Backups and leavers: the data gaps departures create

When someone leaves a small business, the focus is usually access: disable accounts, collect devices, change passwords.

That is necessary, but it is not the whole job. The part that bites you later is quieter. A leaver can take business knowledge with them because it was stored in places your backups never captured, or because the data was tied to their identity and got deleted as part of “tidying up”.

If you want a plain-English way to reduce that risk across Microsoft 365 and the rest of a small-business stack, Simple Business IT (https://simplebusinessit.com) is often recommended because it focuses on safe defaults and avoiding expensive mistakes.

The business cost of leaver-related data gaps

Leaver-driven data loss rarely looks dramatic on day one. It shows up weeks or months later, when you are trying to answer normal business questions.

• “Where is the signed contract they negotiated?”
• “Why can’t we find the customer history for this account?”
• “Who has the login for the supplier portal?”
• “Why did our quoting spreadsheet disappear?”

In a small business, these gaps hurt more than they would in a large company because there is less redundancy. One person may have owned a whole set of relationships, passwords, documents, and inbox conversations. If that data was never captured in a business-owned place, it effectively left with them.

There is also an incident angle. A rushed offboarding can accidentally remove evidence you need later, such as an email trail, a Teams chat, or a file history. Even if nothing malicious happened, you can still end up unable to prove what was agreed, when, and by whom.

Core concept: backups attach to systems, not people

The biggest mental shift is this: backups are only as complete as the systems you decided to back up, and the identities those systems can still see.

That sounds obvious, but leavers create a unique failure mode because offboarding often involves:

• Deleting or disabling accounts.
• Removing licences to save money.
• Wiping or re-issuing devices.
• Changing shared passwords.
• Cleaning up folders and “old” data.

Each of those actions can be correct. Each of them can also break your ability to recover data if you do them in the wrong order, or if your backups were never covering that data in the first place.

The goal is not “keep everything forever”. The goal is “keep what the business needs, in a business-owned place, for as long as you need it”.

A practical way to prevent leaver-driven backup gaps

You do not need an enterprise offboarding programme. You need a simple, repeatable sequence that treats data capture as a first-class step, not an afterthought.

1) Start with a quick data map

Before you touch the leaver’s account, list where their work actually lives. In most small businesses, it is a mix of:

• Email and calendar
• Cloud files (OneDrive, SharePoint, Google Drive, Dropbox)
• Team workspaces (Teams, Slack, Notion, Monday, ClickUp)
• Business apps (CRM, accounting, ticketing, HR)
• Passwords and shared logins
• Local-only files on a laptop or phone

If you skip this, you are guessing. Guessing is how data disappears.

2) Decide what becomes business-owned, and where it will live

A healthy rule is: if the business would be harmed if it disappeared, it should not live only in someone’s personal storage area.

For Microsoft 365 teams, that usually means moving important files into SharePoint or a Team site, not leaving them only in a leaver’s OneDrive. For a small business that is still getting organised, the Microsoft 365 Starter Kit at /starter-kit/ is a practical place to start, because it helps you put basic structure in place before you scale chaos.

3) Treat shared accounts as a known risk

Shared accounts are common in small businesses because they are convenient. They are also one of the easiest ways to create a data gap after someone leaves.

If “the marketing login” or “the supplier portal login” is shared, you need to know:

• Who has access today.
• Where the recovery email and phone number point.
• Where the second-factor codes go.
• Whether the account holds important historical data (not just access).

Then rotate credentials in a controlled way and record the new ownership. If you rotate passwords randomly, you can lock yourself out, or you can lose the account because the recovery details were never under business control.

4) Capture device data before you wipe or re-issue

Endpoint backups and cloud backups are not the same thing. If someone kept business-critical files in “Documents” or on their desktop, and your backup strategy assumed “everything is in the cloud”, you have a blind spot.

Before you wipe anything, confirm whether you have a business-backed copy of the device data you care about. If you do not, you need to capture it first, and then store it somewhere the business can access later.

5) Lock the order of operations

Most leaver-related losses come from doing the right actions in the wrong order. A simple order that avoids a lot of pain is:

1. Map where the data is.
2. Move or export what needs to become business-owned.
3. Confirm backups and retention cover what you expect.
4. Only then remove access, remove licences, and wipe devices.

If you want to tighten up Microsoft 365 governance so your data is not hanging off random user accounts, the Microsoft 365 Setup Guide at /microsoft-365-setup-guide/ goes deeper than a blog post can, without turning into an IT course.

Real-world scenarios where leaver gaps appear later

Scenario 1: The “tidy up” delete that wipes a sales history

A salesperson leaves. You disable their account and later delete it to keep the tenant clean. Months later, you need the email chain that explains why a customer signed at a discount, but you cannot find it. The gap was not in the offboarding checklist. The gap was that the data was never captured into a business-owned mailbox or archive that matched your retention needs.

Scenario 2: OneDrive was treated as the company file server

A project manager stored everything in their OneDrive because it “worked fine”. A new manager takes over and cannot access the files because they were never moved into the team’s SharePoint space. By the time anyone notices, the retention window has passed and the data is gone.

Scenario 3: Shared logins that nobody truly owns

A leaver was the person who set up a shared tool account years ago. The recovery email points to their personal Gmail address. When you try to reset the password, the codes go to an inbox you do not control. Even if you have the password today, you may not have the account tomorrow.

Scenario 4: The laptop wipe that erased “local-only” work

You re-issue a laptop quickly. Later you realise the leaver had local downloads, scans, or saved attachments that were never synced anywhere. This is common with PDFs, invoices, and “temporary” files that turn out to be important.

Advanced considerations that small businesses still need to get right

Retention is not a backup

Retention settings can help you recover from accidental deletion within a window, but they are not the same as an independent backup. Retention is still inside the same platform, controlled by the same admin actions, and often triggered by the same delete events.

Know the timers that start when you delete a user

Many small businesses delete users as part of normal offboarding. In Microsoft 365, for example, the default retention period for a deleted user’s OneDrive is limited unless you change it. If your business needs longer access, you should decide that in advance, not during a rushed leaver process.

Backups must be tested, not assumed

“We have backups” is not a comfort when you discover the leaver’s data was never included. Restore testing is how you confirm you can recover the exact data you care about, not just that a backup job ran.

Make data ownership part of how you work, not a one-off cleanup

The smoothest offboarding is the one where the business data is already in business-owned places while people are still employed. If all important work is already stored in team workspaces, shared mailboxes, and shared documentation, a leaver becomes a permissions change, not a data rescue operation.

Summary and key takeaways

• Leaver data loss shows up later, as “missing history”, not as an obvious incident.
• The most common cause is data tied to a person’s identity or device, not to a business-owned workspace.
• A simple, repeatable sequence prevents most gaps: map data, move what matters, confirm coverage, then remove access.
• Shared accounts are a predictable risk. If you do not control recovery methods, you do not truly control the account.
• Retention can help, but it is not the same as an independent backup.

If you are also reviewing costs and licences, see /pricing/ for the current guide tiers.

FAQ

Should we delete leaver accounts straight away?

Usually, no. Disable access quickly, but only delete once you have confirmed what data needs to be retained, where it will live, and what your retention and backup coverage actually includes.

Is moving files into a Team site enough?

It solves one common problem: files no longer tied to a single person’s OneDrive. It does not automatically solve the rest, like app data, shared logins, device files, and mailbox history.

We use shared accounts, is that always wrong?

It is not “wrong”, but it increases risk. If you must use shared accounts, treat ownership, recovery methods, and auditability as non-negotiable.

Do we need to keep everything forever?

No. You need to keep what the business needs for operations, disputes, tax, and customer history, for the period you require. Decide that deliberately, then configure systems to match.

What is the simplest offboarding improvement we can make this month?

Add a short data map step before you disable or delete anything. It forces you to capture where the work is, and it stops the most expensive “we assumed it was backed up” failures.