This blog post is the final one in a series of four about using NetApp® Cloud Control and its benefits to you. In this part of the series, we discuss protecting unprotected data and mailbox/OneDrive and site collections.


When setting up Cloud Control for the first time, by default all the mailboxes, OneDrive accounts, and site collections are placed in an unprotected group. Based on requirements, they can be categorized as tier 1, tier 2, or tier 3 to meet the required recovery point objectives (RPOs) and to make sure the data is protected if required for compliance and business continuity purposes. The rest of the users or sites can be left in the default unprotected tier (if no backup is required for that).

How Does Cloud Control Do This?

Cloud Control provides the ability to tier users based on service-level agreement (SLA) requirements (frequency and granularity of the backups), thus providing on-premises-like look and feel and the ability to group users to achieve the required RPO and retention parameters. Depending on the RPO and SLA, the administrator can move the mailbox/OneDrive account or site collection from an unprotected state to one of the Cloud Control backup policy tiers for it to be scheduled for backup using available filtering and rules options.

Predefined Tiers

Cloud Control has three predefined tiers of backup policies. These policy tiers vary in backup frequency and data retention period, depending upon whether you are using storage provided by Cloud Control or bring your own storage (BYOS). Table 1 describes data retention policies.

Table 1) Data retention policies.

After the users/OneDrive accounts/sites are moved to a specific tier, the appropriate predefined policy is enabled that has the RPO, retention, and backup schedules for automated backups. The backups are performed using the appropriate APIs at the mailbox level or the site collection level. The initial backup is a full backup. From that point onward, Cloud Control performs incremental backup forever (only sends new/changed data). This results in significant bandwidth savings. Apart from automated backups, tenant administrators can also invoke spontaneous backups by selecting the “Backup Now” option. 


Note that you can move data between the three policies, but you cannot create new policies or change the parameters of the predefined tiers.


Note: Soon Cloud Control will enable unlimited storage for storage provided by Cloud Control.


To group the user/Mysites/site collection data, the administrator needs to follow these steps:

  • From the dashboard, select the service containing the unprotected data.

  • Click View next to the number of unprotected mailboxes, MySites, or sites. Depending on the service type, a pop-up is displayed as follows.

For Exchange Online:

For OneDrive for Business:

For SharePoint Online:

Here is an example screenshot of Exchange Online:

  • Now select the items that you want to protect by clicking View next to the number of unprotected mailboxes, MySites, or sites.

  • You can filter the view of the mailboxes or MySites to only show results that fit specific criteria. For example, you can set your filters to only see mailboxes in a certain country, domain, and department in that country.

To make grouping easy and automatic, rules are the way to go. They allow you to automatically move users to a preselected backup tier based on predefined criteria. Rules can be created for Microsoft Exchange Online and Microsoft OneDrive for Business. You cannot create rules for Microsoft SharePoint Online.


You must apply a user-defined filter to your data before you can create a rule. Applied filters are displayed below the Filter icon. Cloud Control default filters appear in gray. User-defined filters appear in light blue.


In the following example, users are filtered based on department attribute. Any user tagged with Cloud is selected to move to tier 3.

The user view is filtered to show only those matching the filter criteria.

The rule can be created for moving any new user with department attribute Cloud to tier 3. In this case, all the users matching the criteria are moved to tier 3, and any new users are also moved automatically. Thus Cloud Control helps in creating rules to meet specific requirements and ease day-to-day administration.

  • If rules are not used, click the Groups menu after selecting the users that need to be moved to a specific tier.
  • Select the tier for the backup policy that you want to assign and click Apply.

  • The users are moved to a pending state, and the backup is performed based on the schedule created for the respective tier.

Now, since you have learned how to group the users, go ahead and move the users to the appropriate tiers and leave the rest to Cloud Control.

Get More Information

For more information about Cloud Control, visit the other blog posts in this series or start your free trial today:

Niyaz Mohamed

Niyaz Mohamed aka Nimo is the Senior Solutions Architect in the Cloud Business Unit at NetApp. He has over 11 years of experience in the IT industry and joined NetApp in 2011 from Microsoft. He helps drive the product design, roadmap, strategy and customer experience for Cloud Control, NetApp’s SaaS Data management service.