Redstor closes Microsoft’s Entra ID recovery gap

South African IT services company Troye warns that Microsoft’s shared responsibility model, which defines what Microsoft secures versus what the customer must secure, does not apply to its Entra ID product.

Previously called Azure Active Directory, Entra ID is Microsoft’s cloud-based identity and access management service used for logging into systems and controlling user permissions.

“We are urging South African businesses to adopt Redstor’s Entra ID Backup, a proactive and comprehensive solution designed to safeguard identity data – and recover it in minutes, not weeks,” says Troye CEO Helen Kruger.

Troye is a Redstor partner, providing implementation and integration with Microsoft 365 and Entra ID. The company offers local support aligned with South African regulations, along with expert training to strengthen identity resilience.

Entra ID underpins identity and access management across modern IT systems, including user authentication and conditional access policies. Despite this, Entra ID’s built-in tools for backup and recovery are limited. Logs are retained for only 30 days, and organisations have no way to reverse critical changes such as deleted roles or misconfigured permissions.

This limitation means that a breach, insider threat, configuration error, or accidental deletion can cause extensive disruption, with no guaranteed method of recovery.

Redstor addresses this gap by providing cloud-native backups of Entra ID environments. These cover user accounts, roles, group memberships, administrative units, Intune policies, and conditional access settings. Unlike Microsoft’s 30-day window, Redstor offers unlimited retention, enabling organisations to restore data years later.

“You can restore individual user objects, specific permissions, or entire policy sets within seconds – or roll back unwanted changes using built-in change comparison tools,” says Kruger.

By backing up Entra ID with Redstor, the platform provides identity recovery capabilities not available from Microsoft. The service includes instant restores of key identity components, automated change tracking, and ransomware-resistant backups stored off-site with AES 256 encryption. It meets global compliance standards including ISO 27001, GDPR, SOC 2, and HIPAA.

A recent managed service provider (MSP) case study illustrates the risks. One client’s global administrator account was compromised, resulting in over 1,800 unauthorised changes across their Entra ID tenant. Without Redstor, remediation took days of manual work using incomplete logs. After adopting Redstor, automatic restores eliminated the manual burden and reduced downtime significantly.

The backup solution is particularly relevant for organisations using Entra ID or Microsoft 365 that require more than Microsoft’s limited recovery tools. It is suited to:

• Enterprises with strict compliance or auditing needs.
• Businesses exposed to risks such as insider threats, configuration errors, or ransomware.
• Organisations without built-in identity recovery options.
• MSPs and IT teams managing multiple tenants at scale.

“If you’re still trusting Microsoft to recover your identity configurations, you’re risking everything,” says Kruger. “We recommend Redstor’s Entra ID Backup as a safety net. It ensures that identity infrastructure is not only protected, but can also be restored quickly and accurately – because identity data is the backbone of modern IT.”