Malicious or accidental deletion of content and the digital Intellectual property has always been a major concern for the organizations. On-premises this has always been mitigated with regular backups, meticulously performed and managed by an IT Department. In SharePoint Online and Office 365, the situation is a bit different and somewhat challenging. The content is no longer stored exclusively in shared drives and folders or Exchange mailboxes. Instead, it is spread among hundreds of SharePoint sites and document libraries, OneDrive for Business and other Office 365 properties like Planner, Yammer, Office 365 Groups, and Teams. Moreover, your content resides in the Microsoft Data Center, so you do not have access to any servers/hardware.
There is a handful of companies out there that do offer some Office 365 backup and restore software. Since I am not a backup expert, with this post, I would like to provide alternatives to SharePoint Online backup that you might consider for your organization instead of traditional “tape” backups.
Administrator’s Recycle Bin
You do have a simple and robust backup solution available in SharePoint Online for 90 days – it is called the Recycle Bin. Everything users delete, ends up in there (documents, tasks, calendar events, folders, lists, libraries and even complete sites). Moreover, even when users empty their recycle bins, the stuff is transferred to the secondary stage recycle bin, accessible only by the SharePoint Administrator. The grace period for all content is 90 days – this is how much you have to restore it back to the original location.
While the Recycle bin can not be compared to traditional backup solutions, this is your first line of defense and relatively simple to use. It can also be monitored regularly.
Security & Permissions
To minimize the potential loss of data, you should map out the proper security and permissions and follow best practices and guidelines. It is always wise to assign as minimum permissions as possible for each user on a given site. If all your users need it the ability to view data, do not give them Contribute privileges. If all they need is the ability to edit documents, do not give them Full Control (trust me, I have seen a share of those!).
External sharing is another aspect that needs to be taken seriously. From proper information architecture to external user setup – make sure you do not end of with the situation where non-employees will get their hands on the stuff they don’t need to see or edit.
If you are worried about users deleting certain content from sites, you can disable deletions via Permissions. Out of the box, you do not have a permission level that would allow users to add and edit, but not delete, but you can always create a custom one.
Having certain policies, rules and regulations in place will sure minimize inadvertent issues with your content. Governance plan, committee and governance document by itself are a great step to outline and solidify the expected guidelines and behavior related to SharePoint and Office 365 application. Check out this post for more information and different components of the governance.
Say what you want about training, but I bet that most of accidental deletions and loss of data occur due to poor understanding of the technology and features by the employees. Proper education and training are not only a great investment by the organizations but can also help prevent more serious issues like loss of intellectual property. Read more about training here.
Retention Policies/Records Management
Deletions and loss of content can also be mitigated via proper implementation of Retention Policies and Records Management. I describe how retention policies work here, but essentially what records management in a nutshell means is that you can designate certain content as records in SharePoint, which in turn will prevent deletions of such content (when documents are declared as records manually or via policies).
Alerts can be a real simple way to be notified about deletions and act accordingly. They might not be practical to set up on all the document libraries and lists, but could be great for those super important document management systems.
It is not always the case that you need to restore a deleted file, but rather restore a previous version of it, in case inadvertent changes were made by your colleagues. In such cases, versioning is your best friend. You can easily restore a previous version of the file or an item. Moreover, this could be done by any of the end users themselves, no need to email an IT administrator. Versioning is automatically enabled for all document libraries in SharePoint Online and needs to be manually set for other lists.
Lastly, if you need to keep an eye on certain files or employees, you have all the power with pretty robust Office 365 audit reporting (part of Office 365 Security & Compliance Center). You can easily see and monitor employee activities, file access, and deletions. And, you can also set up alerts as well, to be notified of certain activities. I describe the Audit Log functionality in greater detail here.