Office 365 Groups can be a very powerful collaboration feature that lets users choose a set of people that they wish to collaborate with, and easily set up a collection of resources for those people to share, such as an Exchange Online shared mailbox and calendar, SharePoint Online team sites and file shares, OneNote notebook, and more!
By default, anyone in your organization can create Office 365 Groups. There’s a good side and bad side with that.
The good side? It’s easy for end users to leverage Office 365 as a business enablement tool. Users don’t have to worry about granting permissions manually to every user for every application. Adding members to the group automatically gives them the permissions they need to the tools your group provides.
The bad? Office 365 Groups can become a security risk because there are so few IT controls. Group administration functions are all over the place in the Microsoft portals, or they require PowerShell expertise.
What about Office 365 Groups recovery?
Chances are, at some point, you will be in a scenario where an Office 365 Group and all of its associated data is gone. Mistakes happen. It could where a business user deletes his or her group by accident. Or maybe there were multiple deletions at once due to a faulty patch or script.
Well, the Recycle Bin keeps Office 365 Groups for 30 days. You can go to PowerShell or the Exchange admin center to restore the groups. But, you can’t restore individual attributes or security groups.
And here's another scenario. If a malicious user clears the membership and then deletes the group, the restore of the group will just have the membership as of the time of delete. In this example, there is no way to get the membership back natively. You would need to know which users were deleted, but there is no Azure AD change log or comparison report to help you determine which Azure AD objects have been changed or deleted.
Luckily, we just pushed a new Office 365 Groups restore feature to our SaaS-based cloud backup and recovery tool, On Demand Recovery for Azure Active Directory. From a single console, you can quickly identify deleted groups and restore them and all associated content including:
- Azure Active Directory (AD) Office 365 Groups objects, properties and members
- Group SMTP addresses
- Exchange Online shared inbox and calendar
- SharePoint Online team site and files
- OneNote notebook
If you have a connected Microsoft Team or Office 365 Connected Yammer group, On Demand Recovery for Azure AD will restore that related content as well.
A big advantage using On Demand Recovery for Azure AD is its difference reporting between backups and live Azure AD that makes it easy to see what’s changed and select and restore exactly the changes you want.
I invite you to try out this new feature today with a free trial.