Do you have Litigation hold for M365, that gives you sense of security?

Do you have Litigation hold for M365, that gives you sense of security?

It’s easy to confuse litigation hold with backup – both have something to do with ‘protecting’ data. However, backup and litigation hold differ in many ways, and any organization that fails to appreciate the differences between them (and the benefit of each) will eventually pay the price. Let’s look at the fundamental distinctions between litigation hold and backup.

What is Litigation Hold?

The phrase ‘litigation hold’ is derived from US case law (2003,) in which the court decided that ‘once a party reasonably anticipates litigation, it must pause its usual document retention/destruction strategy and implement a ‘litigation hold’ to assure the preservation of pertinent records.’

To enable eDiscovery, Microsoft introduced a litigation hold (also known as legal hold) retention capability for Microsoft Exchange in 2010. The functionality was designed primarily to preserve data in the event of a legal requirement to maintain information for access and display during litigation. Consider it for documentation reasons rather than restoring data to operating platforms such as Microsoft 365.

Later, Microsoft added the ability to establish in-place holds, which are holds based on a query (for example, “find all messages containing the word ‘Project Starburst'”). The back-end implementation of litigation and in-place holds differs differently; you can learn more here.

Let me repeat it little differently: Litigation hold was never intended to be used as a backup service. Nonetheless, some people continue to rely on it as a backup option, particularly to make ends meet when they do not have a defined data protection strategy (including a third-party backup service), arguing that “any type of data preservation is better than none, right?”

However, there are several downsides and significant hazards involved with these sorts of configurations, which lead to a perilous, false impression of data security. Some of the drawbacks and hazards of using litigation hold as a backup are as follows:

  • Data storage quotas are limited to 110 GB.
  • Some eDiscovery features need the purchase of extra licenses; if you do not purchase the licenses, you will be unable to utilize the capabilities.
  • User mailbox data is only retained while the user is issued an Exchange Online license. When a user departs or becomes inactive, deleting the license finally results in the removal of the data.
  • Data recovery need the assistance of an administrator and is a time-consuming operation.
  • The data kept is not physically distinct from the original copy.

The basic lesson is that you cannot rely on litigation holds or in-place holds as general-purpose recovery methods after mistakes or disasters. That’s not what they’re designed for, and if you try to use them for that, you risk losing data.

What is Backup?

Backup, by definition, offers one or more extra copies of your data that are physically independent from your core dataset. Physical isolation is an important aspect of backup since putting backup data in the same area as main data creates a single point of failure. In these configurations, there is no data redundancy.

The physical separation rule in conventional on-premises backup meant having an off-premises backup kept in another building – so that a calamity, such as a fire in one building, would not destroy all of your data. When it comes to cloud backup, it’s reasonable to wonder, “What cloud does my backup data travel to?” Typically, the response is ‘Microsoft Azure’ or ‘Amazon Web Services.’

Ideally, you want that data to move to a cloud that isn’t controlled by your SaaS application vendor (thus putting your Microsoft 365 data in Azure wouldn’t be fair); otherwise, you’re breaking the physical-separation requirement.

Any service that does not offer this separation of copies is not and should not be called a service.

Keepit frequently discusses the ‘3 Ms’ that might cause data loss: human errors, mishaps at the SaaS application provider, and hostile acts from within or outside the company.

If anything happens to the primary (original) dataset, a properly executed backup scheme protects against all three Ms: malicious action in the form of a ransomware attack or a disgruntled employee; mistakes where someone with legitimate access accidentally deletes important data (or needs to back out changes they don’t want to keep); and mishaps where the service provider experiences an outage or data loss.

Litigation holds cannot protect you against all three Ms: there is no physical separation, there is little capacity to perform large-scale restorations, and there is no true idea of version control.

What to Look for In a Cloud SaaS Backup Solution?

Aside from the essential aspects of data redundancy and availability, a reputable backup system will include a plethora of convenience and productivity-enhancing tools and services, further separating it from litigation hold. The first thing to look for is a cloud-only solution, not a refurbished or reskinned on-premises system. Rather, a competent third-party backup service.

Here are some of the most important advantages to look for in a dedicated third-party backup solution:

  • Simple, rapid data restoration when and when you need it, in the format you need it
  • There is no need to wait for offline or near-line storage while restoring from live storage.
  • An easy-to-use interface for rapidly locating and evaluating individual files or communications before saving them.
  • Independent cloud storage that is secure and immutable
  • Flexible global storage solutions to meet your data sovereignty needs
  • A cost model that is predictable and transparent, with no hidden fees for data intake, outflow, or storage.

Get an in-depth look at data security in the cloud age with the e-guide on. Alternatively, if you’d like to learn more about Keepit backup and recovery services for Microsoft 365, Salesforce, Google Workspace, and others, Contact us.

Leave a Reply

Your email address will not be published.