Article Details

Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks. As businesses continue to migrate their operations to the cloud, maintaining and managing the security of these environments has become mission-critical. Microsoft 365 is a widely adopted suite of productivity tools, but relying solely on its built-in security features may leave organizations vulnerable to significant risks. The Acronis Threat Research Unit recently conducted a quantitative study to explore the core security landscape of Microsoft 365 , and the findings are both alarming and instructive. The Research Project The Acronis Threat Research Unit assessed the security of Microsoft 365 email and application backup data. The study focused on Microsoft 365 seats that were configured to rely solely on the security settings provided by Microsoft, without the use of any additional third-party security solutions, including those offered by Acronis. To ensure a broad and representative sample, the research team randomly selected data sets from more than 300,000 M365 seats from a pool of 1.2 million. The Findings The results of the study were both revealing and concerning. The Acronis Threat Research Unit detected a staggering number of malicious and suspicious elements within the backup data: The fact that these protocols identified such a high number of risks indicates that the basic security measures included with M365 are insufficient to protect against the current threat landscape. The Shared Responsibility Model Microsoft operates on a "shared responsibility" model when it comes to M365 secuirty and data protection. This model means that while Microsoft is responsible for the security of the cloud infrastructure, the security of the data and applications within that infrastructure is the responsibility of the organization using the service. This division of responsibility is crucial to understand, as it highlights the need for organizations to take proactive steps to secure their data. The statistical data analysis conducted by the Acronis Threat Research Unit clearly demonstrates that the basic security protocols included in M365 are not sufficient to mitigate the level of threats present in today's digital environment. Relying solely on these basic security measures can allow risks to not only evade detection but also to persist in backups, creating a long-term threat to cloud systems and endpoint devices. The Risks of Inadequate Security The persistence of threats in backups is a particularly concerning issue. When malware or malicious URLs are not detected and removed, they can be restored along with legitimate data, re-infecting systems and causing further damage. This persistence can lead to a cycle of recurring security incidents, undermining the integrity and reliability of the organization's data and systems. Recommendations for MSPs and IT Teams To ensure business resilience and continuity, the Acronis Threat Research Unit strongly recommends that Managed Service Providers (MSPs) and IT teams within organizations adopt a full spectrum of security and data protection solutions. This includes: Conclusion The findings of the Acronis Threat Research Unit underscore the importance of a multi-layered approach to cybersecurity. While Microsoft 365 provides a solid foundation, it is not a comprehensive solution on its own. By leveraging advanced security and data protection solutions, organizations can significantly enhance their defenses and protect against the evolving threats that lurk below the surface. The Acronis Threat Research Unit remains committed to ongoing research and innovation to help organizations stay one step ahead of cyber threats and ensure the security and resilience of their digital environments. For more information about Acronis 7-in-One comprehensive solutions for M365, access our dedicated resources page. For more information on the Acronis Threat Research Unit or to follow the latest alerts and updates, access the research blog here. Sponsored and written by Acronis.