Understanding Cloud-based Security Issues
While Microsoft offers the highest form of security and protection there are still limits to what they can do to protect your data. Here is what Microsoft cannot protect against:
1. User Error
Think of user error as the “deadly oops” – a simple, honest mistake with disastrous consequences.
User error falls into two general types: accidentally deleting information, or intentionally deleting data (thinking you don’t need) only to need it later.
This is the risk we see most frequently at Integrity, accidental deletions that have been deleted for so long they can’t be recovered from deleted items.
2. There’s a security breach
A security breach occurs anytime an unwanted person gains access to your Office 365 account. If anyone other than one of your end users signs into one of your Office 365 accounts, that’s a security breach.
If a hacker obtains an account password, he or she can effectively corrupt (Encrypt) or delete all the data in that account.
This is the most disastrous incident as frequently malicious parties have the skills to do more damage than a normal user is aware is possible
3. You Have A Rogue Employee
Microsoft can’t distinguish between “good” employees and “bad” any more than it can distinguish between intentional or accidental commands. If someone with legitimate access to your Office 365 data wants to do it harm, there’s nothing Microsoft can do to stop it.
This means right before someone quits they can start deleting everything they can get their hands on. This could mean all the files in SharePoint they have access to or all the emails in their inbox.
Here is Microsoft’s official statement about client data.
We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We (Microsoft) recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.