Who protects your data?
Microsoft takes care of the cloud. Your data is on you.
The Microsoft 365 agreement calls this Shared Responsibility. It is worth seeing, side by side, what each side actually takes on.
What Microsoft takes on
- ✓Keeping the global infrastructure running
- ✓Service availability, day after day
- ✓Replicating data between data centers
- ✓A short-term recovery bin, with limits
What stays yours
- ▲Full data retention, short and long term
- ▲Recovering what was deleted by mistake
- ▲Recovering what an employee deleted on purpose
- ▲Coming back from ransomware or a compromised account
- ▲Meeting an audit and defending the company in a lawsuit
Microsoft 365 native retention holds 30 to 90 days depending on the type of data, and a compromised administrator can shorten that window. Independent backup of Microsoft 365 is mandatory, not optional.
Six myths that cost dearly
What most people believe, and what actually happens.
“Microsoft backs up everything.”
The truth: Microsoft delivers the service, but takes no responsibility for recovering what is deleted, on purpose or by mistake, nor what ransomware takes.
“My IT provider can recover anything.”
The truth: Without an independent Microsoft 365 backup, not even the best team recovers an email deleted more than 90 days ago, or the account of someone who left more than 30 days ago.
“My employees would never hurt me.”
The truth: Most loss is accidental, but a disgruntled employee can delete data on purpose. In 2020, the U.S. Department of Justice arrested a former employee of a medical supply company who logged in with a fake account and deleted thousands of records.
“Backup is too expensive.”
The truth: It costs a few dollars per user per month, with no hardware to maintain, and it pays for itself on the first incident.
“Data is more exposed in the cloud.”
The truth: Data that is isolated and immutable in the cloud is safer than on a laptop or server, which can be lost, stolen or encrypted.
“It is hard to use.”
The truth: Zamak installs and manages it for you. What you get is the peace of mind of knowing that, if you ever need it, it comes back.
Do you recognize any of these?
The moments only an independent backup survives.
It is not about whether it will happen. It is about the day it does, and who manages to come back.
Needing to recover a file someone deleted on purpose.
Looking for a file deleted more than 90 days ago and finding it is already gone.
Recovering the mailbox and files of an employee who left more than 30 days ago.
Restoring emails or accounts someone deleted in bad faith.
Ransomware freezes access to all of your data.
An intruder takes over Outlook and sends emails in your employees' names.
What you think is protected
Four Microsoft 365 doors that look closed.
Each Microsoft 365 service holds a different kind of critical information, and they all share the same short retention window. See what each one holds and what happens when something is lost.
Emails, attachments, entire mailboxes, calendars, contacts and tasks.
30 to 90 days
A deleted email, the full mailbox of someone who left, or attachments encrypted by ransomware do not come back once the native window expires.
Each employee's personal files and folders, synced to their computer.
30 to 90 days
Ransomware that encrypts the machine syncs the encrypted version to the cloud, and a mass deletion takes everything once the short retention ends.
Document libraries, team sites, folder structure and permissions.
30 to 90 days
A deleted library, an altered permission structure or a removed site take with them the history the whole team relies on.
Teams, channels (including private), conversations, files and settings.
30 to 90 days
Decision threads, channel files and even entire channels vanish when a team is deleted or a bad actor wipes the record.
And Google Workspace?
The same logic applies to Gmail and Google Drive: Google keeps the service running, but recovering a deleted item depends on a limited window. Independent backup of Google Workspace is on the Cove roadmap and becomes part of the offering once N-able releases it.
Your exposure in one minute
Check what your company uses.
No sensitive data, no install. You check the services and the context, and the map reveals where your recovery has an expiration date.
The longer the use, the more data already sits outside the retention window.
Get the full map
Where do we send your exposure map?
You receive the full report by email: the table by service, the reading for your sector and the path to close the gap. No commitment.
Why now
The 90-day window is running while you read this.
Native retention does not wait. Anything deleted more than ninety days ago, with no independent copy, is already out of reach. There is no undo button once the window expires.
The longer your company uses Microsoft 365, the more history already sits beyond that window: contracts, decision threads, records you will only look for on the day you need them.
The answer
A copy the attack cannot reach.
Zamak protects your Microsoft 365 with Cove Data Protection by N-able: an independent backup, isolated from your network and impossible to alter, that recovers what falls outside the native retention window.
Isolated, immutable copies
The copies sit outside your network and cannot be altered or deleted, not even by a compromised administrator. An attack on your network is not an attack on your backups.
Retention up to 7 years
In place of the 30 to 90 day window, you keep the history for as long as your sector and your contracts require.
Granular restore
From a single email to the whole mailbox, from one file to a SharePoint library, without restoring everything to find one thing.
Verified recovery
The copies go through automated recovery testing with artificial intelligence, so recovery stops being a hope and becomes evidence.
Fifteen years serving companies that cannot stop. Microsoft Solutions Partner and Addee Elite Group, operating on infrastructure certified ISO 27001, HIPAA, PCI-DSS and SOC 2 Type II (the Cove data center, by N-able).
Frequently asked
What people ask about Microsoft 365 backup.
Do not wait for the incident
You can close the gap today, or face it the day you lose the data.
The exposure map shows where your recovery has an expiration date. The next step is to close that gap before it sends the bill.
See Microsoft 365 backup
Meet Cove M365 Backup: isolated, immutable copies and verified recovery.
See the solutionTalk to a specialist
Review your exposure with Zamak and design the protection of your Microsoft 365.
Book a callDemonstration reading generated from your answers. The full fit is work conducted by Zamak when the service is engaged.