Enterprise class, automated Office 365 backup and recovery that you can trust for Mail, Calendar, Contacts, OneDrive, and SharePoint.
 |  |  |  |  |
Protect your organization’s Office 365 and SharePoint data
with purpose-built, cloud native backup and recovery for Microsoft Office 365 from Spanning Backup. Spanning provides powerful, yet easy-to-use capabilities for administrators and end-users. It’s all protected with industry leading privacy, security and compliance.
Trusted by more than 1.4 million users.
Utilize the immutable audit log for a transparent, actionable report of each and every Office 365 backup. Admins are given clear, comprehensive insight into the state of all backup and restore activities, which can be viewed directly within the application. In addition, admins can opt-in to receiving daily backup status reports via email to keep them informed of backup health across their tenant. If there’s ever a problem backing up your content, Spanning will provide detailed information on the error, as well as ways to fix it.
$48 /user / year volume pricing available
Backup
Restore
Administration & Reporting
Volume pricing available
** SharePoint protection requires 90% user coverage
The following are frequently asked questions about Office 365 backup, Office 365 data retention policies and data recovery options within Office 365:
Office 365 backs up data on a regular basis as part of a commitment to data protection activities that generally support disaster recovery situations and keep your data accessible in accordance to their uptime SLA (99.9%). However, your organization remains ultimately responsible for your data protection as these backups are not available to administrators or end users and are not intended for aiding in the quick and easy restoration of lost data. While it is possible to recover lost data via Office 365’s backups, the process will often prove tedious, costly, and detrimental to business continuity.
Office 365 retention policies and capabilities are varied across its numerous services and tend to change with some frequency. While each service comes with a default, retention policies can be customized by administrators and are often used by organizations to manage and govern their data by establishing a preferred schedule of retaining and deleting content. This practice, however, does little to absolve organizations from their data protection obligations.
Retention policies can be applied in a variety of manners depending on the retention and deletion needs of an organization. They can be set to apply across an entire tenant or configured to affect only certain users and/or locations. Similarly, policies can be applied across all content types or restricted to content meeting specified conditions. For more detailed information on Office 365 retention policies and how to manage them, please see Microsoft’s overview of retention policies.
The default retention setting for all messages and folders within Office 365 is “Never Delete”. As such, Office 365 emails and the contents of which should remain accessible unless acted upon by the user or systematically deleted via custom retention policy. In other words, Microsoft Office 365 has no stated policy of deleting emails automatically once they reach a certain age.
In the event that an email is deleted, it is first moved to the Deleted Items folder, which also has an unlimited retention setting. Items can be manually restored by the end user from the Deleted Items folder. If an item is deleted from this folder it moves to the Recoverable Items folder, which has a retention period of 14 days (admins can extend this period to a maximum of 30 days). Users and admins can recover items from this folder one at a time via a process known as Single Item Recovery. Once an item exceeds the retention period or is further deleted, it is moved to the Purge Folder.
Emails that have reached the Purge Folder will be retained for a maximum of 14 days. From here, only admins are able to use the Single Item Recovery feature to recover items for their end users. Once the 14-day retention period expires, items are permanently deleted from the tenant and become unrecoverable if a backup solution is not in place.
Office 365 accounts are generally rendered inactive in the wake of an employee’s departure or extended absence from an organization. An admin will often choose to remove this account in which case the user’s data and account become restorable for a 30-day period before it is permanently deleted. In order to avoid critical data loss, the admin should consider what they want to do with the license moving forward and how they would like to deal with the departed user’s OneDrive and email content before deleting the user (removing the account) from the organization. To learn more, read Microsoft’s advice on deleting a user from your organization.
If an Office 365 user account is deleted from a tenant there is a 30-day window to restore the account and all associated data. This 30-day period in known as the “soft deleted” state and there is a documented process (dependent on the manner of deletion) by which an admin may fully recover the user account. Once this 30-day retention period expires, the account is permanently deleted (hard deleted) and cannot be recovered if a backup and recovery solution is not in place.
Microsoft has taken extensive measures to alleviate the risks of data loss within Office 365 and has put safeguards in place to ensure your data’s safety from any fault on their behalf. However, they cannot protect you from the actions of your users and threats beyond their control that constitute the majority of data loss events.
Even with an SLA that promises to keep your data accessible 99.9% of the time, they make no guarantee that their services are immune from disruption and “recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.” The bottom line is that the safety of your Office 365 data is your responsibility and Microsoft alone cannot defend you from data loss.
