Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

3/28/2019
04:15 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

40% of Organizations Not Doing Enough to Protect Office 365 Data

Companies could be leaving themselves vulnerable by not using third-party data backup tools, a new report finds.

IT organizations are taking a big risk by relying on Office 365 to deliver all the backup they need, according to a new report released today by Barracuda.

Based on responses from more than 1,000 IT professionals, business executives, and backup administrators, Barracuda found that 40% of IT organizations surveyed don't use third-party backup tools to protect Office 365 data.

Greg Arnette, director of data protection platform strategy at Barracuda, points out that while Microsoft does offer a resilient SaaS infrastructure to ensure availability, it does not protect data for historical restoration for long, and its service-level agreements don't protect against user error, malicious intent, or other data-destroying activity.

"Microsoft will protect your data for an outage in a data center environment," Arnette says. "But they will not detect threats such as account takeovers and ransomware. Those kind of attacks will look like the actions of a typical end user. The backup vendors are now doing more detection using cloud-based APIs to keep track of what changes over time."

According to the study, deleted emails are not backed up on Office 365 in the traditional sense. Rather, they are kept in the recycle bin for a maximum of 93 days before they're deleted forever. For SharePoint and OneDrive, deleted information gets retained for a maximum of 14 days by Microsoft, and individuals must open a support ticket to retrieve it. SharePoint and OneDrive are unable to retrieve single items/files; they must restore an entire instance. It's unlikely that such short retention policies meet most compliance requirements.

"There's an assumption that if the data is in SaaS, it's automatically backed up, but that's not the case," says Christophe Bertrand, a senior analyst at the Enterprise Strategy Group who covers data protection. "Just because it's in the cloud doesn't mean that you don't have to back it up. You are still responsible for protecting the data, making it recoverable and archiving it, especially email."

The Barracuda study also found that while 64% of global organizations say they back up data to the cloud, a sizeable 36% still don’t. The reason for this is unclear, according to the report, although there could be latent security concerns over doing so.

“We see this as a checkpoint in time where the industry is shifting to a cloud mentality,” Arnette says.

Related Content: 

 

 

Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry's most knowledgeable IT security experts. Check out the Interop agenda here.

Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md. View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
REISEN1955
0%
100%
REISEN1955,
User Rank: Ninja
3/29/2019 | 8:11:08 AM
Backups to the cloud
As primary?????   I use a cloud app for backups but with CAUTION and have local backups, 3 of them, ready to go if something like ransomware hit my system - and i don't open suspect emails OR open suspect attachments.  Ever.  My backups are set ot mirror the drive structure of primary data data and I have used this for my clients as well.  Small business - bad drive, pull and replace - takes 15 min and a screwdriver but the same apples to data center.  Have two backup protocols, not one - Murphy's Law.  It will fail when needed so have two methods and one offsite secure.  Data schedule generally daily - not weekly or random.  Putting trust in the cloud is a fools game, you are exposing data on a second tier of theft - not one but two.  
StephenGiderson
50%
50%
StephenGiderson,
User Rank: Strategist
5/13/2019 | 3:29:07 AM
Follow me
Previously in school, I used to back up every single one of my assignments on more than 2 devices after saving in my email account. That is how prudent I was when it comes to safeguarding my own data. Organizations should really follow my style!
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
5/13/2019 | 8:45:30 AM
Re: Follow me
Email too can be a great restoration option - tons of attachments are often resident and can be accessed if needed, of course, by both user and hacker.  Que sera sera. 
REISEN1955
50%
50%
REISEN1955,
User Rank: Ninja
5/14/2019 | 9:23:01 AM
Re: Follow me
I still have floppy disks from ancient backups --- both 3.5 AND 5.25!!!!!   Now finding one of those drives to attach is a challenge.   May have to Ebay an IBM 5150 to read them.  Also runs Visiword.  (Now that disk had an encryption scheme for boot that nobody ever cracked).

i have a box of 8" floppy disks too but don't have an IBM S/36 5360 to run them on. 
When It Comes To Security Tools, More Isn't More
Lamont Orange, Chief Information Security Officer at Netskope,  1/11/2021
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15864
PUBLISHED: 2021-01-17
An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page.
CVE-2021-3113
PUBLISHED: 2021-01-17
Netsia SEBA+ through 0.16.1 build 70-e669dcd7 allows remote attackers to discover session cookies via a direct /session/list/allActiveSession request. For example, the attacker can discover the admin's cookie if the admin account happens to be logged in when the allActiveSession request occurs, and ...
CVE-2020-25533
PUBLISHED: 2021-01-15
An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can construct ...
CVE-2021-3162
PUBLISHED: 2021-01-15
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
CVE-2021-21242
PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the `Attachment-Support` header. This Servlet does not enforce any authentication or a...