Backing up Office 365 mailboxes

Dashrender

@jt1001001 said in Backing up Office 365 mailboxes:

Any thoughts on Barracuda? We've used their mail security and filtering services in the past, no idea how good they are for 365

They had an open back door in their security appliances for "remote support" that was reported last year. I wouldn't trust their stuff with a 10 foot pole.

scottalanmiller

@Dashrender said in Backing up Office 365 mailboxes:

@jt1001001 said in Backing up Office 365 mailboxes:

Any thoughts on Barracuda? We've used their mail security and filtering services in the past, no idea how good they are for 365

They had an open back door in their security appliances for "remote support" that was reported last year. I wouldn't trust their stuff with a 10 foot pole.

Yeah, they are on my avoid list. People tend to like them, but they are not cheap and I don't trust them.

Dashrender

@JaredBusch said in Backing up Office 365 mailboxes:

@Dashrender said in Backing up Office 365 mailboxes:

@scottalanmiller said in Backing up Office 365 mailboxes:

@Dashrender said in Backing up Office 365 mailboxes:

@art_of_shred said in Backing up Office 365 mailboxes:

@dafyre I guess you make a good point there, but is that a real problem? I've not heard of that happening, at least not to any degree that I worry about it.

Interesting - so MS has no option for restoring a mailbox in this scenario if you don't have the legal hold option?

Correct. MS ensure that THEY do not lose your email. They don't ensure that YOU don't decide to get rid of it then want it back.

How about Recover deleted items from server? Is that around in Outlook on the Web in O365? i.e. you log into your email and notice it's all gone - ok go to recover deleted items, restore.

Yes that exists.

Well, then sounds like a reasonable solution for the aforementioned phishing attack/delete issue.

Jason

We use barracuda archivers here.

Jason

@Dashrender said in Backing up Office 365 mailboxes:

@jt1001001 said in Backing up Office 365 mailboxes:

Any thoughts on Barracuda? We've used their mail security and filtering services in the past, no idea how good they are for 365

They had an open back door in their security appliances for "remote support" that was reported last year. I wouldn't trust their stuff with a 10 foot pole.

The back door was only accessible from barracuda network it was also not on the archivers. Many companies have a method like this unitrends, Cisco, emc all have this.

Also if your emails in the cloud, Microsoft has access into your 0365 too.

scottalanmiller

@Jason said in Backing up Office 365 mailboxes:

@Dashrender said in Backing up Office 365 mailboxes:

@jt1001001 said in Backing up Office 365 mailboxes:

Any thoughts on Barracuda? We've used their mail security and filtering services in the past, no idea how good they are for 365

They had an open back door in their security appliances for "remote support" that was reported last year. I wouldn't trust their stuff with a 10 foot pole.

The back door was only accessible from barracuda network it was also not on the archivers. Many companies have a method like this unitrends, Cisco, emc all have this.

Also if your emails in the cloud, Microsoft has access into your 0365 too.

But it WAS on their firewalls! And "only accessible from their network" only requires spoofing their network. Unitrends does not have that.

scottalanmiller

@Jason said in Backing up Office 365 mailboxes:

The back door was only accessible from barracuda network ...

Not according to Krebs, it was accessible from hundreds of companies.

http://krebsonsecurity.com/2013/01/backdoors-found-in-barracuda-networks-gear/

Carnival Boy

Has anyone been involved in an e-discovery action?

I have never implemented an e-mail retention policy. I really should. A quick Google brings up this document https://www.theemaillaundry.com/wp-content/uploads/2015/07/Email_Retention_UK.pdf, which says:

Is your company in a heavily regulated industry that has existing data retention requirements? Outside of regulations
governing certain industries, the answer is usually a bit nebulous in terms of defining clear retention periods. In the US For
SEC- and FINRA-regulated firms, Rule 17a-4 of the Securities and Exchange Act requires retention of emails for at least three
years, with the first two years stored in an easily accessible place. In the UK the Financial Services Authority (FSA) regulates
financial services providers. The FSA's regulations require all financial institutions to store all business emails sent and
received for up to six years, and some emails indefinitely, so that cases can be reviewed.
But outside of financial services, there is no universal law for document retention. The only far-reaching requirement is to
preserve documents, emails and information when a company is on notice of pending litigation (per FRCP(US) CRP(UK)). At
this point, a “litigation hold” must be implemented to retain information the company reasonably believes is discoverable in
anticipated litigation. However, email retention requirements vary from industry to industry and from case to case.

I'm in Manufacturing, which doesn't appear to be regulated. I believe any retention policy should centre around less is more, ie delete as much e-mail as you can legally get away with to reduce your exposure during e-discovery. So on those grounds, I think I should be actively NOT backing up e-mail and should NOT use GFI to archive e-mail or purchase licences for O365 legal hold. I believe O365 retains deleted mail for a maximum of 30 days which covers you for accidents and malware but not much else.

Then again, should I be losing any sleep over this when the next President of The US gets away with just using Hotmail?

Any views?

travisdh1

@jt1001001 said in Backing up Office 365 mailboxes:

Any thoughts on Barracuda? We've used their mail security and filtering services in the past, no idea how good they are for 365

I use they're publicly available block list, but wouldn't use their equipment.

scottalanmiller

@Carnival-Boy said in Backing up Office 365 mailboxes:

Has anyone been involved in an e-discovery action?

I have never implemented an e-mail retention policy. I really should. A quick Google brings up this document https://www.theemaillaundry.com/wp-content/uploads/2015/07/Email_Retention_UK.pdf, which says:

Is your company in a heavily regulated industry that has existing data retention requirements? Outside of regulations
governing certain industries, the answer is usually a bit nebulous in terms of defining clear retention periods. In the US For
SEC- and FINRA-regulated firms, Rule 17a-4 of the Securities and Exchange Act requires retention of emails for at least three
years, with the first two years stored in an easily accessible place. In the UK the Financial Services Authority (FSA) regulates
financial services providers. The FSA's regulations require all financial institutions to store all business emails sent and
received for up to six years, and some emails indefinitely, so that cases can be reviewed.
But outside of financial services, there is no universal law for document retention. The only far-reaching requirement is to
preserve documents, emails and information when a company is on notice of pending litigation (per FRCP(US) CRP(UK)). At
this point, a “litigation hold” must be implemented to retain information the company reasonably believes is discoverable in
anticipated litigation. However, email retention requirements vary from industry to industry and from case to case.

I'm in Manufacturing, which doesn't appear to be regulated. I believe any retention policy should centre around less is more, ie delete as much e-mail as you can legally get away with to reduce your exposure during e-discovery. So on those grounds, I think I should be actively NOT backing up e-mail and should NOT use GFI to archive e-mail or purchase licences for O365 legal hold. I believe O365 retains deleted mail for a maximum of 30 days which covers you for accidents and malware but not much else.

Then again, should I be losing any sleep over this when the next President of The US gets away with just using Hotmail?

Any views?

That's pretty much my feelings on it. I think our retention here is two years. At which point it auto-deletes!