Reading Time: 6 minutes

Found a proper way to protect your public cloud services and your data in a public cloud is becoming more and more important, to achieve a desired retention limit, but also to have more control on the data and the restorability of them.

One interesting case is the messaging and collaboration services, like Office365 and G Suite.

There are some products to manage those kind of services, but in most cases are limited to one SaaS product.

Spinbackup is a new company founded in 2016, offering that can currently protects G Suite organizations, and recently also Office365.

Spinbackup provides powerful capabilities for protecting customers from outright losing data due to deletion or other reason such as Malware and also protecting data from leakage outside the G Suite organization. Spinbackup allows organizations to meet these often very challenging objectives by leveraging a machine learning enabled API based CASB engine at the heart of the platform to deliver data protection and cyber security.

Spinbackup for G Suite features the following capabilities:

  • Automated Cloud-to-Cloud Daily backups – Spinbackup provides automated daily backups of G Suite data to either the AWS public cloud or Google’s Cloud Storage, allowing the storage of G Suite data to be housed out of the scope of Google G Suite. Backups can be configured 1 to 3 times daily.

  • Ransomware Protection – Powerful Ransomware protection for cloud environments that is proactive. Many have the misconception that public cloud environments are immune to the effects of Ransomware, however, this is not the case. With file synchronization apps that are provided by most public cloud vendors, infected files can be inadvertently synchronized to public cloud storage, resulting in data loss in the public cloud due to Ransomware encryption.

  • Third-party apps control – While legitimate third-party apps can provide very beneficial extensibility to public cloud environments just as G Suite, they can also be a source of tremendous risk to organization data. Most end users grant permissions on connected mobile devices without thinking about the implications to organization data. With Third-Party Apps Control, Spinbackups is able to constantly watch the G Suite environment and automatically revoke access to risky applications based on machine learned behavior gathered by Spinbackup.

  • Sensitive Data Control – Sensitive Data Control allows organizations to protect their sensitive data such as credit card numbers and prevent this data from leaving the G Suite organization. This is definable and can help organizations get a handle on GDPR initiatives among other security concerns in the G Suite environement.

  • Insider Threats Audit – Risky users do not always originate from the outside with outright attackers. Threats to data security can certainly come from the inside as well. Users who are on the inside of the organization may accidentally or intentionally put data at risk. User credentials can become compromised. Again, with powerful machine learning, Spinbackup is able to quickly identify risky user behavior or anomalies in user behavior so as to pinpoint possible security breaches.

Spinbackup is releasing the same functionality in the new Spinbackup for Microsoft Office 365. The feature set in the Office 365 release contains the Backup and Disaster Recovery functionality for Office 365. The security features will make their way into the Office 365 product very soon. The Backup and Disaster Recovery functionality for Office 365 provides organizations with a robust backup and recovery option for their Office 365 environment including:

  • Ability to store copies of Office 365 data in Google’s Google Cloud Platform or Amazon’s AWS environment.

  • Protection for the Office 365 Admin account that helps to keep the account protected from stolen or compromised credentials

  • Protection for Office 365 users against ransomware and data breach

  • Migrating data between Office 365 users with a single click

  • Single pane of glass management plane that allows Office 365 administrators to have a common dashboard for managing their Spinbackup protected Office 365 environment.

The solution is actually in the public Beta and it can easily be testest using this link (for Office365).

You need to sign with your Office 365 account and provide the proper authorization to Spinbackup:

You can also authorize at organization level, in this case you need more options:

What the the product interesting is that you don’t need any on premises resources: you can protect your SaaS application using other public cloud resources! You can store a separate copy of your critical data at AWS or GCP.

During the initial setup you have to choose which cloud provider and region:

Note that you don’t need to have a Google GCP or Amazon AWS subscription, all the required resources are managed directly be Spinbackup. It’s also nice that, during the trial, you don’t need to add any credit card to test the product!

Spinbackup for Office 365 can protect the following services and resources:

  • Outlook

  • OneDrive

  • Calendar

  • Contacts

During the initial setup you can choose which resources you need to protect

Then it’s almost done: you have a clean dashboard where you can monitor your backup and data protection status.

You can also manually start the first backup:

When backup will run your dashboard will be populated with more data, and what it’s really nice is the ability to click on the protected resources and see, restore also also download the protected items and data.

The beta is very promising: has a clean and simpy configuration, it run fast, it’s easy to use and seems also effective.

Actually the beta is totally free and there isn’t any plan on the final cost, but I guess that the pricing could be similar at the G Suite product, starting from 3U$/mnth/user for companies and with a free offer (limited to 4GB) for individuals.

About the security aspects, Spinbackup encrypts SaaS data in the cloud. It uses the highest level of encryption methods for transferring (“in-transit”), and storing (“at-rest”) your data. We are SOC2 and GDPR compliant.