Microsoft 365 And G Suite Data Protection And Security: Your Must-Know Guide

Using Microsoft 365 or G Suite? Your data might not be safe. Bob McKay, Head of Managed Services and Infrastructure, explains how you can prevent data loss and improve security of SaaS cloud suites.

In 2020 we’ve seen a huge surge in businesses quickly adopting Software as a Service (SaaS) applications due to the necessity of remote working. This includes cloud office suites such as Microsoft 365 (previously known as Microsoft Office 365 until April 21st 2020) and Google’s G Suite.

According to Business Insider, as of April 2020, G Suite has 6 million paying customers, compared to 5 million in February 2019. Worldwide, the two main cloud suite technologies are G Suite (55.2% market share) and Microsoft 365 (38% market share).

However, while cloud suites do offer on-the-go productivity and connectivity, what they don’t offer is data protection, backups and recovery as standard. While you’re relying on people using their own devices, hardware and networks, having business data backed up has never been so important.

Simply being hosted in the cloud does not mean that data is completely protected. With the shared responsibility model, Microsoft/Google provides the security of the cloud, and you (or your support provider) provide the security in the cloud.​

The Shared Responsibility Model

An Example of the Shared Responsibility Model

Data protection responsibilities for Microsoft

The #1 Risk to Your SaaS Application

I can hear what you’re asking: a SaaS application is hosted in the cloud, it’s always available, accessible from anywhere, and highly redundant… so why is a backup needed?

The simple answer is that the cloud isn’t exempt from human error. In fact, human error is the top cause of data loss.

The ways your employees can be a risk to your data include the following:

  • Accidental and Malicious deletion
  • Data Overwriting/Sync Errors
  • Lost data due to cancelled user licenses
  • Data loss due to permanent deletion
  • Misconfigured application workflows
  • Successful ransomware attacks or malware damage

So how can you protect your business data in SaaS applications?

SaaS Protection

SaaS protection is your insurance against losing business data across G Suite and Microsoft 365. You are protected against accidental or malicious deletion, ransomware attacks, and other cloud data loss. A simple wrap up of what SaaS protection offers your business is data protection, backups and recovery.

In real terms what that means is you no longer have to worry about data loss. Control is shifted from users to the business, data is automatically backed up three times daily (or more if required), and it’s easy to reset systems if a cyber attack should happen.

SaaS protection covers the following apps:

O365 Backup

  • Exchange (including all email, calendar and contact data)
  • Tasks
  • OneDrive
  • SharePoint
  • Teams

G Suite Backup

  • Gmail
  • Calendar
  • Contacts

Why Do You Need to Protect SaaS Applications?

Take Back Control of Your Data

You place a lot of reliance on your users. However, one in three users have experienced data loss in the cloud. The most common cause: users simply deleting files or emails by accident.

SaaS protection shifts the control of critical business data back into the hands of the business – not the users.

Prevent Data Loss

Particularly in the current climate, with much more remote working than normal, internal threats and external attacks are on the rise. Without an independent backup you’re leaving your business’s data up to chance. You could lose data, time, and revenue.

Gain peace of mind with the knowledge that even malicious attacks can be “undone” by restoring a backup of cloud data.

Maintain employee data and effective user management

Don’t miss a beat when employees leave: easily move data from one user to another in the event of turnover or changing of roles.

Work confidently, knowing that all protected SaaS data can be restored in its original state directly back into the application, or exported to be used locally. You can avoid the frustrating manual work normally required, and save valuable time.

Ensure SaaS security and compliance

A lot of businesses find creating an audit trail of data, maintaining GDPR compliance, or maintaining a robust level of security long-term a really difficult task. I feel it’s important to highlight the three big ways that SaaS protection helps you to achieve these goals and meet security and compliance requirements.

  • Security and compliance: SaaS Protection backs up data in compliance with GDPR, Service Organisation Control (SOC 1/ SSAE 16 and SOC 2) reporting standards, and supports HIPAA compliance needs.
  • Custom Data Retention: Specify how long records should be maintained (days, years or infinite) to meet industry-specific compliance, as well as GDPR regulations.
  • Activity log: Maintain a detailed record of all administrator and user actions.

No more headaches over ensuring security and compliance.

What are the benefits?

There are five main benefits to choosing SaaS protection services, including the below.

  1. Gain Peace of Mind

It can be transformational when you remove the burden of stress from your shoulders. No more worrying about your data. It’s safe, protected – and even if disaster strikes, you’re backed up.

  2. Ensure Transferability

When an employee leaves your business, it can be a headache manually transferring data and trying to remember to swap all of their important data. With SaaS protection, if an employee leaves your business, you can easily transfer data, emails, files or sites from one user to another.

  3. Resolve Cloud Concerns

User error. Malicious activity. Application Outages. Normally terms that strike terror in any IT personnel. If you have SaaS protection, you have insurance against all of these disasters. Effortlessly restore critical emails or files.

  4.Recover From Ransomware

Imagine a cyber attack does happen. To another business, that means losing all of their data and then dealing with the embarrassment of losing reputation and usually a lot of money. With SaaS protection, quickly restore your user data to a moment before an attack occurred.

  5. Cut Costs

While SaaS protection is an investment, it’s also a cost saving activity and relatively quick to provision. When someone leaves your business, you can eliminate unnecessary licence fees for departed employees by storing SaaS data in a private cloud.


There are no two ways about it: in today’s risky cyber security climate, you need SaaS protection if you’re using Microsoft 365 or G Suite. You can’t (and shouldn’t be expected to) protect and backup data three times daily, ensure users don’t fall victim to cyber attacks – all while maintaining high levels of security and compliance.

Some investments are worth it not because they’re a nice-to-have but because they’re a need-to-have. And now is the time to choose SaaS protection, before you find out why you needed it.

If you want to take the next step towards implementing SaaS protection, we’re here to help you. We have dedicated teams of cyber security, modern workplace, and infrastructure experts all on hand to help you get started with securing your business data. Simply get in touch for a free consultation!


Have a question? Book a FREE consultation today

We understand there are many options to choose from and you want to make sure the tool you adopt is the right one for you. 

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Our News & Insights

View all articles