Microsoft 365 is among the world’s most popular Software-as-a-Service (SaaS) platforms, with some 345 million users worldwide. Analysts estimate that companies using the suite of cloud-based productivity and collaboration tools collectively generate a whopping 100 petabytes of data each month — much of which is extremely sensitive information that could lead to serious financial, legal and operational damage if lost or compromised.
Naturally, you’d expect any organization using M365 to take strong measures to protect that data. But that’s not always the case.
For the third year in a row, an Enterprise Strategy Group (ESG) survey found that approximately one-third of IT professionals do nothing to protect their SaaS-resident application data. Most are under the impression that Microsoft and other SaaS vendors are protecting their data, but that’s a dangerous misconception.
While M365 includes many robust security features, the cloud’s shared responsibility model only requires Microsoft and other SaaS vendors to secure the underlying cloud infrastructure. Cloud customers must protect their own data. Organizations that fail to understand this distinction are at increased risk of potentially devasting data loss.
More than 80 percent of companies surveyed by ESG said they have experienced M365 data loss. Here are four of the most critical M365 data vulnerabilities:
1. Human Error
Microsoft 365 encompasses a wide range of applications, services and tools, including at least 179 different administrator portals. The sprawling nature of the platform increases the chances that users will accidentally delete, overwrite or misplace data. The consequences can be severe because although M365 offers basic data retention and recovery features, it does not provide full-fledged backup solutions by default. Without additional backup solutions in place, retrieving deleted data may be impossible once it’s past the platform’s default 30-day retention period.
2. External Threats
The widespread use of Microsoft 365 makes it an inviting target for malware, viruses and ransomware attacks. However, nearly 60 percent of organizations say they don’t extend their existing security mechanisms to their SaaS applications, according to a survey by the Cloud Security Alliance. That has led to a rise in external attacks on M365. Between March and June, for example, hackers flooded thousands of user accounts with phishing emails in a broad account takeover campaign.
3. Retention Policy Gaps
M365 retention policies allow users to specify how long specific types of content should be retained, but management complexity can lead to policy gaps that put data at risk. A single M365 tenant can have up to 10,000 different retention policies. As policies are modified, deleted or added over time, it can create policy conflicts that result in the premature deletion of critical information or the indefinite storage of irrelevant data, either of which can create significant security and compliance risks. In 2020, for example, a single policy change at KPMG resulted in the accidental — and permanent — deletion of the chat histories of 145,000 employees.
4. Third-Party Apps
Organizations commonly integrate a variety of third-party applications with M365 to streamline workflows, improve productivity and enhance collaboration. However, these apps can lead to data exposure or compromise if not properly secured. According to a recent study, employees in enterprise organizations grant more than 2,000 third-party apps access to M365 data with no oversight or control from the organization’s IT security team.
Microsoft 365 offers undeniable productivity and collaboration benefits, but organizations need to recognize and address data vulnerabilities. The cloud backup experts at Verteks can help you select, implement and manage a solution that protects your valuable M365 data against ransomware attacks, accidental or malicious deletion, misconfiguration and many other forms of data loss. Contact us to learn more.
