WIXLIB

White Paper Backup and RecoveryWhy OneDrive Does NotEqual Endpoint BackupSharing isn't Saving: The Truth About OneDriveAs enterprise productivity increasingly centers around cloud-based collaboration products, adangerous trend has emerged. In a misguided attempt to maximize their efficient use of suchDesigned withproducts, some companies are attempting to replace their dedicated data backup solution with anthe end in mind:enterprise-grade electronic file sync and share (EFSS) product like Microsoft OneDrive. For accessingCloud-basedfile sync andfiles and collaborating with colleagues in the cloud, Microsoft OneDrive continues to be a preferredplatform for many business users. But when it comes to backup and security for your data, relying onOneDrive leaves the enterprise exposed to disastrous risk. Designed to easily spread information,share solutionsOneDrive lacks the data security and administrative control features necessary to mitigate thelike Microsoftincreasing risk of insider threats and sophisticated cyberattacks. Built to enable real-time sharing ofOneDrive makeit easy for peoplea small subset of files, OneDrive fails to back up all enterprise data—and leaves a business unable toreliably and efficiently restore critical data in the event of a data loss incident. These inherent flawsgo beyond burdening the enterprise, presenting an unacceptable threat to business continuity.to share and editfiles, not recoverall their data.Troubling Trend:OneDrive as BackupOneDrive is Not Endpoint BackupToday, OneDrive and endpoint backup remain twoPreviously relegated to the shadow IT world,cloud-based productivity products—fromsuites to standalone apps—are surging into theenterprise mainstream. Microsoft says Office365 is the fastest-growing product in the historyof the company. With 40 percent year-overyear growth, Office 365 was projected to topthe 100 million-user mark early in 2017. Withinthis surge, businesses are officially adoptingOneDrive to drive collaborative productivity—leveraging “free” access to OneDrive offeredthrough Office 365. The increased visibilityof OneDrive tempts some businesses toconsider replacing dedicated backup solutionswith OneDrive in the name of efficiency.distinct solutions designed to deliver two distinctoutcomes. True enterprise endpoint backup is builtto cover all endpoint data—securing that data andenabling fast, reliable recovery. OneDrive, in contrast,is built to cover a specific, user-designated subsetof endpoint data—and to enable seamless sharingof that data. As Gartner concludes, “File sync andshare still can’t replace endpoint backup todaybecause of fundamental design goal differences.”1In fact, the very features and functionality thatdefine OneDrive become its greatest liabilitieswhen used in place of endpoint backup.

WHITE PAPER: BACKUP AND RECOVERYThe Limitsof “Free &Unlimited”StorageOneDrive vs. Endpoint BackupONEDRIVEENDPOINT BACKUPShare all filesShare some filesWhile OneDrive toutsfree, unlimited cloudAutomaticallyback up everyfile, every versionUserdependentuploadsstorage, the reality isthis storage is not builtfor a true enterpriseendpoint backup usecase. Without thedata deduplicationOpen sharingMaximum data securityand compressionfunctionalities ofConvenient,frictionlessaccessbackup, storage addsup quickly. In practice,Securesensitive andvaluable databusinesses will quicklyhit the hidden limits of“unlimited” storage—typically 1TB peruser—and be forcedFull user controlFull IT and InfoSecurity controlto pay for addedstorage capacity.Endpoint datavisibility andcontrolAnother problem ofdata backup withoutcollaborationdeduplication orcompression: in aperfect scenario, userswould be transmittingGoing backMoving files forwardall their files acrossthe network every 15minutes. Just imaginethe bandwidth burden.Real-time editingof most-currentversionRecoveringfiles quicklyand reliably2

WHITE PAPER: BACKUP AND RECOVERYWhere Do theFiles Go?Once an authorized userdownloads a shared file,IT loses visibility.The Disastrous Consequencesof Substituting OneDrivefor Endpoint Backup3.You Can’t Restore Data Reliably—or EfficientlyOneDrive is built for real-time editing andsyncing for collaborative productivity. But thisrelentless push forward is the opposite ofdata backup’s most critical functionality: theUnfortunately, many businesses are makingability to go back. This increases the risk ofthe misguided calculation that OneDrivedata loss from simple user error. For example,offers a “good enough” stand-in for endpointif an end user accidentally deletes a file frombackup. In doing so, a business opensthe shared space, it is deleted for all users.itself to a wide range of risks that can haveOneDrive has short recall windows—frompotentially disastrous consequences.days to a few weeks—so if the error isn’t1.OneDriveNO VISIBILITYdiscovered in time, the data is gone for good. Your Data isn’t Fully Backed UpAt the most basic level, OneDrive fails asWithout comprehensive backup, restores arebackup because it doesn’t automaticallylimited to files manually shared by users—cover all user data. That’s because ifand only the most recent versions, at that.OneDrive housed a user’s entire dataIn a total recovery situation—a lost or stolenstore, co-collaborators would have todevice, hardware failure or ransomware—thistediously search through folders todramatically increases the risk of permanentfind the relevant file. To ensure thatdata loss. Based on Gartner estimates, aonly the most relevant files are shared,2,500-employee business that lacks effectiveOneDrive makes file sharing entirelydata backup and recovery can expectmanual and user-dependent. But whiledata loss costs of 450,000 annually.3users only want to share some files,enterprises expect backup to coverFinally, because OneDrive isn’t built toall data—every file, every version.enable efficient data restores, restoringwhatever data was manually backed up is a2.Patching this gap with policy—time-consuming and costly process. Thererequiring users to back up all files tois no bulk or point-in-time system restoreOneDrive—is a poor approach. Ancapability—only file-by-file restores. This isenterprise data protection strategytedious in a single-user scenario; the burdencan’t hinge on human action—halfgrows exponentially for a large-scale restore,its purpose is to protect againstor when considered across the high volume oferror prone, unreliable users.restores annually in the typical large enterprise.User Productivity Suffers4.You Can’t Mitigate Insider ThreatsUser-dependent backup has another majorGiving users full control and prioritizingflaw: it impedes productivity. Considerfrictionless access and sharing is, in manythat Gartner recommends endpoint dataways, the exact opposite of prioritizing databackups every 15 minutes to mitigatesecurity. The more people with access to adata loss.2 In a “perfect” world of userfile, the more opportunities there are for thatcompliance, just imagine the productivityfile to be lost, stolen or corrupted. Becauseimpact of requiring users to stop whatOneDrive lacks the robust administrativethey’re doing to manually back up all theirfunctionality of dedicated endpoint backup,data to OneDrive—every 15 minutes.IT and InfoSecurity teams are left with little orno control over who can access, downloador share a file. Worse, without endpoint data3

WHITE PAPER: BACKUP AND RECOVERYvisibility, they have no idea what happens5.6. You Can’t Meet Compliance Requirementsto a file once it’s moved to a user’sThe managed encryption key issue is just oneendpoint. This opens the door to a wideof the compliance challenges of the OneDrive-range of insider threats, from maliciousas-backup approach. OneDrive also allowsdata theft and sharing to accidental leaks.external applications and third-party supportservices, such as content indexing, to accessYour Data is Highly Vulnerable to Attackunencrypted data—violating the data securityYet another elemental data security featureregulations governing many businesses.lacking from OneDrive: comprehensiveencryption. While OneDrive touts advancedOneDrive also does not allow their enterpriseencryption of the data stored in the sharedcustomers to choose where their data is stored,cloud, with it does not protect or encryptmaking it extremely difficult to comply with thethis data as it moves to and from the cloud.growing number of data residency regulations.This leaves enterprise data vulnerable toComplicating this issue, OneDrive offers localattack from outsiders, who no longer needstorage, but ultimately leverages a central datato hack into the secure cloud—they canrepository in a separate location. This meanssimply attack less-secure network channelsthat data that is initially stored locally may, atand intercept the unencrypted data.some point, be transmitted outside the regionor country, violating data residency regulations.Another problem with OneDriveencryption: with it does not enable theenterprise to manage its encryptionkeys. This limits enterprise datacontrol, opens the possibility of blindsubpoena and may conflict with datasecurity compliance requirements.Mapping Shared Drives to OneDrive is a Nightmare ScenarioAttempting to replicate a traditional,that currently source data from a shared driveon-premises shared-drive environment,continue to work.some businesses have tried mappingtheir shared drives to OneDrive. ThisThis not only creates a nightmare of IT timeapproach has proven extremely difficultand costs—it leaves a high likelihood of holesto implement. Migrating what can beor gaps in the mapping process. Moreover,years of data is complex, both from thethis approach still depends entirely on usersperspective of making sure only relevantto manually save all files and all versions—thefiles are migrated, and that applicationsmost fundamental flaw in effective data backup.4

WHITE PAPER: BACKUP AND RECOVERYThe Critical Differences ofTrue Endpoint Backupthat your backups are kept in an external, nonmapped or not synced storage,” and warn, “Wecannot guarantee that you will be able to recoverEnterprise technology experts and industryanalysts like Gartner agree that OneDriveshould never be used in place of a dedicatedendpoint backup solution. Even OneDrivewarns against this approach. Microsoft’s Office365 best practices note, “We recommendyour data.”4 Unlike OneDrive, true endpoint backupsolutions are built to provide IT with completedata visibility and—above all else—guaranteedata recovery in a wide range of scenarios. Theessential features and functionality of true endpointbackup solve critical business challenges.OneDrive Can’t Handle Enterprise Restore NeedsRANSOMWARE RECOVERYONEDRIVE Limited file recovery No point-in-time restore option Auto-sync spreads contaminatedfiles to other usersTedious, file-by-file manual restore ENDPOINT BACKUP Guaranteed file recovery Quarantine the system—execute a full point-in-time Never pay the ransomDATA MIGRATIONONEDRIVE Manual backup: IT burden,data loss risk File-by-file manual restore Doesn’t cover user profiles/device settingsENDPOINT BACKUP Automatic backup of all files User-driven, full systemrestore capability All user settings saved and migratedLEGAL HOLD E-DISCOVERYONEDRIVE ENDPOINT BACKUPEndpoint visibility limited to datastored in specified locationNo ability to lock down files notstored in specified location5 Complete endpoint visibility Preserve-in-place functionality