Sergey Nivens - Fotolia

Cohesity BaaS offers Microsoft 365 protection

Cohesity's as-a-service version of DataProtect now supports Microsoft 365, covering what one study found to be a large SaaS application data protection gap.

Cohesity today released backup as a service for protecting Microsoft 365 data, allowing customers to back up beyond the popular SaaS application's 30-day limit.

The vendor's DataProtect as-a-service offering first launched in October with the ability to store backup copies of on-premises data in AWS. Today's update extends Cohesity DataProtect BaaS to cover the Microsoft 365 suite, including emails, SharePoint, OneDrive and Teams.

Combined with Cohesity's on-premises DataProtect, which already supports Microsoft 365, customers have flexibility with where to deploy their data protection. Generally, customers prefer to do "like-for-like," said Douglas Ko, director of product marketing at Cohesity, using on-premises backup for on-premises workloads and cloud-based backup for what's in the cloud. Through Cohesity DataProtect, customers can do both under the same vendor and manage them from the same control console.

Screenshot of Cohesity
Cohesity protects Microsoft 365 mail, OneDrive, SharePoint and Teams.

Alongside the Microsoft 365 support, this update also adds protection for Amazon EC2 and RDS. Cohesity DataProtect BaaS customers do not need a separate license to protect these new workloads.. The price remains the same: $150 per TB per month.

Microsoft 365 can natively restore to backups up to 30 days old, which is not good enough for some businesses such as law firms and hospitals, Ko said. There is also no service-level agreement (SLA) between Microsoft and its customers for restores, so the recovery will be delivered on a "best effort" basis.

For Microsoft 365 backup, customers are better served with third-party vendors because they can meet SLAs and provide data isolation and longer-term retention to meet compliance requirements, Ko added. Commvault, through its Metallic offering, as well as Druva also provides cloud-based Microsoft 365 backup.

Customers still have a tough time understanding the shared responsibility model.
Douglas KoDirector of product marketing, Cohesity

However, there is still a disconnect between what customers think they are responsible for when it comes to data they put in the cloud and what they're actually responsible for, Ko said. The vendor, be it a cloud storage service such as AWS or app provider such as Microsoft, is responsible for only the infrastructure and its availability. Everything outside of the infrastructure is the customers' responsibility.

"Customers still have a tough time understanding the shared responsibility model," Ko said.

Still struggling with SaaS

Most customers are still having trouble with SaaS backup, Ko said, citing a recent Enterprise Strategy Group (ESG) study. The survey, which took place in January and had a sample size of 381 IT professionals, found 22% of the respondents use a third-party vendor for Microsoft 365 backup. Only 15% of respondents reported being able to recover 100% of their data.

The study also found 74% of respondents relied on Microsoft 365's native backup, which is too limited for most enterprises, said Christophe Bertrand, a senior analyst at ESG who worked on the study. Aside from the 30-day retention, Microsoft 365 also lacks deduplication, a way to search through backups and a way to recover them granularly instead of restoring entire mailboxes, while third-party tools provide all these features.

"I don't think we're anywhere near where we need to be with enterprise recovery for Office 365," Bertrand said.

Microsoft 365 is only one of many SaaS applications, and all of them have similar data protection shortcomings, Bertrand said. There is a definite market need, and he said he expects Cohesity to extend its support to Salesforce and other popular SaaS applications.

Enterprise Strategy Group is a division of TechTarget.

Dig Deeper on Cloud backup