Veeam Backup for Office 365 is an awesome product with a lot of possibilities and features. Just like Active Directory, it is a product that you can typically ‘next, next, finish’-install in about 10 minutes.
However, is that the best approach to implementing Veeam Backup for Office 365? Here’s my list of five things I wish I knew before ‘Next-Next-Finish’-ing my first Veeam Backup for Office 365 v4 installation roughly six months ago:
Office 365 Sizer Tool
There is an awesome web-based tool by Veeam’s Senior Solution Architect Hal Yaman. The Microsoft Office 365 Backup Sizing tool, version 2 is a very efficient tool on how to estimate the storage requirements for Veeam Backup for Office 365. It takes all the guess work out of storage. I highly recommend it.
In recent months, Veeam is recommending to run Veeam Backup and Replication (VBR) on non-domain-joined boxes to make backups more resilient to ransomware attacks. However, you need to install Veeam Backup for Office 365 on a domain-joined box.
Modern Authentication is the way to go
The Security Defaults are in full swing for Azure AD tenants created after March 16th, 2020. Many other organizations using Azure AD without Azure AD Premium functionality are adopting the Security Defaults. Security Defaults are good from an information security point of view, as they require multi-factor authentication for privileged roles.
The Veeam Backup for Office 365 service account holds two highly-coveted privileged roles -Exchange Administrator and SharePoint Administrator- that both require multi-factor authentication.
Veeam Backup for Microsoft Office 365 offers a complete multi-factor authentication-proof installation. Here’s how to configure Veeam Backup for Microsoft Office 365 with Modern Authentication.
Admins with some experience with setting up Veeam products know the first-run experiences. They offer great value if you need default settings.
When you first start Veeam Backup for Office 365, it offers a default schedule and a default repository with a default retention period. If one year of retention on a local disk is your preferred way to go, then you’d be done.
But are these the right settings for your repository? If not, than the consequence is that you’ll need to create a new repository, increasing the amount of storage needed for Office 365 backups on-premises to meet your goals in terms of retention and restore.
Offload to Object Storage is only available for new repositories
Many of the organizations I help have onboarded to Veeam Backup for Office 365 when it was version 1.5. We’ve been in-place upgrading these installations for years and have been able to take advantage of new and expanded features without a hitch.
However, the new option to offload Veeam Backup for Office 365’s backup repository to object storage, like Amazon S3 and Azure Storage, is not so easy to onboard; existing backup repositories can’t be transformed into offloaded repositories. The only right thing to do is to make a second (offloaded) repository and backup into that repository until the retention policy is reached for the objects in the original repository.
I believe in a growth mindset. I believe that I should be ashamed of how I was doing things two years ago. This is how I learn. How I grow. How I heal. The other side of my approach is that I revisit old designs and approaches and thinking to myself: “I wish I knew then, what I know now…”. That’s perfect for sharing in blogposts like this one.