Microsoft 365 Backup for SharePoint Online and Exchange Online (Soon)

Microsoft Enters a Completive Microsoft 365 Backup Market

One of the big announcements at the Microsoft Inspire (partner) conference marked Microsoft’s debut into the Microsoft 365 backup market. At least. It’s an intention to participate in the market with a public preview of a Microsoft 365 Backup product for SharePoint Online, OneDrive for Business, and Exchange Online in the last quarter of 2023. At the same time, Microsoft plans to deliver a public preview of a Microsoft 365 Archive product to move “inactive or ageing” SharePoint Online data from “hot” (online) storage to cold storage. I can’t wait to “automate scaled mass archiving by running PowerShell scripts” to move SharePoint Online files to cold storage.

Seriously, both initiatives are welcome. Microsoft has some unique advantages (and some disadvantages) when it comes to moving data around from Microsoft 365 repositories, and it’s about time that Microsoft took some responsibility for protecting customer data with backups.

The Microsoft Advantage

Microsoft’s advantage over ISV backup partners is twofold. They have instant access to customer data stored in their datacenters and they control the APIs that allow access to the data.

ISV alternatives typically copy information from Exchange Online, SharePoint Online, and OneDrive for Business (and sometimes Teams messages) from their native repositories to their datacenter. Many issues come into play:

  • Shipping large quantities of data across the internet from Microsoft’s datacenter network to the ISV’s target datacenter. This process takes time and can be resource intensive, especially for restore operations.
  • Lack of suitable APIs to stream large quantities of data from Microsoft to the ISV datacenter. For instance, Exchange Web Services (EWS) is the foundation for many ISV backup solutions for Exchange Online. EWS was never designed for this purpose, but it works. Some ISVs use EWS to copy Teams compliance records and call it a Teams backup. Microsoft wants to move ISVs to use the Teams export API, but that comes with its own complications.

Microsoft 365 Backup doesn’t use another repository. Everything stays inside Microsoft 365, so restores (when necessary) happen extremely quickly, even at massive scale. The idea is that if a Microsoft 365 tenant is compromised by ransomware, it can very quickly switch back to the status that pertained at a point in time before the attack happened. It’s a compelling proposition, especially when integrated into the Microsoft 365 admin center (Figure 1). Of course, it would be even better if the tenant stopped the attack by taking steps such as implementing multi-factor authentication everywhere, but that’s another matter.

Microsoft 365 backup in the Microsoft 365 admin centre
Figure 1: Microsoft 365 backup in the Microsoft 365 admin centre (source: Microsoft)

Microsoft hasn’t said what licenses or costs are likely to be incurred with Microsoft 365 backup. I imagine that they will charge on a consumption basis, meaning that tenants will pay using an Azure pay as you go subscription based on how much data they process.

The Microsoft Disadvantage

The big disadvantage for Microsoft 365 Backup is that all data remains in Microsoft datacenters. Keeping all your eggs in one (datacenter) basket is not deemed to be a good thing because the remote possibility exists that the datacenter might suffer a catastrophic failure that leads to data loss. I don’t consider this to be something likely to happen, but I understand why companies like to maintain a separate copy of their data at a different location, just in case.

The ISV Play

Microsoft was careful to launch with ISV support. It doesn’t make sense to go to war with ISVs that have been serving Microsoft 365 customers for years. Microsoft has several launch partners that are signed up to use the backup and archive APIs so that “partners can integrate our capabilities into their data management and protection apps. With Microsoft 365 Backup and Microsoft 365 Archive APIs, our partners can uniquely provide a single and seamless experience that protects your data estate, whether inside or outside of Microsoft 365, in combination with our speed and storage innovations.” In other words, ISVs can use the APIs (and pay Microsoft for the privilege) to take advantage of faster backup and restore for Microsoft 365 data. We’ll see how this transpires in terms of costs and how the ISVs adopt Microsoft 365 backup APIs in their solutions.

No Teams Backup and Restore

Microsoft has deliberately targeted the easiest workloads for backup. Emails and documents are relatively easy objects to backup and restore. Microsoft has unfettered access to the data and can tweak APIs to make backup and restore operations easier so their implementation is faster and smarter. However, Microsoft 365 archive does not take on the biggest challenge that exists for backup today, and that’s to deliver seamless backup and restore capabilities for Teams.

Teams borrows from multiple Microsoft 365 and Azure services. It integrates data drawn from multiple sources and applications. This, and the lack of APIs to perform comprehensive backup and restore for Teams, is what creates the challenge. Given that Teams now has over 300 million monthly active users, it’s a pity that Microsoft hasn’t cracked a nut that they are uniquely positioned to take on. Perhaps full Teams backup and restore will come in time.

Insight like this doesn’t come easily. You’ve got to know the technology and understand how to look behind the scenes. Benefit from the knowledge and experience of the Office 365 for IT Pros team by subscribing to the best eBook covering Office 365 and the wider Microsoft 365 ecosystem.

3 Replies to “Microsoft 365 Backup for SharePoint Online and Exchange Online (Soon)”

  1. This is very interesting that MS are going to release this.

    They’re quite late to the party and to be honest, a massive draw back is that it’s still on MS servers.

    One of the many reasons for backup is actually so that the data is accessible and away from MS as they’re not exactly DDoS proof as we have seen in recent years the levels of attacks and downtime rise.

    When we deploy to clients we give them a choice of having data in Azure, Google Cloud or Acronis’ own storage.

    That way control is away from MS.

    Secondly, the purpose of backup is also to protect from malicous attacks.

    If MS account is compromised then the first thing attackers will do is access the backups, download or even delete them preventing recovery.

    This is definitely an “eggs in one basket” scenario.

    Kindest Regards
    Broadband9 LTD

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.