 as a sweetener to lure your business into the Microsoft fold. In a blog titled “Working remotely during challenging times,” Jared Spataro, Corporate Vice President for Microsoft 365 mentions that beginning March 10th, Microsoft will start offering its free version of Teams without user limit restrictions. These turn of events have created a window of opportunity for Microsoft customers to:

  • Easily deploy a collaboration suite that is seamlessly integrated into the Microsoft ecosystem of Microsoft 365 productivity tools, which is already consumed as a service.
  • Drive collaboration even when project teams are distributed across multiple locations, because the collaborative platform provides tools and creates a “virtual project vault” that is accessible even when the team members are not all in the same facility.
  • Save costs by replacing or consolidating purpose-built online meeting software such as WebEx, Zoom, and Go-To-Meeting (with a caveat that Teams covers all use-cases that enterprise customers demand of these purpose built tools).
  • Quickly enable standard integrations with leading SaaS apps (beyond Microsoft’s own tools) to let users work with their favorite apps without having to ever leave the platform.

Protecting Microsoft Teams data

After a Teams roll out, the primary medium of employee interaction will increasingly shift from emails to Teams. Consequently, it is important to protect content shared within the platform for business continuity purposes in the face of unforeseen data loss events due to ransomware and accidental deletions. Another mandate for businesses is to make this content available in a tamper-proof and timely manner for legal matters, should the situation arise. This is easier said than done — Microsoft Teams is a tapestry of apps that leverages key Microsoft 365 components, inter-connected with multiple metadata links and references.

  • Channel conversations are stored in a group mailbox on Exchange online.
  • 1:1 chats are stored in individual user mailboxes on Exchange online.
  • Files uploaded on 1:1 chats are stored in individuals’ OneDrive for Business.
  • Channel files and wiki are stored in Teams’ SharePoint site.

Given the above, imagine how a data recovery situation for Teams would play out in your company, after the most recent ransomware attack. If you are relying on native recycling bins, you may not be able to recover because OneDrive, SharePoint, and Exchange Online recycle bins typically have limited retention (ranging from 30 to 93 days). Even with Microsoft 365 E3 or E5 retention setups that allow extended access to deleted items through the preservation hold library, you will spend a lot of time searching for individual conversations, files, and metadata. This is neither practical nor feasible, if you have to repeat the process to recover multiple files that were infected. For every object that you are recovering with multiple versions, there is the additional step of locating the right version to recover (remember, the latest version may not always be the “last known good copy” that you need for recovery after a ransomware attack). Let’s quickly summarize.

Microsoft 365 is SaaS, not backup! Purpose-built data protection solutions follow the “3-2-1” backup rule that offers true redundancy, source isolation, and data isolation — 3 copies of data on two separate storage with one being offsite, all the while meeting data privacy and data residency requirements. A purpose-built protection and recovery solution will allow you to restore a true snapshot of your data at a certain time. Baseline Microsoft subscriptions do not allow restoration of deleted items beyond the application recycle bin threshold.
Simple recovery experience does not exist Microsoft does not offer a simple recovery experience for all of your Teams content. In a bulk-recovery situation, it is not practical to locate individual files, versions, and channel conversations within the preservation hold library, even with Microsoft 365 E3 and E5 retention capability.
Limiting data access and visibility is not possible Microsoft does not have granular administration controls that comply with enterprise data protection best practices. A purpose-built data protection solution allows limiting administration to a select group of users and restricts visibility to content being recovered by IT administrators.
One-click download is not possible Microsoft does not allow for one-click download of all Teams components for legal data requests.

Choosing a solution that protects Microsoft Teams

Now that we understand the limitations of Microsoft’s native capabilities for data protection, data governance, and e-discovery, let’s talk about how to select an appropriate data protection solution.

Data protection-as-a-service: You already understand the benefits of SaaS since you signed up for Microsoft 365. Choosing a solution that offers SaaS data protection similarly helps you save on IT Capex costs and frees up your team from the grunt work of standing up backup infrastructure, buying and maintaining storage, and administering patches.

Isolation from Azure: Hedging your choice of cloud is never a bad idea and the ideal data protection solution of your choice should be able to offer you a storage infrastructure other than Microsoft Azure. For instance, Druva can help maintain a true, isolated backup of your primary Microsoft 365 data on AWS Cloud.

Easy restore: Choose a solution that empowers you to restore an entire set of files and channel conversations within a Team.

One-click download: Choose a solution that allows you to easily download all Teams related content from one place, with one click.

Alignment with your broader cloud strategy: Every business has its own DNA and consequently, your data protection needs could vary depending on different SaaS apps your business is using. Do consider a solution who currently protects Microsoft 365 workloads, but also offers support for other SaaS solutions that are deployed within your business.

Global infrastructure footprint: Latency is real while restoring large data sets from one side of the world to another. In addition, your business may need to comply with data residency requirements. Do consider a solution with a global infrastructure to meet your latency and data residency requirements.

Cutting-edge security: Choose a solution that takes security of your backup dataset seriously with data encryption at rest and transit and compliant with SOC, ISO 27001, PCI DSS Level 1, and ISAE 3402 standards.

Beyond backup: Choose a solution that allows you to do more with your backup data set. Value added services such as eDiscovery enablement, data governance are offered by leading solutions in the marketplace, such as Druva.

Set your organization up for success by ensuring business continuity in the face of accidental deletions, ransomware attacks, and information sabotage. Empower your IT department to perform rapid recovery of your users’ official hangout hub.

To see how Druva can help, visit the Microsoft 365 page of the Druva site for more information. Better yet, sign up and take us for a spin. There is no obligation and it is FREE!