Customer stories

The challenge

The attack exploited a compromised admin account to delete SharePoint and OneDrive version history before encrypting files. By the time IT discovered the breach, the native recycle bin had been purged. The firm faced either paying a ransom exceeding $500,000 or losing years of case files, contracts, and client communications.

The solution

MicroBackups' immutable WORM storage meant the attacker's deletion of native backups had no effect on the firm's MicroBackups snapshots. The IT team used the point-in-time restore feature to identify a clean snapshot from 72 hours before the detected infection. Using MicroBackups' parallel processing, the full 400GB was restored in under 2 hours.

The results

• 400GB restored in under 2 hours
• Zero ransom paid
• Clean snapshot from 72 hours prior preserved
• Full file metadata and permissions intact
• No data permanently lost

The challenge

Their compliance team identified that Google Workspace's native backup capabilities did not meet HIPAA's requirements for ePHI protection: no BAA for backup, limited retention, no audit trail for data access, and no immutable storage to prevent data tampering.

The solution

MicroBackups signed a Business Associate Agreement (BAA) with the company. Data residency was configured to the US region. Granular audit logs were enabled for all backup access and restore operations. Immutable storage was activated for all ePHI-containing workloads.

The results

• BAA signed within 24 hours of request
• HIPAA audit passed without findings
• Full audit trail for all data access
• ePHI stored with AES-256 encryption
• Data residency confirmed to US region

The challenge

The contractor had been granted Shared Drive manager permissions for their final week of handover. During a bulk cleanup, they deleted the wrong drive entirely. Google's native 30-day trash retention was the only safety net — and that window was almost exhausted, with other recent deletions making it unclear which files had been properly archived.

The solution

The agency used MicroBackups' full-text search to identify the exact state of the Shared Drive from a snapshot taken the previous evening — before the deletion occurred. The entire drive was restored to its original location using MicroBackups' cross-location restore feature, preserving all folder structures, document IDs, and sharing permissions.

The results

• 80GB of creative assets fully restored
• Restoration complete in 45 minutes
• All folder structures and permissions intact
• Google Doc IDs preserved — no broken links
• Client deliverables unaffected

The challenge

Their existing backup vendor could only store data in the US, creating a GDPR violation for their EU operations. Additionally, the vendor could not provide a SOC 2 Type II report, which was required for their own SOC 2 audit.

The solution

MicroBackups configured separate storage regions for US and EU data within a single multi-tenant dashboard. US cardholder data was stored in the US region (PCI DSS compliant). EU customer data was routed to the EU region (GDPR compliant). MicroBackups provided their SOC 2 Type II report and PCI DSS certification documentation for inclusion in the firm's own audit.

The results

• Separate US and EU storage regions configured
• GDPR DPA signed for EU data
• PCI DSS compliance documentation provided
• SOC 2 Type II report provided under NDA
• Passed own SOC 2 audit with no backup-related findings