Cloud Ally SaaS for Office 365

thecomputerguy

thecomputerguy

Well-Known Member
Reaction score
1,326
I'm looking at trying to add another line item to my MSP clients in the form of O365/OneDrive/Teams/SP Backup.

I know a lot of people here use Backupify, and I have requested a trial over there.

Years and years ago I setup a couple of non-MSP clients on CloudAlly because it was relatively easy to setup and configure, and to be honest I'm pretty impressed with how easy it is to connect a Backup task to a tenant. The GUI on the CloudAlly end is very simple to use and very simple to understand.

Additionally the pricing seems really great as well. It's $3 per user per month or $30 per user per year. This pricing includes the users Mailbox, Onedrive, the company Teams, and any company wide Sharepoint sites as well as public folders. This is all on an amazon backbone. I do also get a small per user discount due to applying to be a reseller.

I'm looking at trying to sell it at $7 per mailbox per month, and should be able to get about 70-80 users on it per month, so a decent little bump in income per month with the security of having a C2C backup.

There are a couple of red flags however, but maybe they don't matter...

1.) CloudAlly is located in Israel
2.) Support is in India
3.) Recovery procedure seems very simple but I have not tested it

I have had a brief experience with support and they were able to resolve my issue very quickly.

Anyone else have experience with this company?

I plan on exploring Backupify as soon as my account gets approved. Unfortunately backupify is not supported by my MSP for resale.
 
I stopped using Backupify shortly before Datto decided to let itself be bought out by Satan (Kaseya).

DropSuite is drastically better. $3 / user / month for the basic backup, $4/user/month for a backup that includes a long term mail archive that meets regulatory requirements. Support is here in the States but I haven't had to use it yet because 1.) the product is simple enough I figure most things out on my own. And 2.) I buy through Pax8 and their support has been responsive enough to hand the few questions I did have early on.

I do not have anything against CloudAlly as a company directly, I've heard nothing but good things. However, I do have some qualms with the scope of what they do. They're trying to make it so that MSPs don't have to know the cloud to sell the cloud. And that's a good thing, right up until it isn't... and they operate in legal jurisdictions that have no business mucking about with American tenants!
 
Sky-Knight said:
I stopped using Backupify shortly before Datto decided to let itself be bought out by Satan (Kaseya).

DropSuite is drastically better. $3 / user / month for the basic backup, $4/user/month for a backup that includes a long term mail archive that meets regulatory requirements. Support is here in the States but I haven't had to use it yet because 1.) the product is simple enough I figure most things out on my own. And 2.) I buy through Pax8 and their support has been responsive enough to hand the few questions I did have early on.

I do not have anything against CloudAlly as a company directly, I've heard nothing but good things. However, I do have some qualms with the scope of what they do. They're trying to make it so that MSPs don't have to know the cloud to sell the cloud. And that's a good thing, right up until it isn't... and they operate in legal jurisdictions that have no business mucking about with American tenants!
Click to expand...

Thanks for the info ... I just signed up for a Demo at Dropsuite.

The whole middle eastern company thing with sales and support in india is kinda like a double whammy.
 
We've used BackupIfy....in the early Datto days. Wasn't impressed.
And then started using DropSuite. Seemed more modern. Their portal is a bit "odd". We get it through PAX8. Support is "meh". One client wasn't fond of the fact that they're based out of Singapore.
And then Datto did a big upgrade/overhaul of BackupIfy...changed it to SaaS...and it's improved. BUT...we're preparing to jump ship from Datto once we check out Axcient.

We're getting so overwhelmed trying to manage/maintain (be proactive) with our 365 tenants (coming up on 200 of 'em)....a couple of years ago I started looking for management portals. Signed up for MSPMagic. But..got side tracked for a couple of years. Also over a year ago signed up for Microsofts tool..."Lighthouse". Lighthouse..hasn't matured yet. Probably be a decent product in a few years...but it has a lot of cooking to do in the oven. Very bare bones. Free (so far).

Today did a demo with Skykicks new products. Very impressed. A bit of cost, but having single pane access to all of our tenants for day to day stuff, plus the security dashboard center to keep tabs on all the tenants, see the red flagged weaknesses, have policy templates to just "single click" apply to multiple tenants to have them up to our standards, get alerting of risky users, have workflows to apply to problems..it's looking damn sweet! Also, get a good discount on Skykicks own 365 backup product. Skykick is "per tech" pricing, so unlimited tenants.

MSPMagic...$20 bucks per tenant. Need to do the formal sit down demo of it..have played with it with a trial (free for up to 3 tenants)...but I think we'll go with Skykick...for the management, security, as well as move all our 365 backup over to it.

Skykick is based out of Seattle WA.
 
Last edited:
I got on the phone with a Sales person as DropSuite immediately. The Sales rep was actually only just a few hundred miles away. Got me an account immediately.

Both CloudAlly and Backupify have been slow to respond. Dropsuite is looking good.
 
@YeOldeStonecat Lighthouse is VERY mature, it's just an Azure tool, not an M365 tool. That's why you're having fits.

Literally all it does is formalize the owner admin's authentication of any 3rd parties connecting. It makes no sense for MSPs. it's there for local admin teams to authorize external entities permissions to work on things temporarily.
 
I'm not sure you're talking about the same tool.
Formal name is "Microsoft 365 Lighthouse".
Microsofts own words...."Microsoft 365 Lighthouse is an admin portal that helps Managed Service Providers (MSPs) secure and manage devices, data, and users at scale for small- and medium-sized business (SMB) customers.....with using Lighthouse to manage Microsoft 365 services and connected devices."

learn.microsoft.com

Overview of Microsoft 365 Lighthouse - Microsoft 365 Lighthouse

For Managed Service Providers (MSPs), learn how Microsoft 365 Lighthouse can help you secure and manage customer tenants in one location.
learn.microsoft.com

When I log into it, I see my 365 customers, and I have a few policies to apply to them...such as creating Conditional Access MFA for Admins, and Users, or Disabling Legacy Auth, policies like that. Just...the built in policy templates are still very...minimal. I think only 15 policies currently in there. I'm sure much more to come.

more snippets...
"
Lighthouse helps MSPs secure and manage Microsoft 365 services and connected endpoints at scale by:

  • Providing tenant deployment journeys so technicians can follow a consistent set of steps to secure and configure customer tenants.
  • Using a default SMB security baseline that prescribes best practices targeted to small- and medium-sized business tenants.
  • Providing multi-tenant insights on device compliance for a clear view of how devices are being evaluated across all organizations, tools to compare policies, and the top settings that aren't being met.
  • Simplifying common tasks like resetting a password.
  • Configuring multifactor authentication and self-service password reset, including tools to help drive adoption by users.
  • Understanding and protecting against risky sign-ins.
  • Managing threats on Windows 10 devices by providing details on threats detected by Microsoft 365 Defender and actions to take to resolve issues and keep devices up to date.
  • Providing insights into Microsoft 365 service incidents and advisories that impact the customer tenants they manage."
 
@YeOldeStonecat They're the same tool... but at this point sort of like how Teams is the same tool as Sharepoint.

Azure Lighthouse | Microsoft Azure

Azure Lighthouse enforces security best practices with just-in-time access, role-based access control (RBAC), and on-demand auditing capabilities.
azure.microsoft.com

Microsoft 365 Lighthouse just configures an Azure Lighthouse instance. The problem is... as you've noticed... we don't get to configure the light house instances.... Which leaves you with a subset of features that's flat to say the least. Then there are the limitations, which are equally baffling. The region limits specifically are nuts.
 
That's different, never saw that tool before, it's a different name "Azure Lighthouse" vs "Microsoft 365 Lighthouse".
Just looked at Azure Lighthouse, totally different product, completely different look in the webUI portal. (colorful like portal.azure). And like you said, for the Azure side of things.

Microsoft 365 Lighthouse, while sharing the "Lighthouse" name, and sharing "some of the purpose of Lighthouse", is a really different product, totally different webUI portal, bland looking, and designed to tickle settings in admin.office.com as well as aad.portal.azure.com...but it sticks to that 365/azureAD side of the fence. Conditional Access policies (although...very bare bone), some barely functional stripped down immature MEM (endpoint management/intune) stuff, app protection policies, a policy for configuring some Edge settings, Defender for Biz, Defender Firewall, some of the Advanced Threat Protection policies (this one I was hoping would have a LOT more..it's not really useful).

They are two...siblings. And technically...from the same parents...lol. But they're quite different...almost like one was from the milk man.....
 
@YeOldeStonecat It's the same tech under the hood. Microsoft is trying to sanitize the whole contractor admin process. In the meantime the only reliable means I know to do anything is a machine somewhere with a ton of powershel access tokens and some scripts... it's hackish and dirty and VERY HARD to keep straight... but it works.

Lighthouse is amazing, but it's for an enterprise market and doesn't fit the world I work in. M365 Lighthouse is not where it needs to be, and the partner portal itself hasn't worked correctly in this space in ever.

I think eventually the M365 Lighthouse will melt into the partner portal directly, but have a more formalized authorization process like Azure lighthouse does. This is still going to be strange because it'll mean business owners have to push an authorize button on their phones every time we need to check something. Microsoft doesn't want smaller partners controlling that much power, there's simply too much risk. Look at all the MSP breaches!
 
yeah I don't play in the Azure world yet....just starting to, need to learn the "build network/build gateway/how to spin up servers/how to spin up fleets of desktops/Azure VPN Gateway, How to import on-prem servers/etc etc" stuff. Just haven't had the need, but...the need is coming...FAST...NOW...so..need to. In the mean time, have to probably outsource a couple of current jobs to someone who does that for other MSPs.

...until I learn it. Then I'll see what Azure Lighthouse does.

But for now, to help manage the 365 side of things...since we're fast approaching 200 tenants...need a tool, and the SkyKick ones are looking sweet!
THIS one...
www.skykick.com

Cloud Manager

SkyKick Cloud Manager provides automated cloud management helping MSPs improve margins, quality and security across SaaS, IaaS, and PaaS
www.skykick.com www.skykick.com
AND....this one on top of it (they're currently bundling both for a while)
www.skykick.com

Security Manager

Easily deliver and automate cloud security. SkyKick Security Manager is the most powerful application to manage Microsoft 365 Security.
www.skykick.com www.skykick.com

What's nice about that first on, you can do most of your daily helpdesk stuff in 365...right from that dashboard. No more jumping in and out of different browsers and different in cognito sessions and dealing with browsers still caching a tenant you were in 3 hours ago when you slide over to another admin console...should be a big time saver right there!
 
@YeOldeStonecat https://www.credly.com/users/robert-sandling/badges

As of Tuesday I'm now a Microsoft Certified Azure Administrator Associate, and I'm in DIRE NEED of hours to fill. So I'd happily help you or any other MSP with their Azure migration needs. It's a HUGE WELL and I've spent the last three years diving in it. Lift and Shift is as strong with me as Untangle NGFW is.

The tenant problems I solve with a firefox plugin called multi-tenant containers, but yeah I can't see that scaling to 200 seats very well. All of this is annoying because on the Azure side all you have to do is invite any other Azure account to the appropriate group and POOF they can login to their own account, switch directory, and go!

But the M365 admin stuff still needs an account on the tenant itself to work fully. And maintaining an admin account per tenant per tech is BONKERS INSANE.
 
Yeah I've tried all the browser tricks for jumping tenants. We have quad monitors at work, we have browsers open all day for our MSP tools....our RMM, our HUDU documentation, usually both Unifi controllers, a couple-o-more. The various browser tricks to jump 365 tenants all eventually get overwhelmed and you're forced to close the browser(s) entirely to flush the toilet. Ya know, log into a different tenant (perhaps the 13th one for the day..and it's not even noon yet!)...and you click the Admin tile..and boom you're looking at the users from 4x tenants ago! So shut down the browser(s) Which means logging back into our RMM, HUDU, Unifi stuff, etc...which means MFA'ing yet again. Gets tiring at least a half dozen times a day.

We'll reach out to ya for projects.
 
@YeOldeStonecat MS has an "official" tool for this... it's an extension of PowershellDSC https://microsoft365dsc.com/home/what-is-M365DSC/

I haven't poked at it much, but I remembered it this morning. But this tool while cool doesn't address the access problem! That is unless it's using Powershell Access Keys... I need to dig into it more. It was on my list for AFTER I got this Azure cert out of the way.

But this is next on my hit list, how to automatically assess and report on configuration differences across multiple tenants. Microsoft wants to use DSC (Desired State of Configuration) via Powershell on EVERYTHING. We have it now for desktops and servers, it's being pushed into Azure / M365 too.
 
You must log in or register to reply here.

Similar threads

thecomputerguy
I cannot possibly see how this MX record swap is going to work...
Replies
2
Views
327
thecomputerguy
thecomputerguy
thecomputerguy
Tenant to Tenant Migration (O365)
Replies
6
Views
410
timeshifter
timeshifter
A
Migrating M365 from me to Microsoft direct
Replies
2
Views
177
alexsmith2709
A
thecomputerguy
AutoCAD LT .... Egnyte, Vault, or in-house?
Replies
8
Views
367
Sky-Knight
Sky-Knight
HCHTech
Any Adobe alternative for server installs?
Replies
11
Views
341
SAFCasper
SAFCasper
Back
Top