Restoring lost data is just a matter of a few clicks

Try SysCloud out with a FREE trial and discover how much faster, easier, and more flexible backups could be - for everyone in your organization. 

Start enjoying faster and easier backups, today

Protect Your Cloud Data, Now!

OneDrive for Business lacks comprehensive backup options, putting critical business data at risk of permanent loss.

No built-in backup: Microsoft’s shared responsibility model clarifies that data protection is the customer’s responsibility. Native features like Recycle Bin and version history are not true backups.

Manual backups are unreliable: Methods like external drives and OneDrive Sync are time-consuming, error-prone, and lack comprehensive recovery options.


SysCloud offers automated, continuous backups for OneDrive for Business, ensuring secure, hassle-free recovery of files, folders, and permissions—protecting against accidental deletions, ransomware attacks, and compliance risks.

This article explores the effective ways to back up SharePoint Online along with compelling reasons to have a backup in place for SharePoint.

Item title 1

Learn how admins can backup Google Drive using Google Vault, Google Takeout, Google Backup and Sync client, manual backup, and third-party cloud backup tools.

Item title 2

Learn how admins can recover permanently deleted Google Drive files using Google Vault, Google Takeout, Drive Trash, and third-party cloud backup tools.

Item title 3

Title

OneDrive for Business is a widely adopted collaboration and cloud storage platform that enables organizations to securely store, share, and manage files across teams. However, with increased adoption comes a higher risk of data loss—caused by accidental deletions, malicious insiders, ransomware attacks, or synchronization errors.

Microsoft follows a Shared Responsibility Model, meaning that while they ensure service availability, protecting data against loss is the customer’s responsibility. Their Services Agreement advises users to regularly back up their data—either manually or using third-party tools. Don’t take our word for it; here is an extract from their Services Agreement (Section 6.b):

We strive to keep the Services up and running; however, all online services suffer occasional disruptions and outages, and Microsoft is not liable for any disruption or loss you may suffer as a result. In the event of an outage, you may not be able to retrieve Your Content or Data that you’ve stored. We recommend that you regularly backup Your Content and Data that you store on the Services or store using Third-Party Apps and Services.

This article explores six different options to back up OneDrive for Business ranging from native tools to third-party backup solutions.

It is possible to manually back up OneDrive for Business files to a computer or external hard drive. This ensures you retain a secondary copy in case of accidental deletion, account issues, or security threats like ransomware.

Follow the below steps to back up your OneDrive files to an external drive or computer:

Step 1: Log in to your Microsoft 365 account and go to OneDrive. Select the files you need to back up. You can also select all the files by clicking on the toggle selection for all items.

Step 2: Click the Download button on the top menu, or use the three-dot menu beside each file or folder and select Download.

This will download the selected files to your device. You can then copy them to an external hard drive for safekeeping. Note that downloaded folders are usually compressed as ZIP files and may need to be extracted.

Time-consuming: Large volumes of data will take several hours or days to download. It is better to use an automated backup solution.

Human error: Since the process is done manually, there is a high possibility that you might forget to download new or updated files.

Device dependency: If the computer or external drive is lost, damaged, or stolen, the backup is lost as well.

Lack of restoration capabilities: In case of a data loss incident, restoring files is going to be a tedious process, since you will have to manually upload all the files to OneDrive.

No permission retention: Sharing settings and access permissions are not preserved when backing up this way.

The OneDrive Sync Client is a desktop application for Windows that allows you to sync OneDrive files to your local device and vice versa. It’s commonly used to:

Download OneDrive files to a local machine

Upload files from your device to OneDrive

While its main purpose is to streamline file access and collaboration, some users also treat it as a backup solution by creating a local copy of their OneDrive data. However, since the sync process mirrors deletions and changes across devices, it should not be considered a true backup method.

To set up OneDrive Sync Client, follow the below steps:

Step 1: Click on the Cloud icon on your desktop and click on Sign in to sign in to OneDrive with your Microsoft 365 credentials. Enter your Microsoft 365 email address and click Sign in.

Step 2: Select Next to accept the default folder location for your OneDrive files. If you want to change the folder location, select Change location – this is the best time to make this change.

Step 3: Click on NEXT until you finish the steps and click on the Open my OneDrive folder option.

Step 4: Once your files are synced, click on the OneDrive icon in your taskbar and click on the Settings option.

Step 5: Under Sync and backup, choose the required settings.

Step 6: In the Account tab, click on the Choose folders button to choose the folders for syncing with the local machine. Select the required folders and click OK.

All the selected OneDrive folders will be available on the desktop. However, the files will be in sync with OneDrive; any deletion in OneDrive will be reflected on the desktop, erasing the backed-up data. 

To create a backup, copy all the downloaded files to another folder on the desktop or to an external hard drive. 

Though the Desktop Sync Client can be used as a backup, relying on it completely could be risky, as local machines are prone to crashes or malware attacks. 

Infrequent backups: Since the process of taking the backup is manual, creating consistent and regular backups will become a challenge.

Limited storage: To manage your storage space, you will be forced to delete older files that are of less importance.

Data loss risk: Files deleted in OneDrive or locally are synced and removed from both.

Vulnerability to attacks: Local files can be corrupted by malware or lost due to hardware failures.

Unreliable for restoration: True backup features like point-in-time restore

Native Microsoft retention tools such as retention policies or labels and eDiscovery can be used to retain OneDrive data beyond the default OneDrive retention. Administrators can also use native retention tools to back up their organization’s OneDrive data.

A retention policy applies settings at the container level (e.g., an entire OneDrive account), making it suitable for uniformly retaining all files for a set duration. A retention label applies at the item level, offering control over individual files. For example:

Use a retention policy to keep all OneDrive data for 10 years.

Use retention labels to retain only select documents for 5 years.

 To learn more, read our guide: Microsoft 365 Retention Policy and Retention Label: A Complete Guide.

Note: Only global admins or compliance admins can create and configure retention policies.

Microsoft 365 E3/E5, A3/A5, G3/G5, Business Premium

Microsoft 365 F5 Compliance & Security add-ons (for advanced use cases)

SharePoint Plan 2 (for targeting OneDrive)

Adaptive policy scopes require additional compliance SKUs

To learn how to create and configure a retention policy, follow this guide:

Learn how to create a retention policy in Microsoft 365

Retained files are stored in the Preservation Hold Library, which counts against your SharePoint storage quota.

Storage limit: 1TB + 10GB per licensed user

Additional storage cost: $200/month per TB
To optimize storage and reduce administrative overhead, consider a third-party backup solution like SysCloud.

Note:  To create and configure retention labels, you must be a global administrator or compliance administrator.

To create retention labels, the following licenses provide user rights:

Microsoft 365 E5/A5/G5/E3/A3/G3/F3/F1/Business Premium

Microsoft 365 E5/A5/G5/F5 Compliance and F5 Security & Compliance

Microsoft 365 E5/A5/F5/G5 Information Protection and Governance

Triggering disposition review after retention ends

Marking items as records or regulatory records

Automatically changing retention labels after expiration

F5 Compliance or Information Governance add-ons

To publish retention labels, the following licenses apply:

All licenses listed under creation, plus: SharePoint Online Plan 1 SharePoint Online Plan 2 (if publishing to OneDrive)

Auto-applying labels to content with sensitive data or specific keywords

Default labels in SharePoint libraries or folders

Microsoft 365 F5 Compliance or F5 Information Governance

For a full breakdown, refer to Microsoft’s official licensing guidance.

 To learn how to create and configure a retention label, follow this guide:
How to Create a Microsoft 365 Retention Label – Complete Guide

Once a label is created, don’t forget to publish it using a label policy—otherwise it won’t be applied to OneDrive content.

Consumes storage quota: All retained data counts toward your Microsoft 365 storage. If you delete data to reduce usage, it cannot be restored later.

No incremental versioning: Microsoft stores full versions of modified or deleted data, increasing storage consumption.

No automated recovery: Unlike third-party cloud backup tools, native retention methods lack automated recovery features.

Ransomware vulnerability: If a OneDrive account is encrypted in an attack, retained data is also encrypted.

Deleted users’ data is lost: Microsoft does not retain data from deleted user accounts unless the licenses are maintained and paid for.

No cross-user restore: Admins cannot restore data from one user’s account to another. Manual export/import is the only option.

No version history: Retention policies only preserve the latest version of a file. Previous versions are not retained.

Limited to expensive plans: Retention and legal hold features are only available in E3/E5 plans, not in Microsoft 365 Business licenses.

eDiscovery (electronic discovery) in Microsoft 365 is a tool used to search, preserve, and export data across services like Exchange Online, OneDrive for Business, SharePoint Online, Microsoft Teams, Microsoft 365 Groups, and Yammer.

It is primarily designed for compliance, legal holds, and investigations, but it can also be repurposed as a workaround for backing up OneDrive for Business data—by placing user content on hold and exporting it for safekeeping.

 While eDiscovery preserves content, it does not provide point-in-time recovery, version control, or automated backup scheduling features essential in true backup systems.

Note: To create an eDiscovery hold, you must be a global administrator or compliance administrator with the appropriate licensing.

eDiscovery (Standard): Included in Microsoft 365 E3/E5/A3/G3 plans, Business Premium (Exchange only), and SharePoint Plan 2.

eDiscovery (Premium): Available only with Microsoft 365 E5/F5 Compliance add-ons or equivalent Enterprise licenses.

 See Microsoft’s official licensing requirements

To learn how to create an eDiscovery hold for OneDrive, follow this Microsoft guide:
How to create an eDiscovery hold in Microsoft 365

eDiscovery is only available in Microsoft 365 Enterprise plans (E3/E5), which cost $32–$57 per user/month. If you want to reduce licensing costs while still ensuring reliable backups, consider a third-party cloud backup solution like SysCloud.

High licensing cost: Only available in Enterprise (E3/E5) plans, which are more expensive than Business plans.

No ransomware protection: Data under legal hold will still be encrypted if the user account is compromised.

No space optimization: You cannot delete held data—even if it's no longer useful—which causes excessive storage use over time.

No versioning: Only the most recent version of a document is preserved.

Data tied to licenses: Data from deleted users is lost unless their licenses are maintained.

No cross-user restore: Data can't be restored to another user's account without manual export and import.

Manual recovery only: Data must be manually retrieved and re-uploaded—slow and inefficient.

SysCloud's cross-user restore feature allows you to restore OneDrive data directly to another user’s account—saving hours of manual work, especially when handling employee offboarding.

The OneDrive for Business API consists of a series of REST-based endpoints that developers can utilize to build applications that interact with OneDrive for Business. This API allows you to access, manage, and manipulate files and folders stored in OneDrive for Business programmatically. By leveraging this API, you can create custom backup solutions tailored to your organization's specific needs. 

Administrator access to your organization's Azure Active Directory (Azure AD) 

Familiarity with programming languages such as Python, JavaScript, or C# 

To use the OneDrive for Business API, you first need to register your application with Azure AD. This process grants your application the required permissions to access your organization's OneDrive for Business data.  

To register your application with Azure AD, follow the below steps: 

Step 1:  Sign into the Azure portal: https://portal.azure.com/

Step 2: Navigate to Azure Active Directory > App registrations. 

Step 3: Click New registration and fill in the required details, including the application name and redirect URI. 

Step 4: Under Supported account types, select Accounts in this organizational directory only.

Step 5: Once the registration is complete, note the Application (client) ID and Directory (tenant) ID for future use.

After registering your application, you need to configure the API permissions to access OneDrive for Business. To configure the API permissions to access OneDrive for Business, follow the below steps:

Step 1: In the Azure portal, navigate to App registrations and select your registered application.

Step 2: Click API permissions > Add a permission.

Step 3: Choose Microsoft Graph> Delegated permissions. 

Step 4: Add the following permissions: "Files.Read.All" and "Files.ReadWrite.All." 

Step 5: Click Add permissions to save your changes.

To make API calls, your application will need an access token. This token is used to authenticate and authorize your application to access the OneDrive for Business API.  

To obtain an access token, follow the below steps: 

Step 1: Set up an OAuth 2.0 authorization flow to obtain an authorization code. 

Step 2: Exchange the authorization code for an access token by making a POST request to the Azure AD token endpoint. You'll need the client ID, tenant ID, and client secret obtained during app registration.

With the access token in hand, you can now interact with OneDrive for Business API to create a custom backup solution. Follow the below steps:

Step 1: Retrieve a list of all files and folders stored in your organization's OneDrive for Business by making a GET request to the following endpoint: https://graph.microsoft.com/v1.0/me/drive/root/children

Step 2: Loop through the list and download each file using the API's download endpoint: https://graph.microsoft.com/v1.0/me/drive/items/{item-id}/content 

Step 3: Store the downloaded files in your chosen backup destination, such as a separate cloud storage service, a local server, or an off-site data center. 

Step 4: Maintain the original folder structure and metadata, including file versions and timestamps, during the backup process to ensure data integrity and easy restoration. 

Step 5: Implement error handling to manage cases where a file download or upload fails. This will involve logging the error and retrying as required. 

Step 6: Schedule the backup process to run periodically, either through a cron job or a task scheduler, depending on your platform. This ensures that your organization's data is continuously backed up and protected.

Step 7: Implement a notification system to inform administrators about backup successes, failures, or other issues that may arise during the process.

In the event of data loss or corruption, your custom backup solution should provide an efficient way to restore your OneDrive for Business data. Follow the below steps:

Step 1: Identify the files and folders that need to be restored from your backup storage.

Step 2:  Use the OneDrive for Business API to create or select the target folder for restored files: https://graph.microsoft.com/v1.0/me/drive/root/children 

Step 3:  Upload the backed-up files to the appropriate folders in your organization's OneDrive for Business using the API's upload endpoint: https://graph.microsoft.com/v1.0/me/drive/items/{parent-item-id}/children 

Step 4: Restore metadata, such as file versions and timestamps, to ensure data integrity.

Step 5: Verify that the restored files are accessible and functioning as expected.

API rate limits: Microsoft imposes rate limits on API requests to prevent abuse and ensure fair usage. This may slow down your backup process, especially for large organizations with massive amounts of data.

Handling large files: The OneDrive API supports uploading and downloading large files, but it requires using specific methods (like creating upload sessions) that may add complexity to your backup solution.

Complex setup: Implementing a custom OneDrive API backup solution requires good understanding of the API and OAuth 2.0 authentication, and coding expertise, making it unsuitable for organizations lacking dedicated developers.

Maintenance: A custom backup solution built on the OneDrive API will require ongoing maintenance to address changes in the API, handle new features, and fix potential bugs.

Backup storage: Managing and securing the backup storage location may involve additional cost.

Manual restoration: In case of data loss or corruption, you may need to manually restore the files from the backup, which can be time-consuming and prone to errors.

Note: These limitations may vary depending on your organization's specific needs and the complexity of your custom backup solution.

Unlike the native Microsoft retention tools that are not designed for backup and restore, third-party cloud backup applications like SysCloud serve this purpose better.  

Using a cloud backup application to secure your OneDrive for Business data comes with its own set of advantages:

Effortless backup: Users can take customized backups to effortlessly backup whatever that’s necessary.

Incremental backup: No duplication of backup data; after the initial backup, only newly added data and modified data are backed up.

Automatic/scheduled backup: Take regular backups at a set frequency, so that you don’t miss out any important files.

Easy data retrieval: Even if an account is permanently deleted, a specific user’s data will be available in the backup application and can be restored easily in just a few clicks.

Better storage space management: Set retention periods and extensions to avoid backing up unnecessary files.

Regular activity reports: Get granular reports of all the activities in the backup account.

SysCloud is a leading third-party cloud backup application that offers a fully automated backup and restore solution for all Microsoft 365 apps, including OneDrive. 

Using SysCloud, businesses can easily back up OneDrive data for all their domains and restore it in just a few clicks. 

Follow the steps below to set up OneDrive for Business backup for your organization using the SysCloud backup application: 

Step 1: Log in to your SysCloud backup account. 

Step 2: Navigate to Jobs on the top menu and click Create new backup job.

Step 3: Name the backup job and give a description (if required). Click Next. 

Step 4: To connect your Microsoft 365 account to SysCloud, navigate to Microsoft Office 365 and click Connect.

Step 5: Review the apps to be backed up, limitations and permissions required, and click Connect and add accounts.

Step 6: Log in to your Microsoft account in the pop-up box. Read the permissions required and click Accept.

Step 8: You will have to define the scope of your backup job. For this, click Select under Scope. You can select the entities to back up from the Entities column. Here, you can select the domains, groups, and users to include in the backup job. Simply navigate to the desired tab and click the checkbox next to the domain, user, or group. 

Actionable insights, best practices and tips for IT admins to protect SaaS data.

Explore SaaS 
data protection center

Get expert insights on SaaS data and security

How to Backup OneDrive for Business: A Complete Guide for Admins

I acknowledge cookies need to be deleted from my browser to remove tracking.

Ensure complete tracking removal by deleting cookies from your browser. Click here to learn how.

These cookies are set through our site by a range of third-party social media services that we have added to the site to enable you to share our content with your friends and networks. These cookies are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies, you may not be able to use or see the social media sharing tools.

These cookies are necessary for the website to function and allow us to count visits and traffic sources so we can measure and improve the performance of our site. The cookies may be set by us or third-party providers in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. All information these cookies collect is aggregated and therefore anonymous.

This website uses cookies. We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.Learn more about how we process personal data in our  Privacy Policy.

These cookies are set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They are based on uniquely identifying your browser and internet device. If you disable these cookies, you will experience fewer or no targeted advertising. You may still see advertisements.

How to Backup OneDrive for Business: A Complete Guide for Admins

1. Backup OneDrive to external drive

1.1. How to backup OneDrive to external drive

1.2. Limitations of OneDrive backup to an external drive

2. Backup OneDrive for Business using OneDrive Sync Client

2.1. How to set up OneDrive Sync Client

2.2. Limitations of OneDrive backup using Sync Client

3. Backup OneDrive for Business using native Microsoft 365 retention tools

3.1. How to backup OneDrive for Business using Microsoft 365 retention policy and retention labels

3.1.1. How to create a retention policy for OneDrive for Business

3.1.2. How to create a retention label for OneDrive for Business

3.1.4. Limitations of using retention policies and labels as a OneDrive backup solution

3.2. How to backup OneDrive for Business using Microsoft eDiscovery

3.2.1. How to create an eDiscovery hold for OneDrive for Business

3.2.2. Limitations of OneDrive backup using eDiscovery

4. Backup OneDrive for Business Using OneDrive for Business API

4.1.1. Registering Your Application with Azure Active Directory

4.1.2. Configuring API Permissions

4.1.3. Acquiring an Access Token

4.1.4. Creating a Custom Backup Solution

4.1.5. Restoring Backed Up Data

4.2. Limitations of OneDrive backup using OneDrive API

5. Backup OneDrive for Business using third-party cloud backup tools

5.1. Why should you use third-party cloud backup software for OneDrive backup?

5.2. SysCloud backup for Microsoft 365

5.2.1. How to backup OneDrive for Business using SysCloud

Frequently asked questions on OneDrive backup