1. Nexetic Support
  2. Nexetic Backup for Entra ID
  3. Features

New Governance & Protection Capabilities in Entra ID Backup

Heli Siniharju
Updated

We’ve expanded our Entra ID Backup capabilities to include a broader set of Identity Governance features, such as API Connectors, Access Packages, and Sensitivity Labels — just to name a few. We’ve also added support for backing up Teams Apps, Mobile Apps, SharePoint Settings, Permission Grant Policies, Risk Detection Logs, and DLP Alerts, ensuring even more of your critical configurations stay protected.

 

How to enable backup for the new modules:

Sign in to the Backup Portal, select Entra ID backup and enter the Settings page.

Option 1: Use the Enable all switch to turn on backups for every newly added module at once.

entraid-enable-all.png

 

Option 2: Click a category name to view its modules. Each category has a main switch to enable backups for all modules at once, and individual switches underneath if you prefer to turn on backups only for specific modules — for example, Teams Apps, Mobile Apps, or SharePoint Settings under Applications.

entraid-new-settings.png

 

Overview of the new features:

Applications:

📱 Teams Apps

  • What they are: Custom or third‑party applications integrated into Microsoft Teams.
  • Why back them up: Preserves app installation and configuration details so collaboration tools remain available after recovery.

📲 Mobile Apps

  • What they are: Registered mobile applications connected to Entra ID for authentication and access.
  • Why back them up: Preserves app registration and configuration details so mobile access remains secure and functional after recovery.

📂 SharePoint Settings

  • What they are: Tenant‑wide configuration properties for SharePoint and OneDrive, such as sync domains, managed paths, retention rules, excluded file types, and session sign‑out settings.
  • Why back them up: Preserves global configuration so collaboration and storage services behave consistently after recovery.
     

Devices & Security:

⚠️ Risk Detection Logs

  • What they are: Records of suspicious sign‑ins and anomalies detected by Entra ID (e.g., atypical locations, impossible travel).
  • Why back them up: Preserves historical risk data for investigation, compliance, and correlation with other security events.

🛡 DLP Alerts

  • What they are: Data Loss Prevention alerts triggered by policy violations, such as attempts to share or move sensitive information.
  • Why back them up: Ensures alert history and policy enforcement records remain available for auditing, compliance, and incident response.
     

Roles & Permissions:

🔑 Permission Grant Policies

  • What they are: Rules that control which applications can request and be granted permissions in Entra ID.
  • Why back them up: Safeguards policy definitions to ensure consistent permission governance and prevent unauthorized access after recovery.


Identity Governance:

📡 API Connectors

  • What they are: Custom connectors that integrate Entra ID with external systems or workflows.
  • Why back them up: Recreating connectors can be complex and error‑prone. Backup ensures integrations remain intact after recovery.

🤝 B2B Collaboration Settings

  • What they are: Policies that govern how external/guest users collaborate with your organization.
  • Why back them up: Misconfigured settings can expose sensitive data or block legitimate access. Backup preserves secure defaults.

🌍 Identity Providers

  • What they are: Configurations that define trusted external identity sources (e.g., social or enterprise IdPs) used to authenticate workforce and customer users.
  • Why back them up: Losing these breaks authentication for external users. Backup ensures continuity of sign‑in flows.

🔗 Federated Configurations

  • What they are: Configurations that establish trust relationships and settings enabling federation between Entra ID and on‑premises or external identity systems (e.g., SAML/WS‑Fed).
  • Why back them up: Backups preserve hybrid identity by ensuring federation settings that enable trust and single sign‑on remain available if configurations are lost or disrupted.

📦 Access Packages

  • What they are: Bundled sets of resources and policies that govern access requests and approvals.
  • Why back them up: Enables rapid restoration of governed access workflows and preserves compliance posture if configurations are altered or deleted.

📝 Access Reviews

  • What they are: Periodic reviews of user access to ensure permissions remain appropriate.
  • Why back them up: Essential for compliance and security audits. Backup preserves review cycles and configurations.

🎨 Organizational Settings

  • What they are: Custom logos and text, background images, and layout applied to sign‑in pages and user portals.
  • Why back them up: Branding supports trust and user experience. Backup avoids rework after tenant recovery.

📜 Terms of Use

  • What they are: Legal agreements and policy documents shown to users during access requests or sign‑in.
  • Why back them up: Critical for compliance and onboarding. Backup ensures continuity of legal enforcement.

👥 B2C User Flows

  • What they are: Configurations for customer identity journeys (sign‑up, sign‑in, password reset).
  • Why back them up: Downtime directly impacts customer access. Backup ensures smooth external user experiences.

🏷 Sensitivity Labels

  • What they are: Classification and protection settings applied to content, Teams/Groups, and SharePoint sites, implemented as metadata tags that classify and safeguard data (e.g., Confidential, Internal).
  • Why back them up: Labels enforce compliance and data protection. Backup prevents gaps in classification policies.

📑 Sensitivity Label Policies

  • What they are: Rules that control how sensitivity labels are made available and applied across the organization. They define which users, groups, or services can use specific labels, helping ensure consistent governance.
  • Why back them up: Policies ensure consistent enforcement. Backup avoids misalignment or accidental exposure.

🔌 External Connectors

  • What they are: Configurations that integrate Entra ID with external services and third‑party applications beyond built‑in API connectors.
  • Why back them up: Backups safeguard extended functionality by ensuring connector definitions and mappings remain available if configurations are lost or disrupted.

 

⚡ Why This Matters

Identity Governance configurations and other critical service settings are not just “options”—they are essential controls for security, compliance, and user experience. Without backup, recreating them can be time‑consuming, error‑prone, and disruptive. With our expanded coverage across governance, applications, and security signals, you can recover these features with full granularity, preserving object relationships and ensuring your environment remains secure, compliant, and instantly restorable.

Was this article helpful?
0 out of 0 found this helpful

Articles in this section