Jump to content

Backing up M365 data with Backblaze?

DrMacintosh
 Share
Posted

Hello all, for some context, I am my works sole IT guy. I have maintained and deployed Microsoft 365 for us coming up on 3 years ago. We're a small business, only 8 people. We mostly use the SharePoint/OneDrive features of Microsoft 365, being able to do file collaboration in the field is extremely important, so OneDrive or other cloud sync services are literally the only way we can do our inspections.

 

While most of our production data is duplicated on other services (we have two programs we use to do surveys/run reports) the original data (floor plans, photo, excel matrices, and field notes) are all stored in our various SharePoint libraries. Not only are inspection related documents stored in SharePoint/OneDrive, sensitive company info is as well. Info such as client contracts, payroll info, etc. All in all, we have approximately 1TB of data that has been generated since I deployed M365.

 

While the chances of data loss or data breach are low (we use 2FA, only myself and 1 other coworker have admin access to anything, and OneDrive has great protections against mass deletion and ransomware) I would still like to host a backup of some sort. Unfortunately, OneDrive does not really have any backup tools built in. The only real means is to download copies of your whole libraries and archive them, the problem with that is the storage requirements quickly balloon out of control and the process is entirely manual. I recently discovered Backblaze and have considered using it as our primary backup.

 

To do this, I would build/buy a low power desktop (probably a Mac mini), connect it to a drive enclosure or use its local storage and sync all document libraries locally. Then Backblaze would backup up that whole computer and the drive with all the SharePoint/OneDrive data. In the event of a ransomware attack, even though the local copies would eventually be encrypted as the changes trickled in, I could wipe any affected systems and restore 100% of our data to prior to the attack. We would pay for the basically free forever version history feature of Backblaze to meet any possible data retention policies I may have to comply with that I don't know about. This method would also allow us to access our data even in the unlikely event that OneDrive is not available for any reason or if accounts are somehow compromised and we get locked out. 

 

What are your thoughts on my approach here?

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Have you looked at veeam? They can backup all your m365 data and store it on s3 compatible storage like backblaze. https://www.veeam.com/backup-microsoft-office-365.html. This would work much better than just downloading all the one drive files as it stores all the other m365 data also like teams, emails, calandar. Its free for up to 10 users, so it should be free here.

 

Id get something like a nuc instead of a mac mini. I don't see a reason to get a mac as windows is gonna support m365 better than mac os, and those nucs pull about the same power.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
23 minutes ago, Electronics Wizardy said:

Have you looked at veeam?

 

22 minutes ago, leadeater said:

Have you considered using Veeam

A little. Community only goes up to 1TB of data, which we have already technically exceeded. Depending on how these guys calculate users, we may have exceeded that number too. According to my admin panel, due to various guest users and shared inboxes/distribution lists we have something like 40 users. Since veeam does not offer transparent pricing, I have not heavily considered it.

 

I also unfortunately can't seem to get the team to use Teams outside of meetings, everyone would rather text and call each other. This leaves emails as the only thing to backup that Backblaze may not cover in a set and forget way.

 

I may end up contacting Veeam to see how exactly their system works. Right now the appeal of Backblaze is that it's set and forget for our core data. I'm training to become an inspector myself, so I'd like to avoid needing to learn/deploy/maintain any systems I don't absolutely have to.

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
21 minutes ago, Electronics Wizardy said:

Id get something like a nuc instead of a mac mini. I don't see a reason to get a mac as windows is gonna support m365 better than mac os, and those nucs pull about the same power.

Using both Windows and macOS daily tells me that M365 works pretty flawlessly on both platforms. A Mac mini would be my personal preference, but what ultimately ends up running the backups will be built/bought within the budget my boss ends up giving me.

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted
5 minutes ago, DrMacintosh said:

 

A little. Community only goes up to 1TB of data, which we have already technically exceeded. Depending on how these guys calculate users, we may have exceeded that number too. According to my admin panel, due to various guest users and shared inboxes/distribution lists we have something like 40 users. Since veeam does not offer transparent pricing, I have not heavily considered it.

 

I also unfortunately can't seem to get the team to use Teams outside of meetings, everyone would rather text and call each other. This leaves emails as the only thing to backup that Backblaze may not cover in a set and forget way.

 

I may end up contacting Veeam to see how exactly there system works. Right now the appeal of Backblaze is that it's set and forget for our core data. I'm training to become an inspector myself, so I'd like to avoid needing to learn/deploy/maintain any systems I don't absolutely have to.

It would likely be best to buy 10 license then so you aren't limited to the 1TB. Also shared mailboxes etc don't require a license.

 

Quote

To calculate the number of licenses you need, count the number of users within your Microsoft 365 subscription. You do not need to count the same user more than once across multiple Microsoft 365 services (e.g., the same Exchange Online, SharePoint Online and OneDrive for Business user = one Veeam Backup for Microsoft 365 user).

Here are additional details for each Microsoft 365 service:

  • Exchange Online or Exchange On-Premises: A user mailbox can be a personal mailbox, an online archive mailbox or both; you only need one license for that user. Please note that shared and resource mailboxes do not need to be licensed and can be backed up FREE of charge.
  • OneDrive for Business: OneDrive for Business user licenses are automatically aligned with their matching email accounts. This means you cannot use the same license to back up one user’s email and another user’s OneDrive for Business account. Please note that OneDrive (without “for Business”) is a separate storage service and is not supported by this solution.
  • SharePoint Online or SharePoint On-Premises: Each SharePoint user inside your Microsoft 365 subscription (or on-premises deployment) that has been granted access to the SharePoint sites you are looking to protect needs to be licensed to back up and protect your organization’s SharePoint environment. If you have a hybrid SharePoint deployment (i.e., SharePoint On-Premises and SharePoint Online) and the same user has access to both, only one Veeam license is needed for that user. Please note that external SharePoint users do not need to be licensed. An external SharePoint user is someone from outside your Microsoft 365 subscription to whom you have given access to one or more sites, files or folders. External authenticated users are limited to basic collaboration tasks and external anonymous users can edit or view specific documents when given specific permissions.
  • Microsoft Teams: When protecting a team with Veeam Backup for Microsoft 365, you must have a license for each user that is an active team member and who has a paid Teams license in Microsoft 365.

https://www.veeam.com/backup-microsoft-office-365-faq.html

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
4 minutes ago, leadeater said:

It would likely be best to buy 10 license then so you aren't limited to the 1TB. Also shared mailboxes etc don't require a license.

 

https://www.veeam.com/backup-microsoft-office-365-faq.html

Hmm, I'll definitely have to give them a call then. This all reminds me that I need to do some clean up. I appear to have a licensed user behaving as a shared inbox. That is not the way to do that 😅

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Also watch out for things like egress throttling. Part of what makes tools like Veeam advantageous is that they will create multiple "Applications" (service accounts essentially) in Azure to round robin the data downloads with to get around Microsoft's egress throttling and it will also track and download only changed data rather than all of it every time, you could probably achieve the same with a script I guess.

 

Anyway one of the bigger benefits is how much easier it would be to restore the data back to where it needs to be. Pulling the data down manually and then putting it back in a similar manor will destroy the original metadata so you won't know when files were actually created etc.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
1 minute ago, leadeater said:

Pulling the data down manually and then putting it back in a similar manor will destroy the original metadata so you won't know when files were actually created etc.

Ahh, that would certainly be a pain in the butt.

Laptop: 2019 16" MacBook Pro i7, 512GB, 5300M 4GB, 16GB DDR4 | Phone: iPhone 13 Pro Max 128GB | Wearables: Apple Watch SE | Car: 2007 Ford Taurus SE | CPU: R7 5700X | Mobo: ASRock B450M Pro4 | RAM: 32GB 3200 | GPU: ASRock RX 5700 8GB | Case: Apple PowerMac G5 | OS: Win 11 | Storage: 1TB Crucial P3 NVME SSD, 1TB PNY CS900, & 4TB WD Blue HDD | PSU: Be Quiet! Pure Power 11 600W | Display: LG 27GL83A-B 1440p @ 144Hz, Dell S2719DGF 1440p @144Hz | Cooling: Wraith Prism | Keyboard: G610 Orion Cherry MX Brown | Mouse: G305 | Audio: Audio Technica ATH-M50X & Blue Snowball | Server: 2018 Core i3 Mac mini, 128GB SSD, Intel UHD 630, 16GB DDR4 | Storage: OWC Mercury Elite Pro Quad (6TB WD Blue HDD, 12TB Seagate Barracuda, 1TB Crucial SSD, 2TB Seagate Barracuda HDD)
Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Hey @DrMacintosh, if you need any info on Veeam products and how things work, don't hesitate to contact me. I work for an official Veeam partner in Canada. We also provide offsite O365 backup services.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Servers, NAS, and Home Lab

×