6 Very Common Causes of Data Loss in Microsoft 365

February 12, 2020

6 min read

Tracy Rock

Director of Marketing @ Invenio IT
Data Loss in Office 365

6 Very Common Causes of Data Loss in Microsoft 365

by Feb 12, 2020Business Continuity

Microsoft guarantees a 99.9% uptime for its Microsoft 365 services, providing some peace of mind that your email, cloud apps and files will be available when you need them. But as any M365 user knows, that tiny 0.1% of potential downtime can translate into a nightmare when the service actually goes down.

In 2019, M365 suffered multiple outages, some of which lasted for days, hurting productivity at businesses around the globe. And those service outages are only the tip of the iceberg when you consider all the other ways that users lose access to their M365 data.

Beyond service outages, some of the most common causes of data loss in M365 include:

  • Accidental deletion
  • Overwritten data
  • Migration errors
  • Bad integrations
  • Malware
  • Malicious deletion

In this post, we look at each of these threats in greater detail to illustrate how they occur and to underscore the importance of deploying a third-party Microsoft 365 backup.

Built-in protection isn’t enough

A common misconception among users is that Microsoft 365 has its own backup capabilities to protect you from the scenarios below.

While it’s true that Microsoft does retain some deleted data via the Recycle Bin feature, this is only for a limited period. For example, for OneDrive or SharePoint content, depending on how the data is deleted, it enters a “first-stage” or “second-stage” Recycle Bin, where it’s retained for about 90 days before it’s permanently deleted.

Note that end users do not even have access to the second-stage Recycle Bin. It’s only visible to site collection admins.

For email, the retention period is even shorter. Once emails are deleted, they’re gone forever after 30 days.

End-user data loss is the end-user’s responsibility

Do not conflate M365’s retention policies with the data protection built into Microsoft’s infrastructure. In the event of a catastrophe on Microsoft’s end (for example, a data center being destroyed), you can bet on Microsoft being able to restore your data from its own backups.

But when data loss occurs on the user end, it is not Microsoft’s responsibility to retain that data—nor should it be. As with any SaaS provider, Microsoft’s responsibility is ensuring that the service is available and that user data is accessible.

When users delete data (for whatever the reason), M365 can only interpret those actions as being intentional. In that sense, the applications are working as designed. Microsoft cannot hold extra copies of everyone’s data forever with the assumption that deleted data was a mistake.

So, what actually causes data loss on the user end? Here are the most common scenarios:

1) Accidental deletion

Accidental deletion is the most common cause of data loss within Microsoft 365. Every day, at businesses around the globe, users inadvertently delete documents, emails, spreadsheets and other data within M365.

The loss could be a single deleted file or numerous shared folders. Either scenario can drain productivity and even disrupt your critical operations if the loss is great enough.

How does it happen?

  • A common scenario is an employee deleting a file or folder that they assumed was no longer needed. Only later do they realize their mistake, and by then it’s often too late.
  • In other scenarios, the files are not deleted intentionally whatsoever. Users simply click the wrong buttons without realizing it. Mobile interfaces have made this problem even more prevalent, as it has become easier to delete items with fewer taps.

Ultimately, this challenge is no different than accidental deletion of data that resides on your local servers. But in the case of local data, there’s usually a backup that can be restored. When it occurs in M365, that data could be gone for good if you aren’t independently backing up those accounts.

2) Overwritten data

While Microsoft 365 does offer version management in some of its applications, this alone is not enough to protect you against the risk of overwritten data.

When a user overwrites data in M365, the new data is saved over the old data, and the old data may not be recoverable.

How does it happen?

  • A simple example is data that is imported into a spreadsheet, replacing the original data in the cells. Version management does not cover every scenario, which means that if you need to revert back to the old data, there will be some cases in which you can’t get it back.
  • On a larger scale, entire folders can be overwritten by mistake. For example, this could happen when a user moves files to a different location or overwrites old folders. In either case, the original data could be gone for good if the user doesn’t catch their mistake quickly enough.

3) Migration errors

Any time you move a large set of data to a new location, you run the risk of data loss. This is another way that data can get overwritten, but actually several other things can go wrong too.

Any misconfiguration or misstep in the migration process can lead to data being inadvertently flushed down the drain.

Microsoft offers several tools and ample documentation on how to properly perform migrations within M365. (This alone tells you that Microsoft takes these risks seriously and fully understands how common migration data loss is.) But don’t assume that every user (or IT admin) will use these resources.

How does it happen?

  • A common scenario is manually migrating data from one M365 account to another (for example, after an employee leaves the company). Microsoft admits in its documentation that doing this manually “is a complicated and time-consuming process.” There’s ample room for mistakes that can lead to data being left behind or overwritten.
  • Similar errors can occur when large amounts of data need to be migrated out of Microsoft 365, whether for local storage, regulatory compliance, eDiscovery or other purposes. Whether using migration tools or doing it manually, relatively “small” errors can lead to big-time data loss.

4) Bad integrations

Integrating third-party apps with Microsoft 365 can help boost productivity and allow teams to work more efficiently. But there’s a caveat: any time you give an application access to your data, you expose your data to potential problems.

Bad integrations can cause data to be deleted, overwritten or lost. Sometimes it’s the fault of the user. Other times, it’s because the app itself is buggy. Regardless of who’s to blame, the data could be gone forever, unless there’s a backup.

How does it happen?

  • Poorly developed apps can wreak havoc on your Microsoft 365 data. Once you’ve granted permission for the app to edit or delete your files, anything goes. Bugs in the app could cause files to be inadvertently deleted en masse.
  • Even if there’s nothing wrong with the app itself, data can be lost if users misconfigure the integration.

5) Malware

Some Microsoft 365 data is just as susceptible to malware as your local files. This is particularly true for files stored in OneDrive.

Any infected files on a user’s computer may be synced to OneDrive, overwriting the clean versions. Again, if there’s no backup, you may not be able to get the original M365 data backup.

How does it happen?

  • Take ransomware, for example. A typical infection encrypts files on the user’s device, essentially making then unusable. If an entire synced folder has been encrypted, all of those encrypted files could be uploaded to OneDrive, replacing the previous versions.
  • Microsoft 365 does have some built-in protection against malware, but this does not guarantee that every infection will be detected.

6) Malicious deletion

You may not want to believe your employees are capable of intentionally deleting important files, but it happens more than you might think.

In a high-profile case from 2016, IT administrator Michael Thomas was charged with a felony for intentionally deleting a collection of files before leaving his job at a software firm. Prosecutors said Thomas deleted 615 backup files in an act of “sabotage.” He was found guilty of violating the Computer Fraud and Abuse Act and sentenced to time served, plus three years of supervised release and a $130,000 fine.

In a survey conducted by Aberdeen group, 7% of companies that had lost data in a SaaS application said that users maliciously deleted data.

How does it happen?

  • Imagine a scenario in which a disgruntled employee has been terminated under unfavorable conditions. If the employee still has access to SaaS applications, they may decide to purposely delete important data as a way to take vengeance on the company.
  • Inter-office conflicts could also result in one user sabotaging another, in the way of deleting a coworker’s work.

Malicious deletion may not be among the most common causes of data loss in M365, but it does happen and businesses need to take appropriate precautions.

In addition to M365 backups, businesses can mitigate risk by limiting users to only the shared folders and apps they need. Additionally, whenever an employee is leaving the company (particularly during terminations), their access to critical system should be removed immediately to prevent the chance of intentional deletion.

Choosing an Microsoft 365 backup

A third-party backup tool like Datto’s Backupify can provide dependable protection against the data-loss scenarios listed above.

Backupify backs up data within Microsoft 365 automatically, up to three times a day. That includes all data in Microsoft Exchange Online, OneDrive, SharePoint Online, Calendar and Contacts. Backups are stored in Datto’s geo-redundant cloud. When data loss occurs, files can be directly restored back to the user’s account or downloaded.

At a time when more and more businesses are using Microsoft 365 as part of their day-to-day operations, deploying an independent backup tool like Backupify is essential.

Learn more about Data Loss in Microsoft 365

For more information on Backupify for Microsoft 365, request a free demo or contact our business continuity experts at Invenio IT. Call (646) 395-1170 or email success@invenioIT.com.

New call-to-action