A lot of people look at SaaS apps like Intune and assume that backups aren’t required as that’s being managed by Microsoft. Whilst that’s technically true for any major outages, there are many situations where you are going to need a separate backup of your policies.
Why do I need it?
In certain organizations, backups are a requirement as part of the Digital Operational Resilience Act (DORA), but even if this does not apply to you, most cyber insurance policies require backups and whilst they may not specify Intune and Entra, is that a risk you really want to take?
Ignoring the regulatory requirements, there are many situations where you as an organisation will be safer with backups:
- Disgruntled employees – All it takes is one upset employee with administrative rights to destroy your environment. Imagine your machines suddenly becoming unmanaged, unencrypted, or worse still, locked out. Without a backup, you are relying on updated documentation and knowledge of what was configured. Even if that is in great shape, re-configuring your policies is not a quick task, you’re looking best case at a few days of downtime, how much is this costing your business?
- Simple user error – Whilst Intune has multi-admin approval, it’s only for scripts and apps so anyone with Intune Administrator permissions can change a policy without any second opinions. It is so easy to set the wrong setting, assign the wrong policy and suddenly your helpdesk calls are spiking, complaints are coming in fast and you have to work out what was changed and how to reverse it. This is just for Intune, can you imagine if it is Conditional Access policies which have been changed and you have either completely opened your tenant, or locked it down so no-one can get in (potentially including you if configuring break-glass accounts is still on your to-do list).
- Bad actors – Ransomware in increasing constantly and no organizations are immune from being targeted. We have all heard of the stories of servers and data being encrypted, but what if the bad actor accesses Intune instead? Would you notice if a new Platform Script was deployed to your devices which is secretly harvesting data? If it is running silently on devices, unless you are clicking through the portal daily, chances are it could be a while before you notice it and by then the damage is done.
These are just a few examples which could happen to anyone and there is little to no native functionality to help (yes, technically you can export Settings Catalog, but that doesn’t help with everything else)
What options do I have?
Fortunately we have created a brand new SaaS app to help with just this, Tenant Manager.
Alongside daily backup of your Intune and Entra tenant settings (with more M365 to come), it will also monitor changes to your tenant so you can quickly see when something has changed and take action.
If worst case scenario happens, login, select your backup and restore everything, you’ll be back up and running in minutes.
Not only that, but as it uses an Enterprise Application, should you accidentally break a Conditional Access policy, with our upcoming policy management features, you will be able to quickly delete and restore the working version.
As if that is not enough, we have a very exciting roadmap and we welcome your thoughts on what we have and what we should consider, we want to build this to meet your needs: https://roadmap.tenantmanager.com/
Best of all, we feel everyone should be backing up their configuration so have made it as affordable as possible with public pricing on our website (https://tenantmanager.com) and a 14 free trial so you can test it yourself.
