Maintain control of your Microsoft Office 365 email data
Post Reply
johannesk
Enthusiast
Posts: 53
Liked: 9 times
Joined: Jan 19, 2016 1:28 pm
Full Name: Jóhannes Karl Karlsson
Contact:

O365 backup - information security

Post by johannesk » Sep 11, 2017 2:46 pm

The O365 backup runs with a service account that has extensive privilage to all O365 mailboxes. That's understandable. But what think is most scary, is that anyone that can logon to the server running the O365 backup can thus open a backup of any mailbox. This makes anyone who as access, a potential suspect in a data leak situations. I can see in the logs, that it states that the backup was opened, but not by whom or what was restored.

For my company - if the console would ask for a password of the service account each time it was opened, that would make it possible to audit, who made a lookup for the password. And of course if the O365 backup log, would note what user opened the console and what data was restored, would also be great.

What do you think?

Mike Resseler
Veeam Software
Posts: 4668
Liked: 498 times
Joined: Feb 08, 2013 3:08 pm
Full Name: Mike Resseler
Location: Belgium
Contact:

Re: O365 backup - information security

Post by Mike Resseler » Sep 11, 2017 2:50 pm

Hey Johannes,

Thanks for this feedback. You are right, if someone has the right to RDP to that box, he/she can open the backups. I understand the need for auditing and logs, and this is certainly something on the table for the next version(s). Any information you would like to see in those logs (or potential reports in the future) you can always tell us here. Certainly not making any promises, but we do discuss and look at every proposal made at these forums

Thanks
Mike

johannesk
Enthusiast
Posts: 53
Liked: 9 times
Joined: Jan 19, 2016 1:28 pm
Full Name: Jóhannes Karl Karlsson
Contact:

Re: O365 backup - information security

Post by johannesk » Sep 11, 2017 3:39 pm

If the O365 module had security like VBR console (Users and Roles under options) would increase the security alot.

Then if the log would tell you what user opened the console, and what emails were opened/downdloaded/restored, we would have someting to justify using the product. Also that would be vital information for auditors.

Mike Resseler
Veeam Software
Posts: 4668
Liked: 498 times
Joined: Feb 08, 2013 3:08 pm
Full Name: Mike Resseler
Location: Belgium
Contact:

Re: O365 backup - information security

Post by Mike Resseler » Sep 12, 2017 7:11 am

Understood and noted. No promises made but will certainly look into it

itrabbit
Influencer
Posts: 18
Liked: 6 times
Joined: Nov 24, 2016 6:50 am
Full Name: Matt Dunleavy
Contact:

Re: O365 backup - information security

Post by itrabbit » Nov 22, 2017 11:06 pm

It would be really appreciated any one who attempts to open/view a mailbox or restore is prompted for a password with particular security permissions i.e exchange administrator before they can access it.

It is really scary you can just open the backups and they are there.

What about backup encryption, how can I encrypt the backups? Would like that too or both a password and encrypted backups. There is a lot of confidentiality surrounding this and being able to access mail like this is really too easy.

Mike Resseler
Veeam Software
Posts: 4668
Liked: 498 times
Joined: Feb 08, 2013 3:08 pm
Full Name: Mike Resseler
Location: Belgium
Contact:

Re: O365 backup - information security

Post by Mike Resseler » Nov 27, 2017 6:10 am

Thanks Matt,

Putting encryption on the running database might not be that easy (with that type of DB). I see your other requests and consider them noted

Thanks
Mike

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest