5 Most Common Reasons for Data Loss in Microsoft 365

Microsoft 365 (Office 365) is a widely used corporate tool with more than 200 million active users. There is a reason for that growth: as a fully self-sufficient platform, it covers all the possible needs of the corporate and individual users. You don’t need to install some risky third-party applications or extensions to perform some function – everything has been taken care of from the Microsoft 365 side. 

And yet, thinking of this platform as of some form of bulletproof data storage is a huge and, unfortunately, universal mistake. Many rookie IT administrators make the same mistake thinking that customizing Microsoft 365 will help them to secure that space from data losses and data breaches. Some of them might even ask a question: Why do I need to backup Office 365 if I have many inbuilt tools that protect data from loss? 

Unfortunately, Microsoft 365 clearly states in tier policy that the safety of your data lies entirely on your data owners’ shoulders. Microsoft won’t be held liable in case something happens to your data, and your company will have to deal with the consequences. 

To not let this happen, we prepared for you a list of the most common reasons that can lead to a data loss in your Microsoft 365 environment.

1. Accidental deletions

There are no doubts that Microsoft guys have done a great job trying to protect its environment from multiple threats, but it is still relatively helpless against the most common one – human mistake. Employees delete documents all the time. Many of them do so on purpose, thinking that this folder or that sheet is outdated or unnecessary. But most of the time, the deletion happens unintentionally. 

Deletions are especially damaging in the case when the user deletes a document or a folder that is shared with others. This deletion can undermine the work process for the entire department.

There are some tactics for Office 365 recover deleted items, but they won’t work unless you preset the settings. Also, these settings are limited and won’t let you to restore multiple files at once. 

2. Ransomware

As you may already know, ransomware is a type of malware – a malicious code that, when injected in your file by a threat actor, encrypts all the data in it and makes it an unreadable gibberish. To decrypt the file or folder, you need to pay a ransom to the hacker to obtain the decryption key for the specific type of ransomware. 

Even with all the security features that you can customize in the Microsoft 365 Security and Compliance center, your data is still at risk of being ransomed. Why? Because threat actors come up with new strains of ransomware every single day. Even the security guys from Microsoft simply can’t keep up with new ransomware strains to protect your files from every single ransomware out there. 

To provide your data with the needed level of ransomware protection, you need to backup your data regularly, using a professional cloud-to-cloud solution. Not only will backup service ensure that you’ll get your data back in case it is encrypted, but that you’ll get it quickly. The speed of the data restore is equally important since long downtime can be crippling for your company performance. 

3. Shadow IT

Shadow IT can be described as the usage of unauthorized software or hardware by employees within the corporate network or account. For example, an employee that is browsing the web and installing applications or extensions using their corporate Microsoft 365 account is a shadow IT. 

Shadow IT presents multiple risks for your company. It can lead to:

  • “Catching” malware like spyware, Trojans or ransomware
  • Unintentionally providing permissions and access to corporate data from their Microsoft 365 account and, therefore, exposing confidential information to cybercriminals

4. Password spraying (brute-force attacks)

Our password hygiene can still be called a ‘work in progress”. Many users still use pretty obvious passwords, or write them down on paper sticks and leave them exposed on their work desk. If not, they use browser password savers, that, if hacked, can expose corporate and financial data to criminals. 

But it is not the passwords only. Two-factor authentication also plays a huge role in protecting your Microsoft 365 from account hijacking due to weak or stolen passwords. And yet, many admins forget about this crucial layer of security.

It all can lead to account hijacking, which, if performed on the account with high privileges, can end badly for the whole company.  But it can be easily avoided if two0factor authentication is enabled and employees are obligated to create strong passwords.

5. Generous sharing permissions

We all share information every day with our colleagues, and there is nothing wrong with that. The problems start when this information is shared with outsiders (people outside of your domain and organization), or when users share sensitive and personal information. 

When the document with confidential data has unlimited sharing permissions, it can easily get in the wrong hands and be used as leverage. For example, a list of vendors and suppliers that can be shared with anyone will, most likely, end up being used to profit someone. 

The same is fair for sensitive information. You must have rules in place that forbid or restrict sharing this kind of information, or make sure you use encrypted communication channels.

Wrapping Up

Data loss prevention and data protection practices must be the core of your work because it plays a fundamental role in the Microsoft 365 data protection, as well is data protection for any other public cloud ecosystem. Also, inbuilt threat responses and alerts provide you with quite basic capabilities that still won’t be 100% reliable. While inherent Microsoft tools have come a long way, it is obvious that today organizations must put much more work into securing their Microsoft 365 environments.

Leave a comment