Ensure your Office 365 data is secured and quickly recoverable

Modern business data is more than just data – it’s your business. And while it may be tempting to think that it’s safe in cloud applications, relying on cloud storage solutions that aren’t designed as backup or security tools can be risky.

So while we recognise that IT budgets are already under pressure and additional backups are yet another strain on them, in this article we look at the benefits of adding an additional protective layer to your business data in the Office 365 suite, and in other cloud applications such as Google Drive.

What are some of the risks of holding data only in cloud applications?

Among many other risks, these are some of the most common, and all contribute to unwanted levels of business downtime, or at the very least, distracted IT departments and users. To put it another way, is an additional solution worth it? These are the top 5 risks of holding business data exclusively in cloud applications:

  1. Additional costs and potential data loss from needing to keep inactive licenses open (from users that have left the business, but their data is still needed for example)
  2. Data loss due to accidental or malicious deletion by users
  3. Potential data loss when attempting to restore files
  4. Data loss when accidentally overwriting previous file drafts
  5. Ransomware and other cyber attacks

What’s the solution?

Datto SaaS Protection for Office 365 takes your data security far above and beyond the baseline industry standards to ensure that all business data in Office 365 and cloud apps data is secured, easily recoverable, and continually protected. Key features include:

  • Three-times daily backups of your business data
  • Encryption at rest and in transit
  • Quick and easy restores and exports of data

These features combine to significantly reduce the risk of losing key data, protect the business network from users, ransomware and other vulnerabilities, and support ongoing compliance efforts.

Keeping your team working on the right things

From a productivity point of view, Datto SaaS Protection for Office 365 make it easy to locate backed up files and folders. This is achieved through effective search filters that make their location quick and simple. The solution makes it possible to manage backups, see restores, and monitor all your activity via a clear and simple dashboard.

From this, it’s possible to analyse emails, files, contacts and full folders of data and, if necessary, restore files to users’ specific accounts, or to download them directly.

Do you need help convincing your colleagues about SaaS Protection? Check out this educational ebook, SaaS Protection for Office 365, and understand how to keep your critical business data people proof!

Find out more

You can read more about Datto SaaS data protection in this article.

As Datto Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.

Datto

Top tips for securing collaboration tools

As collaboration tools become more and more fundamental to team collaboration, and by extension, company success, alongside their benefits, cloud solutions for file storage and document or project management can cause many problems for IT departments.

Smaller businesses rarely invest in high-cost collaboration tools, opting instead for cheaper — or, better still, free — utilities. For better or worse, they have plenty of choices. However, failure to consider the security implications of using such tools can end up costing SMBs far more than they budgeted for.

In this article, we share some tips and best practices for making sure that your users can work as productively – and as securely – as possible.

Document collaboration tools

Many services allow small teams to edit documents simultaneously. They’re not just text tools, though; using them, team members can jointly develop graphical interfaces, diagrams, source code, and much more as well. It is handy, after all. However, before using such a service, it is worth understanding exactly how it works: how it stores your information, who has access to it, what security settings are available. Leaving work files publicly accessible is always a bad idea. Even if you are not concerned about information leakage, an intruder could gain access and make their own changes to your project documentation.

Google Docs or Microsoft Teams, OneDrive or Sharepoint provide the most vivid examples. People often share documents through those platforms, using a direct link without any restrictions. That means search engines can index them, and therefore pretty much anyone can see them. Complete strangers have found all sorts of confidential information in those docs: employees’ personal data, lists of customers including contact details, and even payroll records.

What to do: Use only services in which you can hide documents from prying eyes, or that at least give a clear explanation of how documents are stored. Do not forget to configure access rights — the ability to do so is a vital consideration. So, if you use Google Docs for work purposes, restrict access, granting it only to people you share documents with, and do not forget to revoke it if they no longer need it.

Cloud file storage

Another type of service that you should treat with caution is cloud file storage. Need to transfer a large amount of information? No problem — just upload it to the cloud and send the recipient a link. That neatly avoids any e-mail size limits. But many file-sharing services have no protection at all; and, again, files can pop up in the search results of random strangers.

Even if a service has protection, you need to turn security settings up to the max. People often sign up, upload data to the cloud, and forget about it. But passwords can leak. One hackers even stole passwords from Dropbox, not to mention smaller services.

What to do: Choose a reliable file-sharing service that supports two-factor authentication. Once you put data in the cloud, do not forget about it, and if you’re no longer using a file for work, delete it. Settle on one service for sharing files; using more than one invites confusion.

Project-management environments

Overall, these platforms allow workflow participants to communicate, share files, and systematize projects. If you use one to discuss business strategies or transfer files, it is important to know not only who can see them today, but also who might be able to later. Some cloud platforms make everything visible to everyone by default. Users can hide items, but odds are they won’t remember to 100% of the time; the default usually stands. What’s more, if someone gets access to a project, it is likely they will gain access to the entire project history, which is not always desirable.

Companies often grant access to such environments to contractors or freelancers, who may be working for you today and for a competitor tomorrow. Not to mention dismissed employees, who might have time to download an archive before you revoke their permissions.

What to do: Regulate project access rights, restricting those rights to work-related files only, for all parties. Use separate communication environments for employees and external people (contractors, customers). And do not forget to revoke access for former employees and freelancers promptly.

Additional tips

Remember that all services may have vulnerabilities (which might be undiscovered when you start working with them). In addition, many services have client apps with their own problems. Therefore, we recommend that you stick to the following principles:

  • Before you start working with a service, carefully study its settings and data processing rules, as well as read how people have reviewed it in the context of security.
  • Your dedicated IT expert or team, if you have one, must clearly understand what services you use, how they are configured, and who is handling their administration.
  • If you have no dedicated specialist, appoint a responsible party for each service to ensure that the client app is updated promptly any time a vulnerability is found, that passwords are changed in the event of a leak, and that access rights are issued and revoked as and when required.
  • Any service used to share a link or file can potentially be a malware distribution channel. Therefore, every device on which these tools are used needs a reliable security solution.

What’s the solution?

With Kaspersky Security for Microsoft Office 365, your company can protect Exchange Online, OneDrive files, SharePoint files, and Teams files against malware, phishing, spam, and other threats.

Click here to view the full datasheet, or watch the short video below.

Want to find out more?

As Kaspersky Gold Partners, Complete IT Systems can offer you expert advice on the solutions and how they could be effectively deployed in your business.

To find out more please call us on 01274 396 213 or use our contact form and we’ll arrange a good time to call you back.