There are all kinds of data that is handled and stored by Microsoft 365 (formerly Office 365) products from emails, files & documents, SharePoint lists and sites’ content, MS Teams’ conversations and MS Stream’s videos.
So, where / how do these Microsoft 365 (formerly Office 365) products (Outlook-Exchange Online / SharePoint Online / OneDrive for Business (OD4B) / Teams / Stream / Yammer…) Store Files/Data?
Microsoft 365 (formerly Office 365) safely encrypts and stores customers’ data on Azure Storage in one of Microsoft’s data centers in the region that is mentioned in the tenant’s organization profile (in the admin center, a global admin account is needed for this): Admin Center > Settings > Organization Profile > Data Location > View Details, although a copy of some of it is stored locally on the customer’s device. Below a table that summarizes how each O365 product actually handles the storage of each content/data type:
|Product||Content / Data Type||Storage Location (Summary)|
|Mail (Outlook / Exchange)||– Emails|
– Attachment files
|All data is stored in the Bit-locker-encrypted Azure storage associated w/ the exchange online server under .edb files (server side), and a portion of it is generated in .pst & .ost files on the client’s device.|
|OneDrive for Business||– Files / documents|
|All folders, files & documents, plus all metadata are encrypted & stored in a SharePoint-style content database (on Azure SQL storage) in the appropriate data center. And you get a copy of the synced files on your file system.|
|SharePoint||– Files / documents|
– List items
– Site contents
|All of it is encrypted & stored in the SharePoint content databases (on Azure SQL storage) in the appropriate data center.|
|Teams||– Conversations 1:1 or in a Channel|
– Shared files in a 1:1 conversation
– Shared files in channels
– Mail to an O365 group
|Teams uses specific Azure blob, SQL table, and queue storage (collectively referred to as the Teams substrate). Files are stored in SharePoint and OD4B, and meeting recordings are stored in Stream, all of which in turn use Azure storage. To support eDiscovery, copies of conversations and chat messages are copied to Exchange Online, which also uses Azure storage. (For more details, see “MS Teams” Paragraph down below…).|
|Videos uploaded to Stream (along with their metadata) are stored within the Stream service itself which is an Azure based service on top of Azure SQL, Blob, and Azure Media Services.|
|Yammer||– Posts / Comments / Likes|
– Shared files
|Yammer groups use SharePoint to store the files and documents uploaded to them (since July 2019), meaning the files & their metadata ends up in a SharePoint content database, on Azure SQL storage. The rest of the data (posts, comments…etc) ends up on Yammer’s own cloud storage.|
Microsoft 365 Products’ Data storage in Detail:
When you set up your email account in Outlook, a local copy of your information (profile settings + mailbox content & metadata) is stored on your computer. This is to allow you access to your previously downloaded or synchronized email messages, calendar information, contacts, and tasks without an internet connection.
Certain types of accounts, such as POP accounts, store their information in Outlook Data Files (.pst files). Outlook 365 accounts, Exchange accounts, IMAP accounts, and Outlook.com accounts store their information in Offline Outlook Data Files (.ost files), Although you still export your data in this case in .pst files for backup or to import it elsewhere (.ost files data can’t be imported or backed up).
There is another type of files .nst (Outlook Group Storage File), used only when you access a group in your outlook, and just like .ost files, .nst files are constantly being synchronized with the mail server, so there is no need to back them up or import them (if you are setting up a new installation of outlook on a new computer). For more details, visit Microsoft’s own documentation.
On the server side however, Exchange Online (the mail server) uses an Exchange Database file (an .edb file) to store all data related to your accounts.
SharePoint Online uses multiple SQL databases (called content databases), to store customers’ data (sites content, list item, files and document, in addition to metadata) on Azure Storage in a safe and encrypted manner.
When you upload a file to SharePoint, that file gets disassembled and stored across different tables of the content databases mentioned earlier in an application code.
So basically, the program stores data as an abstracted code that is encrypted and broken down to be stored in various storage devices in the data center. All that data is mirrored / backed up in at least one other data center (mostly within the same region) to ensure the high availability / recover-ability in case of a disaster or in case you request its restoration after an accidental deletion of content on your part (but before the recovery period ends, more on that subject here).
OneDrive for Business
OD4B uses SharePoint Online behind the scenes on the server side to handle file and document storage. So, your data exists on SharePoint content databases as described in the previous paragraph, in addition to the OneDrive Folder on your local machine that contains the synced files.
Microsoft built an entirely new Azure Service to handle MS Stream functionality & data. That service stores the videos and their metadata using a variety of Azure SQL tables, Blobs and Azure media services.
Yammer’s connected groups use SharePoint to store the shared files and documents (since July 2019), meaning that they end up in SharePoint’s content databases as described in the SharePoint Online paragraph above.
As of the writing of this article, Yammer continues to use its own cloud services for storing the rest of its data (other than files shared in connected groups as stated earlier).
I left MS Teams for last, since the way it handles the storage of customers’ data is a bit more complicated than the previous ones, because as you may have noticed, Teams is heavily integrated with many of the other products.
So, there are some items (such as chat conversations and images shared during those conversations…) where MS Teams uses specific Azure blob, SQL tables, and queue storage (collectively known as the MS Teams Substrate).
As for the other items: the files are stored in SharePoint and OD4B, and meeting recordings are stored in MS Stream, all of which in turn use Azure storage. To support eDiscovery, copies of conversations and chat messages are copied to Exchange Online, which also uses Azure storage.
The table below provides a full picture of how the storage of each item is handled (credits to this article for this table):
Security & Data Residency in Microsoft 365
Any tech giant delivering public cloud services on a large scale (and Microsoft is right there at the top with Amazon), can make investments in security on behalf of many customers, and as a result, can provide higher levels of service & security than any one customer could ever do on their own.
As to large multinational corporations, It is impossible for Microsoft 365 to guarantee data residency in every country that your corporation operates in (at least not at the moment of writing this article). So, unless data residency in your case is mandatory due to regulation or to a binding client contract, the case can be made that your data would actually be better managed and more secure on Microsoft 365 (formerly Office 365) and on Microsoft’s cloud storage.