Microsoft 365 protects its own infrastructure, not your data — and that distinction matters more than most UK businesses realise. A dedicated managed cloud backup solution powered by Acronis Cyber Protect Cloud closes that gap with immutable, independently verified backups and guaranteed recovery.
There is a widespread and expensive assumption sitting at the heart of many UK businesses right now: that because their data lives in Microsoft 365, Microsoft is looking after it. It is understandable. Microsoft is one of the most trusted technology companies in the world, and its 365 platform — spanning Outlook, Teams, SharePoint and OneDrive — has become the operational backbone for millions of organisations. But understanding what Microsoft actually protects, and what it does not, could be the difference between a quick recovery and a catastrophic, unrecoverable data loss event.
This article sets out exactly where Microsoft's responsibility ends, why the gaps are more significant than most IT teams realise, and how managed cloud backup powered by Acronis Cyber Protect Cloud provides the protection layer that Microsoft simply does not offer.
Understanding the specific scenarios in which data disappears is important because each one exposes a different limitation in Microsoft's native retention capabilities.
Human error is consistently the leading cause of Microsoft 365 data loss. Emails are deleted and the recycle bin is emptied. SharePoint files are removed, and the window for recovery closes before anyone notices. OneDrive folders are permanently deleted by a user who misunderstood which files were shared. In each case, the time pressure is acute and the outcome without proper backup is often a permanent loss.
Ransomware attacks increasingly target cloud-based file storage. When a device synchronised with OneDrive or SharePoint is infected, the malware can encrypt files and push those encrypted versions back to the cloud, overwriting clean copies. Version history provides some protection, but it has limits; attackers have learned to trigger encryption gradually, across hundreds of files, over a period that may exceed the retention window of version histories.
When an employee leaves an organisation, their Microsoft 365 licence is typically removed. Unless specific steps are taken in advance, the data associated with that account — emails, calendar entries, OneDrive files — may be deleted within 30 days. For many businesses, this happens silently and only becomes a problem months later when a file, contract or correspondence thread cannot be found.
Sync conflicts between OneDrive and local devices can result in files being overwritten or lost without any notification. This is particularly common in organisations where multiple users access shared files from different devices, and the issue often goes undetected until the original version of a document is urgently needed.
When this topic is raised with IT managers, the response is often the same: "We have version history" or "It will be in the recycle bin." Both are reasonable first lines of defence. Neither constitutes a backup strategy.
Version history is limited in retention depth and is tied to the same platform that may have been compromised. If ransomware has overwritten all versions of a file within the retention window, version history offers nothing. If the file has been permanently deleted, version history is irrelevant. And if the licence has been removed, neither version history nor the recycle bin may be accessible at all.
A genuine backup strategy involves independent, immutable copies of data stored outside the originating platform, with automated integrity verification and tested recovery procedures. That is fundamentally different from what Microsoft 365 natively provides.
"A genuine backup strategy involves independent, immutable copies of data stored outside the originating platform — fundamentally different from what Microsoft 365 natively provides."
A properly architected cloud backup solution for Microsoft 365 operates independently of the Microsoft platform. It creates separate, immutable copies of your data at defined intervals, stores them in a location that cannot be accessed or altered by ransomware, and provides the capability to restore specific items — individual emails, files, calendar entries — or entire environments, according to your recovery requirements.
The critical components of an effective solution are:
Without these elements in place, a backup solution is at best incomplete and at worst a false sense of security.
Acronis Cyber Protect Cloud is the platform underpinning Contrac's managed cloud backup service, and it addresses the specific weaknesses of Microsoft's native data protection across each of the risk scenarios outlined above.
The platform delivers unified data protection across Microsoft 365 environments — covering Exchange Online, SharePoint, OneDrive and Teams — as well as physical servers, virtual machines and other cloud environments. Backups are stored in immutable environments, meaning they cannot be altered or deleted even if the primary environment is compromised by ransomware.
Critically, Acronis Cyber Protect Cloud incorporates AI-driven threat detection that actively scans backup data for malware before restoration. This prevents a scenario in which a clean restore inadvertently reintroduces a threat that was already present in older backup copies. For businesses recovering from a ransomware incident, this distinction is significant.
Automated backup verification runs daily tests to confirm the integrity of restorations before an incident occurs. This removes a common and costly failure mode in backup strategies: discovering during an emergency that backups have been failing silently for weeks.
Choosing the right provider is as important as choosing the right technology. A managed cloud backup service should do more than deploy software; it should take ownership of the entire backup lifecycle, from architecture and configuration through to monitoring, testing and incident response.
The key questions to ask any prospective provider are:
These are not difficult questions for a credible provider to answer. If a prospective supplier cannot answer them confidently, that itself is useful information. You can explore Contrac's full range of hosting and cloud solutions to understand how managed cloud backup sits within a broader infrastructure strategy.
Microsoft 365 includes native data retention features, such as deleted-item recovery periods and version history, but these are not a substitute for a dedicated backup solution. They are time-limited, tied to the originating platform, and do not provide the immutable, independently verified recovery capability that a genuine backup strategy requires. Microsoft itself makes clear in its service terms that customers are responsible for protecting their own data.
Recovery speed depends on the scope of the incident and the recovery objectives defined when the backup solution is architected. Contrac designs solutions around specific RTO and RPO targets — meaning the maximum acceptable downtime and the furthest point in time from which data can be recovered are agreed in advance. With Acronis Cyber Protect Cloud, granular item-level recovery allows specific emails or files to be restored rapidly, while larger-scale system recovery is handled through cloud-based disaster recovery capabilities designed to minimise operational disruption.
Ready to close the gap in your data protection strategy? Speak to the team at Contrac IT Support today and find out how Acronis Cyber Protect Cloud can be configured around your specific recovery objectives.
Explore Managed Cloud Backup