Creating a Complete Backup Strategy

We have a couple of client case studies we’d like to share as cautionary tales, as well as examples of why you must perform a regular review of your backup protocols.

We at BTS are big fans of Microsoft 365. You can find more information on the many tools and benefits here: Microsoft 365 from Burgess Technology Services

That being said, some business owners believe that Microsoft 365’s native backup feature is enough. It’s important to note that 365 backups, as a rule, are only kept for a limited number of days, depending on the scenario. The data in OneDrive and SharePoint are retained with a two-stages recycle bin and can be restored by yourself within 93 days. Besides the recycle bin you can also restore different versions of the file in SharePoint. Mailboxes are retained for 30 days by default and individual mailbox items can be restored within 14-days. You can increase this to 30 days was well. Microsoft also keeps a 14-day backup of your Office 365 data and a backup is created every 12-hours. In case of a ransomware attack, for example, you can ask Microsoft Support to restore a backup of the data. Keep in mind that Microsoft will perform a full restore of the mailbox or SharePoint site, so everything else will be overwritten.

None of these policies does anything to protect your data in the long-term or in unforeseen circumstances. We offer relevant real-world examples below.

Client Case Studies

  • One municipal client needed to go back almost a year to access a former employee’s mailbox as there was a belated suspicion of wrongdoing, and the employee had deleted their emails before departing. With cloud to cloud back-up, we were able to restore what was missing. We would not have been able to do this with 365 alone.
  • In another case, there was no suspicious activity, just a case of standard activity and assumptions. Our client asked us to deactivate an employee account after the employee left, disabling that particular license. Several months later, they realized that they needed access to documents which had been stored in that employee’s OneDrive. The Microsoft 365 backup was no longer an option, however, we had set the client up with a cloud backup solution, and were able to retrieve the files for them.


Here’s what we suggest for best-practice back-up protocols:

  • Maintain a 3rd party cloud backup, in addition to any onsite backup you choose to employ.
  • Allow a managed service provider to monitor said backup, and mitigate potential interruptions. (Backup set not running, machine not on)
  • Perform an annual review of your backup settings. Have file locations moved or been added? Do your backups adhere to industry regulations?
  • Perform regular restore tests, to prove the backups are functioning as intended.

Our team would be very pleased to offer a conversation to explain how you can best be prepared for disaster recovery and data integrity for your business. Give us a call or email to arrange a chat with one of our Managed IT experts.


Mike Dorr, President

Mike began as a Burgess network engineer in 1998. He later spent 3 years as Five County Credit Union’s Director of IT before returning as an owner in 2006. He lives in Bath with his wife and children and is an active member of Big Brothers Big Sisters.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *