Do you use Software as a Service? Does your SaaS provider offer a full suite of data protection and compliance archiving? What if you choose to exit one SaaS platform and move to another, how will you fulfill your data governance requirements? Will you have to pay for the old platform just to keep access to your older archives? I feel like compliance and archiving will make SaaS platforms a new type of Hotel California, where you must still pay for the older platform even after you move to a new one. The only way I can see to avoid this is to integrate your SaaS data protection with your other data protection activities. Theresa Miller has some thoughts on the same issue in her post about the real world need for data protection with Office 365.
Disclosure: This post is part of my work with Cohesity.
The trigger for thinking about SaaS data protection was having a play with Cohesity’s ability to protect your Office 365 data. I made a video of the process to protect an Office 365 environment and then recover an accidentally deleted folder from my mailbox. Now I’m going to walk through most of that process in this post.
The first step is to make sure your Office 365 administrator account has sufficient rights to backup the mailboxes. I used the same Cohesity Access admin role name as Chris Colotti used in his setup blog post. This new role needs to have just five pre-existing roles grouped together and only the Office 365 admin account as a member.
Once the security is in place on Office 365, you can register an Office 365 source on your Cohesity cluster by entering a username and password for that administrator account. If the security change hasn’t replicated to all of the Office 365 servers then you will get an authentication error, give it fifteen minutes to be sure and try again.
Once Office 365 is set up as a source, you can add a protection job. Name the job, choose the source and the items within that source, then choose the protection policy and storage domain for the backups. I chose to protect my entire Office 365 organization using the Silver policy.
As with all protection jobs, the first run will be a full backup and will take a while. Subsequent protection job runs will be incremental and so will complete much quicker.
Now that we have protected our Office 365 data we could just walk away as if the job was done, but we all know that restores are the real point, so we had better recover something. When you restore an Office 365 resource you can choose whether to restore a whole mailbox or choose individual items. The mailbox restore searches by user name and backup point. I didn’t do a full mailbox restore as this is my live email.
I did delete a folder named _DestroyMe which contained a few emails from my mailbox after the protection job completed. A quick search for the file names or the folder name showed me the folder and the items and allowed me to restore to their original location. Restoring the folder object did not restore the emails within the folder.
I found protection easy to configure and while the initial backup took well over an hour the subsequent incremental backups take only a couple of minutes for my small Office 365 environment. Restores were easy and the restored items showed up almost immediately in Outlook on my laptop.
© 2019, Alastair. All rights reserved.