Close this search box.

Microsoft 365 Data Protection Made Better with AI-infused Solutions

Microsoft 365 represents a software-as-a-service (SaaS) that often gets used by ransomware to enter organizations. This has prompted Microsoft to introduce security and backup services within Microsoft 365 to help organizations recover from these attacks. However, Microsoft only provides some backup and security services to protect Microsoft 365 against ransomware. This leaves openings for AI-infused solutions such as SpinOne to better protect Microsoft 365.

The Age of Denial: It’s Officially Over

Until recently businesses could try to live in denial about their chances of being affected by ransomware. For better or worse, a recent Verizon report officially brought this age of denial to an end. Among its findings, it found that ransomware does not discriminate and has become ubiquitous affecting all size businesses about equally.

In creating this report, Verizon examined over 16,000 actual, real-world incidents and over 5,000 data breaches. These occurred in 2023 across businesses in all industries. Businesses in every industry—educational, financial, food services, government, healthcare, information, insurance, manufacturing, mining, and technology—experienced these events.

The report further found that both small and medium businesses (SMBs) and large organizations increasingly get attacked in the same way. Due to different size organizations now using similar services and infrastructure, their attack surfaces closely resemble one another. This has led to hackers using the same attack vectors since they work equally well on all businesses.

Across them, email remains the most common attack vector by which ransomware enters businesses. Verizon found that business email compromise doubled across its entire dataset from 2022 to 2023. This increase in the use of email for attacks comes despite the number of ransomware attacks not growing statistically from 2022 to 2023.

This puts services such as Microsoft 365 in the spotlight. Microsoft 365 commands a 30 percent share of office productivity software worldwide and 44 percent of the US market share. As a result, ransomware targets data stored in Microsoft 365’s OneDrive, Outlook, SharePoint, and Teams in its attacks. Protecting data stored in these applications from ransomware dictates that businesses employ the appropriate solutions now.

Microsoft’s Data Protection Offerings

Businesses may logically first look to and expect Microsoft to protect any data they store in Microsoft 365. In response, Microsoft has taken multiple steps to meet this growing business expectation.

To ensure high levels of application and data availability and security, Microsoft hosts Microsoft 365 in Microsoft Azure. Hosted there, businesses gain access to its physically secured data centers that offer high levels of availability and redundancy. Microsoft also provides multiple cybersecurity tools. These include a cyber secure perimeter with firewalls, antivirus software, and multiple tools for monitoring and detecting cyber threats.

Microsoft 365’s available cybersecurity tools now include Microsoft Defender. Defender prevents ransomware by detecting and disrupting attacks within Microsoft 365 itself. It works across multiple Microsoft 365 components to include Exchange and Teams and offers built-in automation to reverse malicious activities.

Finally, Microsoft plans to introduce its own Microsoft 365 Backup solution sometime in 2024. While still in preview, organizations may soon access and use it as part of the Microsoft 365 Admin Center under Settings. Using this option, they can perform backups and restores of Exchange, OneDrive, and SharePoint data.

Microsoft’s Stated Position on Data Protection

Before any businesses decide they do not need any additional data protection software, Microsoft’s published position contradicts that conclusion. Microsoft adheres to a shared responsibility model that encompasses protecting data hosted in any Microsoft service.

Since Microsoft 365 is a software-as-a-service (SaaS) and available from Microsoft, it falls under Microsoft’s shared responsibility model. In this model, Microsoft only assumes responsibility for delivering its Microsoft 365 service and maintaining its availability. Further, Microsoft assumes no responsibility for data stored by businesses in Microsoft 365. Rather, it clearly states businesses always retain responsibility for their data.

Microsoft recommends that businesses regularly back up data that they host with Microsoft. The Service Availability section of the Microsoft Server Agreement includes some cautionary notes about Microsoft’s cloud services, which include Microsoft 365.

It highlights how no Microsoft cloud services come with guaranteed levels of service and may suffer occasional disruptions and outages. It then recommends businesses use third-party applications and services to back up data stored in its cloud services.

This recommendation from Microsoft should prompt businesses to recognize that Microsoft may not meet all their data protection needs, even with its forthcoming Microsoft 365 Backup offering. If anything, businesses should heed Microsoft’s prompting to use a third-party backup application to back up their Microsoft 365 data.

Two Factors that Influence the Buying Decision

The question for many businesses then becomes, “Which third-party application should they use to back up and protect the data they host in Microsoft 365?” The answer to this question for each business somewhat hinges on two factors:

  • The Microsoft 365 services, or components, that each business uses. To select a third-party backup solution, businesses must first quantify the Microsoft 365 services that they use. While the answer to this question may sound simple on the surface, it can become complex. Businesses cannot assume every backup application will fully protect all their data across Microsoft 365’s four core services. Further, the level of protection for each core service can vary significantly by provider.
  • The data protection that the third-party application provides for data stored in Microsoft 365. Solely evaluating third-party Microsoft 365 backup applications on their backup capabilities no longer represents the optimal approach to selecting a product. Restoring Microsoft 365 data presents a potentially larger challenge than businesses may realize. This issue primarily surfaces when businesses need to back up or restore large amounts of data from or into Microsoft 365. This makes it incumbent upon businesses to take steps to avoid data loss in the first place. To achieve this objective requires using a third-party backup application that protects data while it still resides in Microsoft 365. This requires the backup application to actively monitor Microsoft 365 for activities that contribute to data corruption or loss.

The Need for Artificial Intelligence in Third-party Microsoft 365 Backup Solutions

AdobeStock AI Lock 659423790Performing these functions requires third-party Microsoft 365 backup solutions to include artificial intelligence (AI) as a core capability. The backup application will still perform backups and restores of Microsoft 365 data. However, the backup application’s AI feature should constantly monitor the business’ data hosted in Microsoft 365.

In this role, it looks for any suspicious activity with respect to the business’ data. For instance, it may monitor large or unexpected amounts of read activity on Microsoft 365 data. Since over 90 percent of ransomware events start with data exfiltration, this may indicate an attack has begun.

It may also monitor for large or unusual data changes or deletions in Microsoft 365. While the activity may be appropriate, it may alternatively indicate the start of a ransomware attack. It may also indicate an intruder has hijacked or obtained user credentials to access Microsoft 365.

Microsoft 365 Data Protection Made Better with AI-infused Solutions

Living in denial about either ransomware’s pervasiveness or a business’ reliance upon Microsoft 365’s continuous availability comes with significant risks. Any downtime of Microsoft 365 for whatever reason minimally impacts business operations and often results in lost productivity and sales.

Microsoft publicly acknowledges that businesses need to look to third parties to address certain needs. Obtaining a third-party backup application that backs up, restores, and protects Microsoft 365 data represents one of those needs.

SpinOne’s AI-infused data protection SaaS represents such a solution that meets these needs. Spin.AI offers a three-pronged approach to Microsoft 365 data protection that does more than protect Microsoft 365 data. It represents the new standard by which all businesses should measure third-party backup applications. In so doing, businesses maximize their investment in Microsoft 365 while having the confidence that any data they store in it remains safe from a ransomware attack.


To be notified of new DCIG articles, reports, and webinars, sign up for DCIG’s free weekly Newsletter.

To learn about DCIG’s future research and publications, see the DCIG Editorial Calendar.

Technology providers interested in licensing DCIG TOP 5 reports or having DCIG produce custom reports, please contact DCIG for more information.


This blog entry was excerpted from the following DCIG Technology Report available for download on this trusted third-party link.

Spin.AI is a client of DCIG.


Click Here to Signup for the DCIG Newsletter!


DCIG Newsletter Signup

Thank you for your interest in DCIG research and analysis.

Please sign up for the free DCIG Newsletter to have new analysis delivered to your inbox each week.