We wanted the ability to back up files to multiple cloud platforms, and AvePoint was the only one who had the capability to do that.
When you’re constantly on the road visiting clients, you need to be able to access your company’s knowledge base, shared documents, and reports from anywhere. AuditOne wanted to provide its “road warriors” with continuous access to important content, but could not provide the necessary infrastructure to support an internal Sharepoint site and virtual private network for remote access. The company ultimately adopted Microsoft Office 365 as the solution, enabling secure access with multifactor authentication to cloud-hosted services – such as SharePoint Online – from anywhere. “We love Office 365,” said Kevin Tsuei, Technology Practice Director at AuditOne. “We have a small IT staff supporting our environment, so it’s great to have Microsoft managing infrastructure for us. In Office 365, it’s also a lot easier for us to add or remove licenses when associates join or leave the company.”
Although Office 365 allows Tsuei to spend more time on other projects, he ultimately needed more control over SharePoint Online backups. Microsoft stores backup data for 14 days and is able to restore at the site collection level, meaning any work completed after the recovery point objective will be lost. “It was becoming increasingly apparent that we needed better backup capabilities than Microsoft offers,” Tsuei said. “If we get hit by CryptoLocker malware, for example, Microsoft cannot to do a point-in-time restore for us.”
AuditOne’s IT team came up with a solution to run its own backups, but it was time-consuming, costly, and laborious. “We had to manually perform backups on the weekend, monitor them, and save to an encrypted portable drive,” Tsuei said. “We’d then have to physically transport that data to the office to secure it. Also, the process was so labor intensive, we could not perform the backup more than once a quarter.”
While Office 365 enabled AuditOne to work more efficiently from anywhere geographically, its IT team still saw room for improvement in proving compliance with regulatory policies. “Since most of our customers are financial institutions, we fall under the Federal Financial Institutions Examination Council (FFIEC) IT handbook and Gramm-Leach-Bliley Act (GLBA),” Tsuei said. “To show that we complied and controlled access to customer information, we had to manually check permissions for every library in SharePoint Online and enter the data into a spreadsheet to send to our information security officer. The process took more than 3 to 4 hours, so we could only spare the time to do it once per year.”
To solve its challenges in the Microsoft Cloud, AuditOne chose AvePoint Online Services (AOS), a fully-hosted Software-as-a-Service solution for Office 365 management. “AvePoint was the only provider we saw who had the backup and restore capability we wanted,” Tsuei said. “It was very easy to set up. Other solutions we tried took a long time to configure.”
With AvePoint Online Services, organizations can protect and quickly restore all content in Office 365 instances with granular content backup and recovery. AOS' backup and restore capabilities allow AuditOne to spend less time on SharePoint Online backups. “With AvePoint Online Services, we schedule automatic full backups quarterly and incremental backups daily,” Tsuei said. “We want to be sure we can retrieve any customer information from our knowledge base at any time. AOS lets us put more time into on supporting our users because we’re not spending so much time monitoring backup jobs.”
AvePoint Online Services also allows Tsuei to choose from multiple backup destination options – which the organization could not do with SharePoint Online out of the box. “AOS lets us back up data to our preferred storage location,” Tsuei said. “We feel more comfortable backing up content to something we control, so we store our backups to Azure. It’s a very cost-effective option for us.”
For added peace of mind, Tsuei also plans to use AvePoint Online Services to back up OneDrive for Business and incorporate a second backup storage destination. “Our employees are very heavy OneDrive users, consuming about 3.5 gigabytes of storage each,” Tsuei said. “We support up to 40 users in our environment per year. That adds up, so we want to restore that data if needed. We also plan to keep a second set of backups in Box in case we are not able to access Azure for any reason. We wanted the ability to back up files to multiple cloud platforms, and AvePoint was the only vendor who had the capability to do that.”
AuditOne’s IT team also benefits from AOS' administration capabilities. Specifically, Tsuei uses the Security Search feature to quickly understand which users have access to SharePoint Online content. “To demonstrate compliance with the FFIEC IT handbook and GLBA regulations, we need to show a report that breaks down our permissions structure at the library level,” Tsuei said. “With AvePoint Online Services, we just apply filters, run the search, and export the report. We can get the exact information we need in half an hour. Now, we can run the report more frequently and do more compliance checks to prove we’re controlling who has access to customer information.”
AvePoint Online Services lets AuditOne’s two-person IT team manage its SharePoint Online and OneDrive backups as it would on premises – without the hassle of managing local servers or security costs. It also allows IT to go beyond SharePoint Online’s native ability to review permissions. “AvePoint Online Services allows us to create a flexible backup schedule that works for us,” Tsuei said. “Now that we’re not spending so much time on backup, we can improve our processes and focus on efficiency. We also have assurance that we can restore content at the item level in less than 10 minutes and easily report on permissions for compliance purposes.”
AuditOne is the responsive leader in delivering cost-effective, risk-managed internal audit and credit review services to banks and financial institutions.
We wanted the ability to back up files to multiple cloud platforms, and AvePoint was the only one who had the capability to do that.