Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Understanding shared responsibility

Issue 6 2025 Infrastructure

Data management is increasingly coming under the governance spotlight, yet a significant vulnerability often goes unnoticed. Many businesses operating on Microsoft 365 assume their data is comprehensively backed up. While Microsoft provides infrastructure resilience, a key distinction in its shared responsibility model leaves individual business data – or tenants – exposed to accidental or malicious deletion.

“This is not a flaw in the system,” says Craig Freer, director at Qwerti, a local managed service provider, “but a feature of its design. Microsoft ensures the operational continuity of its services. If a data centre were to fail, the company would restore its servers, ensuring the underlying infrastructure remains stable and your data at that macro level is safe.


Craig Freer.

“However, the responsibility for protecting data at the individual tenant level lies with you, the individual business. Under its standard retention policy, Microsoft retains data for 30 days before permanently deleting it. If an employee accidentally deletes a critical folder, or a disgruntled leaver maliciously wipes an entire Teams environment, it creates a significant gap in protection that many organisations are simply unaware of.”

Risk across the operation

The threat is not just theoretical; it impacts the three core pillars of a modern business’s IT systems. Firstly, there is Exchange and email – the lifeblood of daily correspondence. Perhaps the least mission-critical layer, its loss can nonetheless disrupt operations and cause vital confidential information to permanently disappear.

Secondly, OneDrive contains individuals’ personal work data. The loss of this information can set projects back by months and potentially represents a catastrophic loss of intellectual property and productivity.

Finally, and perhaps most seriously, there is the collaborative environment of Teams and SharePoint. This is where shared organisational knowledge resides. “Its deletion can wipe out years of collective work, and make recovery a near-impossible task,” states Freer.

Worse yet, these vulnerabilities are not just limited to human error or malicious insiders. “A successful phishing attack could give hackers control of the whole system, allowing them to encrypt or destroy data with impunity.”

The governance imperative

For most companies, data backup is no longer just an IT function; it is a board-level mandate. Governance and risk committees routinely ask for proof of backup and evidence of successful restore tests. Microsoft’s infrastructure-level resilience alone does not meet the requirement for granular, tenant-level data protection. This means many organisations, particularly in highly regulated sectors like financial services and law, may be unknowingly non-compliant with their own governance mandates.

“Addressing this vulnerability requires a strategic shift in how businesses view cloud data,” comments Freer. “The solution is not to abandon powerful platforms like Microsoft 365, but to augment them with a dedicated, cloud-to-cloud backup solution.”

“An effective approach should be seamless and automated, and operate in the background. It should not require any actions from individual users or software installation on their devices,” Freer continues.

“It also needs to be cost-effective and scalable. In this context, ‘scalable’ means it offers unlimited storage to avoid escalating costs through constantly having to upgrade storage pools as data volumes grow. Additionally, it must be comprehensive enough to protect all three data environments – Exchange, OneDrive, and Teams/SharePoint.”

Finally, a truly strategic solution should support data archiving. When an employee leaves, their data often needs to be retained for compliance, but paying for a full, active license is costly. The ability to convert a live backup into a lower-cost archive license preserves a snapshot of the data indefinitely, providing a practical and affordable solution.

“By adopting this kind of dedicated backup strategy, businesses can close a serious security gap, ensure compliance, and safeguard their most valuable digital assets,” Freer concludes.

Find out more at www.qwerti.co.za




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

AI-enabled NVR for Milestone XProtect
Surveillance Infrastructure Products & Solutions
As surveillance environments continue to grow in scale and complexity, organisations need infrastructure that is easy to deploy, simple to manage, and ready for AI-driven workloads.

Read more...
Industry perspective on industrial cybersecurity
Technews Publishing News & Events Infrastructure Industrial (Industry)
The Industrial Security Harmonization Group has released a joint industry perspective highlighting a critical truth in industrial cybersecurity: secure communication is not determined by protocols alone, but by how they are deployed and managed in real-world environments.

Read more...
Cyber resilience is the real defence
Security Services & Risk Management Information Security Infrastructure
Cyber resilience has evolved into a form of strategic agility, ensuring that when an interruption occurs, the business does not just survive; it snaps back into place before the market even notices a pause.

Read more...
Power, performance and profit
Power Management Infrastructure
Electricity remains the single largest operating cost for most data centres. In many African markets, power infrastructure is ageing or inconsistent, forcing operators to rely on backup generation to keep facilities online.

Read more...
Five signs your storage is holding you back
Infrastructure Surveillance
In the drive for business growth, organisations across South Africa are investing heavily in talent, applications, and strategy. Yet the foundational technology that underpins every digital interaction - data storage - is often overlooked.

Read more...
Service robot technology for residential complexes
Suprema AI & Data Analytics Infrastructure Residential Estate (Industry)
Suprema has signed a three-party memorandum of understanding (MOU) with Hyundai Motor Group Robotics LAB and Hyundai Engineering & Construction (Hyundai E&C) to collaborate on advancing residential complexes through service robot technology.

Read more...
Genetec launches Cloudlink 2210
Genetec Infrastructure Surveillance
New cloud-managed appliance addresses the practical challenges when adopting a cloud-managed model at scale, including storage costs, support for devices that do not enable direct-to-cloud connectivity, and the need to maintain local operation during connectivity disruptions

Read more...
Proactive estate security in Cape Town
neaMetrics OneSpace Technologies Technews Publishing SMART Security Solutions Fang Fences & Guards ATG Digital Editor's Choice News & Events Integrated Solutions Infrastructure Residential Estate (Industry)
SMART Security Solutions started the year with our annual SMART Estate Security Conference in Cape Town on 26 February 2026. Held at Anna Beulah Farm, the conference saw a number of delegates enjoying the farm’s excellent cuisine, while listening to outstanding presenters.

Read more...
AI projects are failing at alarming rates
AI & Data Analytics Infrastructure
As organisations around the world accelerate their investments in artificial intelligence, digital transformation and data analytics, a growing number of industry experts are warning that many companies are still approaching these initiatives in fundamentally flawed ways.

Read more...
Understanding the Shared Responsibility Model
Infrastructure Security Services & Risk Management
While the cloud can certainly be a growth enabler in many ways, it can also introduce new security risks. Companies want to have a clear understanding of where their security duties end and where their cloud service provider’s begin.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.