News/Trends, Product, Tech/Engineering

Stories from the Field: Two Companies Join Forces to Ensure Recovery of Data for Office 365 in the UK

Phoenix Software, one of the largest Microsoft Office 365 providers in the UK, announced a partnership with ORIIUM and Druva to enable its customers to protect their cloud data. Using ORIIUM’s CX:inSync powered by Druva, Phoenix Software’s local government, education, health care, and housing association customers will now have access to full data recovery and archiving for their Office 365 environments.

Software as a service (SaaS) offers many unique advantages to customers, which is why SaaS solutions have been so rapidly adopted across enterprises. However, despite the strengths of SaaS platforms like Microsoft Office 365, it is important to remember that such platforms are primarily built to serve the need for productivity software. Although it does offer limited backup capabilities, Office 365 is not intended as a comprehensive solution to meet the needs of any individual company’s broad requirements for data availability and security.

In many cases, companies that rely on SaaS services are under the mistaken impression that simply storing data in the cloud means that it is backed up, or that backups of SaaS providers will be sufficient for dealing with accidental data loss or legal data retention requirements. Unfortunately, this misperception will have real data protection and compliance ramifications for organizations as they migrate services to the cloud. Gartner estimates that by 2020, more than 85% of businesses will have deployed Office 365. While organizations often have policies in place to protect data on endpoints, these policies often don’t extend to SaaS data.

Data recovery can be a critical component of the data workflow for most businesses, but it is not fully supported by Office 365 off the shelf. Office 365 is designed for ease of use, but its data recovery options are limited. Accidental deletions, user errors, and intentional malicious actions can all lead to data loss, but Office 365 isn’t equipped to handle these types of scenarios.

It’s also important to understand that the data recovery that Microsoft SLAs guarantee only applies to instances where Microsoft is  responsible for losing the data. If data is lost by someone in your organization, Microsoft’s recovery capabilities are limited and expire within 30 to 90 days, depending on your level of service. Beyond those limits, data will not be recoverable.

Obtaining the level of data protection that most organizations require means leveraging a comprehensive data protection and information governance solution like Druva inSync. Druva’s technology leverages the scale and scope of the public cloud, replicating data across multiple data centers within each region and ensuring 99.99999% reliability. Regions are customer-selectable, which facilitates compliance with data residency regulations. Plus, as a secondary backup to your stored data, inSync also provides access to data in the event that Office 365 suffers an outage or otherwise becomes unavailable.

An effective data management strategy also needs to take data retention requirements into account. For example, although Office 365 offers some rudimentary legal hold tools, these capabilities are limited by restrictions such as the number of users to which a single legal hold can be applied and the percentage of users that can be on a legal hold at one time. These limitations mean that it may not be possible to place a hold on all of the data that a company is legally obligated to preserve.

Having to deal with such limitations is just one the reasons why companies that use SaaS platforms like Office 365 must leverage a comprehensive solution that ensures data is governable as required by company policies. With Druva inSync, there are no limits on legal holds. An unlimited number of holds can be applied to a given user, and there is no limit on the number of users to which a given legal hold within an organization can apply. This ensures that any data, regardless of location or owner, is preserved as required.

According to Rick Powles, Druva’s EMEA regional vice president, the partnership with Phoenix Software and ORIIUM will improve compliance with regulations such as the EU’s General Data Protection Regulation, which goes into effect in May 2018. “Public sector organisations across the UK deal with sensitive data on a regular basis — all of this information has to be stored and protected over time. The partnership with Phoenix Software and ORIIUM will make it easier for public sector organisations who have been rapidly adopting cloud applications to better comply with these critical regulations.”

As Johnny Ellis, the sales and marketing director at Phoenix Software, explains: “Cloud applications like Office 365 are essential work tools at our customers,”The CX:InSync service ensures our customers can collect data from these applications and securely preserve it in sovereign UK-based cloud locations.”

Find out how to address the critical data protection gaps in Office 365 at //

Recommended Reading:

Office 365: The Critical Gaps
The Top 6 Myths About SaaS Apps and Data Recovery