This is a common question from business owners who have all or some of their business critical data shared on OneDrive, Google Drive or Dropbox.

Keep in mind that these programs are built specifically to share data and not to back it up.

Going by the terms and conditions stated by Microsoft & Google, they are quite clear that in the end, you are responsible for your own data and you should be backing it up with a third party backup solution.

Microsoft Service Agreement:

We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services….

It was only a few years ago that a bug in Dropbox deleted critical data from business users accounts. To make up for this, Dropbox offered their customers one year of free service, but they didn’t get their data back.

We’ve also seen cases where an employee has deleted a file from Dropbox months in the past and it’s only when they go to use that file again 6 months later that they realise Dropbox only restores data from the last 30 days.

There are also plenty of examples of attackers that have deleted real files shared on Dropbox and replaced them with blank files with the same name. Then after 30 days a message pops up on the screen of the infected computer saying all data has been deleted and to send £500 of Bitcoin to the hackers bitcoin address.

When you go to Dropbox and ask them to recover your files, all they will be able to recover is the blank files that the hacker put in place of the real files. And because the 30 day limit has passed, Dropbox can no longer restore the original file.

Most businesses will only use a few of the same files every day, so it’s surprisingly easy for a business of any size to go for 30 days or longer without noticing that most of the files on their Dropbox folder have been deleted or replaced with blank copies.

Data sharing programs like OneDrive are great and should be used by every business to securely share data, but a good offsite backup system should also be in place.

If you’d like to speak to someone about the best way of protecting your business critical data, give us a call.