SkyKick Cloud Backup – security enhancements; cross-mailbox and point-in-time restore scenarios

SkyKick is committed to delivering the most comprehensive data protection across the Office 365 tenant with the best partner experience and profitability. This requires that we constantly listen to and collaborate with our partners to improve the breadth and depth of usage scenarios that make our partners more useful. 

We recently announced major updates to Cloud Backup, including coverage of Groups and Teams and integration with ConnectWise Manage.  In this blog, we summarize other enhancements to Cloud Backup designed to further improve partner experience and success.  

  • Improved customer experience and Office 365 security score 
  • Expanded, high-value restore scenarios like cross-mailbox and Point-in-time restore 

Improved customer experience and Office 365 security score 

Cloud Backup is known for the high performance of its backup and restore workflow. One key driver of this performance is the approach it takes to address typical infrastructure limitations, e.g. throttling in SharePoint Online. Cloud Backup automatically creates taskworker accounts tailored to the size and types of data in each subscription. By distributing the backup and restore workflow across a number of accounts, performance is improved and these jobs can be run more effectively.  

Initial approach for optimized performance 

The unlicensed global administrator accounts were given permissions to perform backup and restore functions. However, because these unlicensed global admins are shown as explicit owners of content along with the actual owners, it led to some end-user confusion. Additionally, Microsoft’s new Office 365 Security Score takes into account the number of global administrators, both licensed and unlicensed, in a tenant. This could result in a lower security scores for Office 365 tenants. 

Improved approach for optimized performance 

SkyKick has developed an alternate approach to improve customer experience and avoid negative impact to the Office 365 security score while maintaining its optimized performance. Rather than creating unlicensed global admins, we now create these accounts as unlicensed users in an Azure Active Directory security group.  This security group is setup to give each unlicensed user the permissions it needs to perform the same function that the unlicensed global admins previously achieved. 

Blog 1

Implementation 

The new approach does not require any action from partners. Starting August 20, all new Cloud Backup orders as well as existing orders that require additional unlicensed global admins will use the new Azure AD security group approach. Over the coming months, Cloud Backup will continue to deploy the experience across all active subscriptions while removing the deprecated unlicensed global administrator accounts.  

For more information, see New Approach for Optimal Backup and Restore Performance. 

Expanded, high-value restore scenarios (Cross-mailbox, Point-in-time) 

We are committed to prioritizing and executing to the backup and restore scenarios that help our partners differentiate and become more successful.  As a result of the continued dialog with partners, Cloud Backup has expanded its restore scenarios to include cross-mailbox restore and point-in-time restore. 

Cross-mailbox restore 

Cloud Backup now offers the option to perform a cross-mailbox restore of a full mailbox into a different mailbox within a Cloud Backup subscription within the same tenant.  

Blog 2

This restore scenario has been highly requested by partners, but also introduces potential hazards (e.g. data being restored to a mailbox whose user(s) should not have access to the data). Our execution approach thus uses additional checks and balances to minimize reduce risk and ensure accuracy.  

  • Upon requesting a cross-mailbox restore, a window with the restore details will appear and require confirmation to proceed. 
  • Once a cross-mailbox restore is initiated, a notification will appear in the Alerts tab of the subscription providing the details of the restore to ensure a record of the action. 
  • Due to the potential risks of misuse with this scenario, this functionality is currently limited to partners. Customers with self-service access will not see this option when performing a restore. 

For more information, see Cross-mailbox restore. 

Point-in-time restore 

With the rise of ransomware and other malware, point-in-time restore functionality has become increasingly important. Cloud Backup now offers this restore scenario for both a full mailbox restore in Exchange Online and full account restore in OneDrive for Business.  

Blog 3

For more information, see Point-in-time restore. 

Thanks to all of our partners who place their trust in SkyKick and provide valuable feedback in our continued innovation.  SkyKick Cloud Backup continues to be at the cusp of innovation in Microsoft collaboration apps and services, including Groups, Teams, Modern Team Sites and much more. To learn more, please reach out to your account manager or support contacts.