O365 backup - information security

Maintain control of your Microsoft Office 365 email data

O365 backup - information security

Veeam Logoby johannesk » Mon Sep 11, 2017 2:46 pm

The O365 backup runs with a service account that has extensive privilage to all O365 mailboxes. That's understandable. But what think is most scary, is that anyone that can logon to the server running the O365 backup can thus open a backup of any mailbox. This makes anyone who as access, a potential suspect in a data leak situations. I can see in the logs, that it states that the backup was opened, but not by whom or what was restored.

For my company - if the console would ask for a password of the service account each time it was opened, that would make it possible to audit, who made a lookup for the password. And of course if the O365 backup log, would note what user opened the console and what data was restored, would also be great.

What do you think?
johannesk
Enthusiast
 
Posts: 53
Liked: 8 times
Joined: Tue Jan 19, 2016 1:28 pm
Full Name: Jóhannes Karl Karlsson

Re: O365 backup - information security

Veeam Logoby Mike Resseler » Mon Sep 11, 2017 2:50 pm

Hey Johannes,

Thanks for this feedback. You are right, if someone has the right to RDP to that box, he/she can open the backups. I understand the need for auditing and logs, and this is certainly something on the table for the next version(s). Any information you would like to see in those logs (or potential reports in the future) you can always tell us here. Certainly not making any promises, but we do discuss and look at every proposal made at these forums

Thanks
Mike
Mike Resseler
Veeam Software
 
Posts: 4220
Liked: 471 times
Joined: Fri Feb 08, 2013 3:08 pm
Location: Belgium, the land of the fries, the beer, the chocolate and the diamonds...
Full Name: Mike Resseler

Re: O365 backup - information security

Veeam Logoby johannesk » Mon Sep 11, 2017 3:39 pm

If the O365 module had security like VBR console (Users and Roles under options) would increase the security alot.

Then if the log would tell you what user opened the console, and what emails were opened/downdloaded/restored, we would have someting to justify using the product. Also that would be vital information for auditors.
johannesk
Enthusiast
 
Posts: 53
Liked: 8 times
Joined: Tue Jan 19, 2016 1:28 pm
Full Name: Jóhannes Karl Karlsson

Re: O365 backup - information security

Veeam Logoby Mike Resseler » Tue Sep 12, 2017 7:11 am

Understood and noted. No promises made but will certainly look into it
Mike Resseler
Veeam Software
 
Posts: 4220
Liked: 471 times
Joined: Fri Feb 08, 2013 3:08 pm
Location: Belgium, the land of the fries, the beer, the chocolate and the diamonds...
Full Name: Mike Resseler

Re: O365 backup - information security

Veeam Logoby itrabbit » Wed Nov 22, 2017 11:06 pm

It would be really appreciated any one who attempts to open/view a mailbox or restore is prompted for a password with particular security permissions i.e exchange administrator before they can access it.

It is really scary you can just open the backups and they are there.

What about backup encryption, how can I encrypt the backups? Would like that too or both a password and encrypted backups. There is a lot of confidentiality surrounding this and being able to access mail like this is really too easy.
itrabbit
Influencer
 
Posts: 15
Liked: never
Joined: Thu Nov 24, 2016 6:50 am
Full Name: Matt Dunleavy

Re: O365 backup - information security

Veeam Logoby Mike Resseler » Mon Nov 27, 2017 6:10 am

Thanks Matt,

Putting encryption on the running database might not be that easy (with that type of DB). I see your other requests and consider them noted

Thanks
Mike
Mike Resseler
Veeam Software
 
Posts: 4220
Liked: 471 times
Joined: Fri Feb 08, 2013 3:08 pm
Location: Belgium, the land of the fries, the beer, the chocolate and the diamonds...
Full Name: Mike Resseler


Return to Veeam Backup for Microsoft Office 365



Who is online

Users browsing this forum: No registered users and 4 guests