More and more organisations have taken up the use of Microsoft Office 365 and rely on it for the efficient management of day-to-day business operations, making it an essential business system by definition for any organisation. 

As a result of this move, and reliance on Office 365, the prospect of your organisation suffering some form of cyber attack or data breach is no longer just a possibility, it is an inevitability. While attackers can go after a range of data sets, they will often take whatever is of the greatest value to your business, which is why Office 365 data is a frequent target.

It is this ubiquitous nature of the Office 365 suite that makes it such an attractive target for attacks. In the scenario of a cyber attack or data breach, Microsoft doesn’t offer a comprehensive backup and recovery solution for your Office 365 data.

To help you understand why a backup and recovery solution is so vital (noting that it is one of the eight key cybersecurity incident mitigation strategies described by the Australian Cyber Security Centre), here are some of the biggest cybersecurity risks to your Office 365 data.

Phishing attacks

There’s a reason why phishing attacks are still the tried-and-true method of a cyber attack. They rely on the one vulnerability your organisation can never get rid of — human error.

Your Office 365 data is an attractive target because so many organisations use Office 365.

Since late 2019, there has been a continuing and coordinated campaign of phishing attempts targeting Office 365 users from one very determined outfit that we know of. Cybercriminals have sent spoofed emails to gather the login credentials and payment details of Microsoft accounts in over 62 countries. Any individuals who entered their information or payment details had their data and/or money stolen by the attackers.


There is a reason ransomware has become the attack method du jour and that's because these attacks can be absolutely devastating. While not every cyber attack makes headlines, ransomware attacks are often in the media because they’ve crippled high-profile organisations in every sector. 

In the first half of 2020, ransomware attacks tripled in Australia, with a number of large enterprises being attacked, such as beverage company Lion and the logistics giant Toll Group (who was actually attacked twice). In these types of attacks, sensitive data, including Office 365 data, is either stolen or frozen so companies could only retrieve it by paying a ransom.

Insider attacks

What surprises many businesses is that the most common form of a data breach is actually caused by an organisation’s own employees. Employees can easily click on the wrong malicious email, insert a malware-infected USB into your corporate network, or simply leave their laptop or phone on a train.

At the same time, there are more malicious reasons why your employees could be the source of an Office 365 data breach. A disgruntled employee might decide to delete their entire inbox or an entire SharePoint group on the way out the door. Often, however, we see employees deleting the wrong files, and realising too late that this data can't be retrieved.

The solution

In the next year, we know some form of a cyber attack or data breach is now an imminent possibility. With much of your organisation relying on Office 365, SharePoint, and OneDrive, the prospect of losing access to this data could cause serious damage to your organisation’s productivity, not to mention your reputation.

As a gold Microsoft partner, Datacom has a strong pedigree with Office 365. With broad capability across on-premises, private, and public cloud, tied with our strong local presence, Backup for Office 365 provides ongoing availability and compliance. Through this managed solution, supported by Veeam, we can give you peace of mind that your sensitive data is protected. Contact us today to determine if Datacom Backup for Office 365 is the right fit for your business.

Related industries
Related solutions