Microsoft is readying a significant update to its Microsoft 365 Backup service that will let administrators create a single policy to protect Exchange Online, OneDrive for Business, and SharePoint Online data automatically. A private preview is scheduled for July 2026, with general availability targeted for September 2026, according to a post on the Microsoft 365 admin center.
A Single Policy to Cover the Entire Suite
Today, Microsoft 365 Backup works on a per‑service basis. When it launched in 2024, admins gained the ability to back up and rapidly restore individual Exchange mailboxes, OneDrive accounts, and SharePoint sites. But setting up protection required navigating three separate workflows—one for each workload—and manually adding each object (like a user mailbox or a SharePoint site) to a backup policy. That siloed approach has been a friction point from day one.
The upcoming full‑workload policies flip that model on its head. Instead of configuring three different policies and maintaining separate lists of protected objects, you’ll define one policy that automatically includes every Exchange mailbox, every OneDrive account, and every SharePoint site in your tenant. If a new employee joins or a new SharePoint site gets created, the backup policy picks it up without an admin lifting a finger. Microsoft says the feature will also let you exclude specific objects—say, a temporary project site or a departed user’s mailbox—with simple exclusion lists.
This isn’t just a convenience tweak; it plugs a common hole in data protection. Surveys among IT pros consistently show that manual per‑object selection is error‑prone. A newly provisioned SharePoint site can sit unprotected for days before someone remembers to add it to the backup schedule. With automated full‑workload policies, that gap closes completely.
What This Means for IT Administrators
The immediate benefit is time saved. For a mid‑size organization with a few hundred users and dozens of SharePoint sites, configuring and maintaining per‑workload policies eats up hours of administrative time every quarter. With the new approach, the initial setup shrinks to a single policy definition, and ongoing maintenance becomes a matter of checking that exclusions are still valid.
More importantly, it brings Microsoft 365 Backup closer to the “set and forget” experience that third‑party backup vendors have offered for years. Products like Veeam, AvePoint, and Acronis have long allowed you to check a box labeled “back up all mailboxes” or “protect all SharePoint sites.” Microsoft’s native backup was the outlier, and this update erases that disadvantage.
For organizations subject to compliance or retention regulations, the change also simplifies auditing. A single policy that covers everything is easier to describe to an auditor than three separate policies with overlapping schedules and retention settings. And because Microsoft 365 Backup stores its data in a segregated, immutable cloud—separate from the live service—the restore process remains fast and reliable, with recovery point objectives (RPOs) as low as a few minutes for some workloads.
There’s one thing to watch: licensing. Microsoft 365 Backup is a paid add‑on, billed per gigabyte of protected data. Right now, you pay for what you put into the backup vaults. If a full‑workload policy automatically scoops up every mailbox and site, your monthly bill could jump if you don’t carefully set exclusions. Most admins will want to review which objects genuinely need protection before flipping the switch, especially for SharePoint sites that hold transient or low‑value content.
The Long Road to a Truly Native Backup
Microsoft’s journey toward a first‑party backup solution has been slow and, at times, contentious. For years, the company’s official stance was that the recycle bin, version history, and litigation hold were “good enough” for most customers. IT veterans remember the infamous “Shared Responsibility Model” that put the onus squarely on the tenant to protect their data beyond Microsoft’s infrastructure guarantees.
The release of Microsoft 365 Backup in late 2024 was a turning point. It finally acknowledged that accidental deletion, ransomware, and insider threats demand a real backup—not just a two‑stage recycle bin. But the initial version was deliberately minimal: Exchange, OneDrive, and SharePoint only, with no support for Teams chats, Planner, or Loop components. Policy management was manual and piecemeal.
Since then, Microsoft has added support for additional restore scenarios, integrated with the Microsoft 365 admin center, and improved the speed of large restores. The full‑workload policy feature is the next logical step, and it signals that Microsoft sees backup as a mainstream service rather than a niche compliance tool.
Competitive pressure from the ecosystem likely accelerated the timeline. Third‑party backup vendors, which still dominate the market, have been pointing to the manual effort required by Microsoft’s tool as a reason to stay with their own solutions. By matching the ease‑of‑use that admins expect, Microsoft can argue that its native service offers deeper integration—including direct API access and faster restores—without the management overhead.
What You Should Do Now
Even though the preview is six months away, there’s plenty you can do to get ready.
1. Audit your current backup coverage
If you’re already using Microsoft 365 Backup, take stock of which workloads are being protected. Are all your critical mailboxes in the policy? What about SharePoint sites that house sensitive department files? Run a gap analysis. The new feature will make it easy to bring everything under one umbrella, but you’ll need to know what “everything” includes first.
If you’re relying on third‑party tools, this is a good moment to compare your current recovery SLAs and costs against what Microsoft 365 Backup might offer when the unified policies land. You don’t have to switch, but understanding the landscape helps when the preview becomes available.
2. Plan your exclusion strategy
Full‑workload automation is powerful, but it can also be wasteful. Start thinking about which objects don’t need backup. For example:
- Mailboxes of fully departed employees that have already been archived.
- OneDrive accounts for seasonal or temporary workers whose data is ephemeral.
- SharePoint site collections used for testing or development.
- Project‑specific sites that are deleted after six months.
Document these candidates now so that you can quickly configure exclusions when the preview opens.
3. Watch the roadmap and sign up for previews
Microsoft typically announces preview programs through the Microsoft 365 admin center message center and the public road map. While no sign‑up link exists yet, bookmark the Microsoft 365 Backup documentation page and check the message center weekly. Early access to the July preview might give your team time to test the policy engine before the September GA rush.
4. Prepare your team
If your organization has separate teams managing Exchange, SharePoint, and OneDrive, the unified policy will blur those lines. Start a conversation now about who will own the backup policy. A cross‑functional approach often works best, with a lead from the IT operations team and input from compliance and security stakeholders.
The Outlook: Beyond the Big Three Workloads
Full‑workload policies for Exchange, OneDrive, and SharePoint are just the beginning. Microsoft has hinted—though not confirmed—that future iterations of Microsoft 365 Backup could encompass Teams chat and channel messages, Planner tasks, and even Power Platform data. If the unified policy model proves successful, it’s easy to imagine a near future where a single toggle protects everything inside your Microsoft 365 tenant.
For now, the immediate win is clear: come July 2026, admins can stop babysitting backup policies and spend their time on more strategic work. The catch is that you’ll need to be thoughtful about what you include. Automation is a tool, not a replacement for a well‑thought‑out data protection plan.
Keep your eyes on the admin center for the preview announcement, and start planning those exclusion lists today.