More configuration options in CubeBackup for Microsoft 365
Settings for a specific organization
The settings in this section only take effect on the current organization.
Apps to back up
By default, CubeBackup will back up all supported Microsoft 365 applications in your organization, including Outlook Mail, Calendar, People, OneDrive and SharePoint. You may exclude any applications that you don’t want in the backup set by clicking on the toggle button beside the application, then selecting Update apps settings.
Data retention policy
Preserve all versions: By default, CubeBackup will keep snapshots of each application using the following built-in rules.
- Keep one snapshot for each hour over the last 24 hours.
- Keep one snapshot for each day over the last 30 days.
- Keep one snapshot for each week over the last 2 years.
- Keep one snapshot per year after two years.
Number of days for historical versions to be preserved: Alternatively, you may set the retention period for historical backups. For example, if the retention period is set to 30 days:
- All snapshots older than 30 days will be permanently removed from the backup set and no longer displayed in the CubeBackup web console.
- Any backup data which was deleted in Microsoft 365 more than 30 days ago will also be removed from the backups.
Automatically enable backups for new users/sites
By default, CubeBackup automatically includes all new users/sites in the backup list to help reduce the workload for CubeBackup administrators. If you’d like to manually control the backup for new users, please uncheck the box in front of Automatically enable backups for new users/sites.
By default, CubeBackup will try to back up your Microsoft 365 data once an hour. You can change the backup interval in the SETTINGS under the System tab. In most cases, there is no need to change this setting - one hour is reasonable for most Microsoft 365 organizations.
- 1 hour is the smallest interval CubeBackup will allow.
- For each organization, new backups will not begin until the previous backup has finished; however, multiple organizations can run in parallel and will not affect each other’s backup interval.
- There is no way to set the exact time for the start of the next backup. If you are concerned about the network bandwidth consumption used by the backup process during office hours, please use the included throttling tools in CubeBackup.
Backups for an entire Microsoft 365 organization can be quite large, and the backup process can consume considerable network bandwidth. CubeBackup allows you to flexibly control network throttling by setting speed limits for work hours and non-work hours independently. Both work days and work hours can be defined to meet your company’s unique needs.
- The throttling settings are based on the time on your CubeBackup server. If the server time is in a different time zone, please sync the time or manually change the time zone before updating the throttling settings.
- For CubeBackup running on a cloud server, CubeBackup will never consume the bandwidth in your local network so there is no need to enable the throttling settings.
As an administrator, you may not want to constantly sign in to the CubeBackup web console to check the status of the backup service. CubeBackup can send you monthly, weekly, or even daily email reports of backup status, progress, space used and much more.
For convenience, CubeBackup will send the email reports to recipients from email@example.com by default. The reports are generated locally by your backup server, and sent to the specific recipients using Mailgun’s mail service. All details and statistical data remain private.
If required by your company, you can also select Custom SMTP server from the dropdown list, fill out the information and set up your own mail server for CubeBackup reports.
Change login password
You can change the password of the CubeBackup administrator in this section.
Under the System tab of the SETTINGS page, enter your old password, new password and confirm it.
Note: A CubeBackup administrator account is only used to access the CubeBackup web console and has no relationship with your Microsoft 365 accounts.
Manage multiple organizations
CubeBackup allows you to add multiple organizations and manage them in one place. You can switch between different organizations or + add organization from the drop-down list in the top-right corner of the web console.
In the Add organization dialog, follow these instructions to register and authorize your Azure AD application to access data in your organization. Then you can select the users and SharePoint sites to back up.
Access the console from the Internet
If you would like to access the CubeBackup server from an office network or the Internet, please make sure to allow unrestricted access to HTTP(80) and HTTPS(443) ports on your server.
For a cloud instance,
1. Log into the AWS console and go to the detail page of the CubeBackup instance.
2. In the Security tab, click the link under Security groups -> Edit inbound rules.
3. Now you can Add rule on the left bottom. Select “HTTP” in the Type dropdown list and “Anywhere-IPv4” in the Source dropdown list.
4. Add another rule and select “Anywhere-IPv6” in the Source dropdown list.
5. Repeat steps 1-4 for “HTTPS”.
6. Click Save rules at the bottom.
On Microsoft Azure:
1. Log into the Microsoft Azure portal and go to the detail page of the virtual machine on which CubeBackup is running.
2. Open Networking in the Settings section and Add inbound port rule.
3. You can select “HTTP” in the Service dropdown list and leave all the others as default. Click Add at the bottom.
4. Repeat steps 1~3 for “HTTPS”. If necessary, you may need to use a new name for this rule.
On Google Cloud:
1. Log into the Google Cloud Platform and go to the detail page of the VM instance on which CubeBackup is running.
2. In the Firewalls section, click EDIT and check the box in front of “Allow HTTP traffic” and “Allow HTTPS traffic”.
3. Save the changes at the bottom.
For a Windows instance, you need to set up the inbound rules twice on both the cloud platform and the server. Here are the instructions:
- Log into the Windows server using RDP.
- Open Network & Internet section in the Settings.
- Then find Windows Firewall -> Advanced settings -> Inbound Rules.
- Now you can add New rule… -> select Port -> TCP -> input 80,443 in the Special local ports.
- Keep all the other options as default and Name the rule, then click Finish.
Now you will be able to access the CubeBackup console directly through the IP address from the office network or the Internet. If needed, you can also assign a domain name and enable HTTPS/TLS for the console.
Secure the encryption key file
By default, the backup data will be encrypted as long as you leave the Encrypt backups setting checked during the initial configuration. The encryption key file is generated during the configuration and is stored on your server.
On Linux, the encryption key file is stored as /opt/cubebackup365/data/keys.json by default.
On Windows, the encryption key file is stored as C:\Program Files\CubeBackup365\data\keys.json by default.
The encryption key file is very important for data backup and restoration. If it is lost, all backup data will become useless. We strongly recommend that you make a copy of the key file and store it in a safe place. CubeBackup Inc. does not have access to any key files and cannot help you if the encryption key file is lost.