How to set up Microsoft Office 365 backup policies

As users in your organization work on their projects, they generate more and more data you probably want to protect. Microsoft provides a few tools to prevent data loss. One of these is Office 365 backup policies. In this article we will take a closer look at Microsoft Office 365 backup policies explaining how to set them up or how they can be used to reduce the probability of Office 365 data loss. Let’s start!

What are Microsoft Office 365 backup policies?

Long story short: Office 365 backup policies define where Microsoft’s responsibilities regarding data protection and backup ends, and where yours begins. 

Microsoft is responsible for:

  • Hardware failure
  • Server-side software failure
  • Data center power outage 
  • Natural disasters

As you can see, this list is pretty short and it refers mainly to infrastructure-related threats. Looking at this from another angle, we can rephrase this list and we can see that Microsoft is responsible for protecting a network, hardware, virtualization, OS, and application. 

Regarding to these policies you, as a customer, are responsible for:

  • Human errors
  • User-side software errors
  • Malware attacks
  • Hacker attacks
  • Malicious insiders

in short: users, data, and App Admin should be your concerns and remain under your control, protection, and responsibility. 

Microsoft ensures that they meet their policies by replicating your data across at least two, geographically independent data centers. This solution provides availability and recoverability of data in case of any event of failure on Microsoft side. However, it does not protect deleted emails or mailbox accounts. 

Retention – a crucial part of Office 365 backup policies

Office 365 backup policies as a feature in Microsoft 365 allows IT administrators to set up and configure policies that affect how data is protected. The main part of Office 365 backup policies is the retention policy. Retention policy determines how long data is retained and how long after deletion it’s possible to recover. Default retention policy settings vary between Office 365 applications. 

Exchange Online has a default 30-days retention period for deleted mailboxes. Deleted individual items can be recovered for up to 14 days, but this period can be manually increased to 30 days maximally.

In OneDrive by default, deleted files and deleted accounts are retained for 30 days. However, this period can be changed in OneDrive storage settings by administrators.

In SharePoint Online by default, data is backed up every 12 hours and retained for 2 weeks – exactly 14 days. Deleted items land and are kept in the recycle bin for 93 days – after that time they are deleted permanently and we name it hard deletion. 

Apart from Exchange, OneDrive and SharePoint you can apply retention policies to many of Microsoft 365 applications, including Microsoft 365 groups, Skype for business, Exchange public folders, Teams chats or Teams channel messages.

Setting up a retention policy you can set the time period for how long you want to retain deleted or changed by users’ files. In this time you are able to recover those files. After this set period ends, your files are deleted permanently. That is why you should not think of Office 365 backup policies as an alternative for an Office 365 data backup – you should definitely have an additional layer of your Microsoft 365 data protection.

Office 365 Backup Policy – setting up Retention Tags

Your first step to creating Office 365 Retention policy is to set up retention tags. Retention tags are applied to folders or even individual items like emails. Those tags influence how long items are retained, and what to do with them after the set period ends.

Microsoft provides users with some predefined retention tags, but you might need to create one depending on your organizations’ needs.

Now  I’m going to show you how to set up retention tags using Exchange Online as an example.

The first thing you need to do is log into the Office 365 admin account of your organization. Open the Office 365 admin portal and open all admin centers. If you can’t find it under this link:

https://admin.microsoft.com/AdminPortal/Home#/alladmincenters

Then select Exchange

Using the navigation pane (on the left side of the screen) go to Compliance Manager, from the tabs on top of the screen choose Retention Tags, and then select Add (Plus sign).

You can choose from one of the 3 options available:

  • Applied automatically to entire mailbox (default) 
  • Applied automatically to a specific folder 
  • Applied by users to items and folders (Personal) – this tag will allow users to create personal tags, allowing setting archive or deletion settings to folders or emails, different from settings applied by an administrator to the parent folder or entire mailbox.

In this case, we will choose Applied by users to items and folders (personal), New window will open, where you will need to set up the Name for the tag, I will name this tag: “Retention Tag 01”.

You will also need to set Retention Action specifying what will happen to an item after the retention period ends. I will choose “Permanently Delete”.

The last thing you need to do is set the Retention Period, you can choose to never archive items, or adjust the number of days for how long items should be retained before being moved or deleted. I will set a 365-days retention period.

You can also leave a comment, which won’t be displayed to users.

After you click the Save button, you will return to the Retention Tags tab, where the tag we created will be displayed.

Setting up Office 365 retention policies

Now we are going to create a new Retention Policy using the tag we just created.

Go to the Compliance Manager and now choose the Retention Policies tab.

Here you can add new Retention Policies or manage existing ones. By default, there is “Default MRM Policy” which applies to user accounts. When a new user is added to your organization, MRM Policy is added automatically to that account.

Let’s add a new Retention Policy. Click the “plus” icon to create one. 

A new tab in your browser will open. Enter the Name for your policy, for example, “Retention Policy 01”. Click “+” to add retention tags to your policy.

A new window will open, with a list of defined retention tags, clicking on any will show a detailed description of one. Here you will also see the tag we created earlier.

Let’s add it, and also add tags named “Junk mail” and “Never Delete”. You can add tags, by clicking the “add ->” button. After you choose your desired tags, click “OK”. 

Now tags we added will be displayed in a list. If you include all the needed tags, click save.

Are Office 365 backup policies enough?

Now you know how to add, edit, and manage Microsoft 365 Retention Policies, Retention Tags. You can set them up to fit your organization needs and help you recover deleted files. However, even the best configuration of Office 365 data policies shouldn’t be considered as a proper Microsoft 365 backup. 

Using a third-party backup solution like Xopero Microsoft 365 Backup provides a wide range of technologies and features to make sure your data is protected and recoverable anytime you need from every moment in time. 

Xopero ensures data protection offering following features: 

  • Central, user-friendly management #1 – simple, the most intuitive central management web console. Thanks to the most user-friendly interface setting up efficient backup and recovering data are the simplest ever. 
  • Protect your Microsoft 365 data in minutes – add your organization, choose users and data to protect, storage (on-premise or cloud) and submit it to predefined or customized backup plan.
  • Unlimited retention – Store your data as long as you need and take advantage of multiple backup rotation schemes – FIFO, Grandfather-Father-Son, Forever Incremental – choose yours.
  • Granular recovery – fast, and point-in-time recovery of all or only selected types of data – folders, mailboxes, documents or even particular emails.
  • Cross-user recovery – Restore protected data to the original user destination or choose a different one from your Microsoft 365 suite

and much more…

Learn more