Microsoft has taken extensive measures to alleviate the risks of data loss within Microsoft Office 365 and has put safeguards in place to ensure your data’s safety from any fault on their behalf. However, they cannot protect you from the actions of your users and threats beyond their control that constitute the majority of data loss events.

Even with an SLA that promises to keep your data accessible 99.9% of the time, they make no guarantee that their services are immune from disruption, and “recommend that you regularly back up Your Content and Data that you store on the Services or store using Third-Party Apps and Services.”

The bottom line is that the safety of your Microsoft Office 365 data is your responsibility and Microsoft alone cannot defend you from data loss. 

Microsoft Office 365 backs up data on a regular basis as part of a commitment to data protection that generally supports disaster recovery situations and keeps your data accessible in accordance with their uptime SLA (99.9%).

However, your organization remains ultimately responsible for your data protection as these backups are not available to administrators or end users and are not intended for aiding in the quick and easy restoration of lost data. While it is possible to recover lost data via Microsoft Office 365’s backups, the process will often be tedious, costly, and detrimental to business continuity. 

The default retention setting for all messages and folders within Microsoft Office 365 is “Never Delete.” As such, Microsoft Office 365 emails and their contents should remain accessible unless acted upon by the user or systematically deleted via custom retention policy. In other words, Microsoft Office 365 has no stated policy of deleting emails automatically once they reach a certain age.

In the event that an email is deleted, it is first moved to the Deleted Items folder, which also has an unlimited retention setting. Items can be manually restored by the end user from the Deleted Items folder.

If an item is deleted from this folder it moves to the Recoverable Items folder, which has a retention period of 14 days (admins can extend this period to a maximum of 30 days). Users and admins can recover items from this folder one at a time via a process known as Single Item Recovery. Once an item exceeds the retention period or is further deleted, it is moved to the Purge Folder.

Emails that have reached the Purge Folder will be retained for a maximum of 14 days. From here, only admins are able to use the Single Item Recovery feature to recover items for their end users. Once the 14-day retention period expires, items are permanently deleted from the tenant and become unrecoverable if a backup solution is not in place.

Microsoft Office 365 accounts are generally rendered inactive in the wake of an employee’s departure or extended absence from an organization. An admin will often choose to remove this account, in which case the user’s data and account become restorable for a 30-day period before it is permanently deleted.

In order to avoid critical data loss, the admin should consider what they want to do with the license moving forward and how they would like to deal with the departed user’s OneDrive and email content before deleting the user from the organization.

If a Microsoft Office 365 user account is deleted from a tenant there is a 30-day window to restore the account and all associated data. This 30-day period is known as the “soft deleted” state and there is a documented process (dependent on the manner of deletion) by which an admin may fully recover the user account.

Once this 30-day retention period expires, the account is permanently deleted (hard deleted) and cannot be recovered if a backup and recovery solution is not in place.