There has been tremendous growth in Microsoft 365 usage with the current remote work trend, leading to an explosion of Microsoft 365 data. Microsoft infrastructure and platforms support the availability, reliability, and security of this infrastructure by providing world-class perimeter defense, controlling access to keep attackers out, and detecting risky behavior. However, customers are responsible for protecting the data itself - emails, chats, files, etc. Without a security solution in place for the recovery of data when they need it, businesses are at risk of data loss due to:
Cybersecurity threats
Accidental deletion
Malicious insiders
Lack of long-term Retention Policies
About 74% of Microsoft 365 customers only have a minimal last line of defense for their Microsoft 365 data, relying on native tools alone. However, they’re realizing the need for more protection in today’s environment, with more than 80% now wanting a solution that secures critical data such as in Teams and shared files.
Recently, the Cybersecurity and Infrastructure Security Agency (CISA) even published an alert about a Russian State-Sponsored cyberattack which highlights how in many attempted compromises, bad actors have employed common but effective tactics such as spear phishing, credential harvesting, brute force/password spray techniques, and known vulnerability exploitation to gain access to enterprise and cloud networks, prioritizing their efforts against the widely used Microsoft 365 environment. These threats and ransomware attacks are not limited to a single industry, and the exfiltrated information ranges from email communications to foreign partnerships.
Businesses across different verticals are looking to protect their growing data from the rising cybercrimes with modernized solutions offering Zero Trust backup and recovery at scale, ensuring business continuity during a ransomware attack, and Intelligent SLAs for shorter RTO/RPO, and providing compliance.
Rubrik simplifies data protection for Microsoft 365 while providing immediate access to their data to mitigate the risk of data loss during ransomware events or accidental deletion. Rubrik provides policy-based protection of Microsoft 365 data via its SaaS platform. Built on Rubrik Zero Trust Data Security™, assuming all users, devices, and applications are untrustworthy and could be compromised, the solution offers robust security, simplicity, and performance for search and restore operations across Exchange Online, OneDrive, SharePoint, and Teams. With Rubrik, customers can:
Keep a separate, logically air-gapped, secure copy of their data via automated backups.
Recover quickly from accidental deletion, corruption, or malicious activities with flexible restore options.
Unify data protection for their on-premises, SaaS, hybrid, and multi-cloud workloads for centralized data management.
Architectural overview of Rubrik for Microsoft 365
Rubrik’s hosted Microsoft 365 solution is a fully managed SasS offering that can be deployed in multiple regions in North America, Europe, and Asia. The product is designed with high availability and disaster recovery in mind.
In this Rubrik hosted SaaS architecture, three main layers make up the model:
The Control and Management Plane
The “Brains” behind Rubrik’s Microsoft 365 offering. It is responsible for controlling and managing the Rubrik Microsoft 365 solution. It performs control and management functions such as access control, audit, backup/recovery tasks, and reporting.
The Data Plane
The “Muscle” of the offering is a group of resources that runs in Azure. They are responsible for moving data from Microsoft 365 to Azure Blob Storage, all managed by Rubrik.
The Source Data (Microsoft 365)
This is the customer’s Microsoft 365 data environment, including Microsoft Exchange, OneDrive, SharePoint, Teams, etc. The Data Plane pulls this data into the Azure environment managed by Rubrik.
![1_log Images and Diagrams_Operationalizing Data Resiliency for Mission-Critical Oracle Databases with Rubrik [Recovered]](/content/dam/rubrik/blog/diagrams/architecture/Protecting-your-M365-workloads-with-Rubrik.jpg.imgo.webp "1_log Images and Diagrams_Operationalizing Data Resiliency for Mission-Critical Oracle Databases with Rubrik [Recovered]")
Rubik manages the Data Plane and all its associated resources. Customers no longer need to separately manage or pay these Azure infrastructure costs that are associated with Microsoft 365 data protected by Rubrik. This model also provides customers with recovery capabilities that are resilient to ransomware attacks against the Microsoft 365 source tenant. This is because of the fact that the Rubrik-protected data sets are air-gapped away from the Microsoft 365 source tenant and stored inside the Rubrik owned and managed Azure tenant.
Rubik manages the Data Plane and all its associated resources so that customers no longer need to separately pay or manage these Azure infrastructure costs. This provides additional protection from cyberattacks by keeping the data logically air-gapped from the customer's environment. In an unforeseen event, if there is a bad actor or compromised credentials, the bad actors will not be able to access the backend platform housing the data for any deletion or encryption.
Benefits: Microsoft and Rubrik Together
Enhanced Protection
In the event of a ransomware attack, natural disaster, or an operational failure like accidental deletion, customers can recover from a data loss event. Customers can also quickly browse through point-in-time snapshots and restore an entire mailbox or OneDrive or individual folders and items to achieve near-zero RTOs.
Ease of management
Businesses no longer have to manage respective Azure accounts or storage capacity. Onboarding is quicker without the need for cloud credentials or Azure account setup (permissions, quotas, etc.). Rubrik ensures that a copy of the customer’s protected data exists outside of the customer's environment, ensuring that recovery can occur in a ransomware attack or other event.
Unify Management of Microsoft 365, Data Center, and Cloud Apps
Rubrik provides a single data protection solution for all Microsoft 365 workloads. This includes granular reporting of events grouped by event types and object types, such as a user mailbox or OneDrive.
Conclusion:
Rubrik Zero Trust Data Security™ protects at-risk, critical Microsoft 365 data with streamlined and performant search and restore operations across Exchange Online, OneDrive, SharePoint, and Teams. With Rubrik, you can have peace of mind that your data is secure and rapidly available. Rubrik safeguards against data loss with automated, policy-based protection at an enterprise scale and offers rapid recovery to maintain peak data availability. Rubrik’s 100% cloud-hosted architecture provides unlimited storage and introduces a logical air gap for amplified resilience.
Eager to learn more about Rubrik + Microsoft? Learn more about how we are working together to provide cutting-edge data security solutions for our customers at the Rubrik + Microsoft Zero Trust Summit on-demand and register for FORWARD, the data security event of the year.