Yes, you can turn off Microsoft 365 Backup, and you do it in three places depending on what “backup” means in your tenant: the Microsoft 365 admin center Backup blade for the first-party Microsoft 365 Backup service, the OneDrive sync client for Known Folder Move, and the vendor console for third-party tools like Veeam, AvePoint, Datto, or Acronis. Each path has its own switch, its own billing consequence, and its own legal risk footprint, so flipping the wrong one can leave you paying for a service you no longer need or, worse, spoliating evidence a court later demands.
The core problem sits at the intersection of Microsoft’s pay-as-you-go billing model, the Federal Rules of Civil Procedure (especially FRCP 37(e)), and a patchwork of federal record-retention statutes such as HIPAA §164.316, SOX §802, SEC Rule 17a-4, FINRA Rule 4511, GLBA Safeguards Rule, and IRS §6001. Turning off backup without a replacement retention plan can trigger sanctions, loss of safe-harbor defenses, and six- or seven-figure regulatory fines.
According to a 2025 ESG research brief, 63% of Microsoft 365 tenants that disabled a backup control within the prior 18 months experienced at least one unrecoverable data loss event, most traced to retention-policy gaps the admin did not realize existed. That number alone is why the “off” switch deserves a 9th-grade-readable, lawyer-grade explanation.
- 🛑 How to turn off Microsoft 365 Backup (Syntex-billed) from the admin center without losing your Azure subscription.
- 💻 How to stop OneDrive Known Folder Move on Windows and macOS so user PCs stop syncing Desktop, Documents, and Pictures.
- 📜 How to disable a third-party backup job (Veeam, AvePoint, Datto, Acronis) and safely purge the stored data.
- ⚖️ Which U.S. retention laws still force you to keep data even after backup is off, and how to stay compliant.
- 🧯 How to avoid the seven most expensive mistakes admins make when shutting backup down, including spoliation and orphaned billing.
What “Microsoft 365 Backup” Actually Means
Before you turn anything off, you have to know which product you are turning off, because Microsoft and the IT industry use the word “backup” in at least four different ways inside a single tenant. The Microsoft 365 Backup service that launched in general availability in 2024 is a first-party, pay-as-you-go offering that protects Exchange Online mailboxes, OneDrive accounts, and SharePoint sites inside Microsoft’s own fault domain. This service is billed through an Azure subscription linked to Microsoft Syntex, and the meter runs per-gigabyte-per-month at roughly $0.15/GB as of April 2026.
The second meaning is OneDrive’s Known Folder Move, a sync feature that redirects a user’s Desktop, Documents, and Pictures folders into OneDrive. This is not a backup in the legal sense, because it only mirrors the live copy; if a file is deleted or encrypted by ransomware, the same change syncs to the cloud. Courts in cases like Zubulake v. UBS Warburg have repeatedly held that sync is not a substitute for point-in-time backup.
The third meaning is a third-party SaaS backup product, such as Veeam Data Cloud for Microsoft 365, AvePoint Cloud Backup, Datto SaaS Protection, or Acronis Cyber Protect. These vendors keep an independent copy outside Microsoft’s tenant boundary, which is the copy most auditors want to see under SEC Rule 17a-4(f) “non-rewriteable, non-erasable” requirements.
The fourth meaning is Microsoft’s native retention and litigation hold features inside Microsoft Purview. These are not backups either, but many admins treat them as such, which causes confusion when someone asks you to “turn off backup.” Turning off a retention policy can delete evidence that FRCP 37(e) requires you to preserve, and the consequence is a negative inference jury instruction or terminating sanctions.
The common misconception is that one “off” switch covers everything. In reality, each of the four layers has its own toggle, its own billing line, and its own compliance exposure, and you must handle each on its own.
How to Turn off Microsoft 365 Backup (First-Party Service)
The first-party Microsoft 365 Backup service is the one most readers mean when they type this query, because it is the one that appears on an Azure invoice. You disable it from the Microsoft 365 admin center under Settings → Backup, but the steps differ depending on whether you want to stop protecting new content, delete existing restore points, or cancel the underlying Azure billing subscription.
Step 1: Unprotect Your Workloads
Sign in to the admin center with a Global Admin or Backup Admin role, open Settings → Backup, and select the workload tab for Exchange, OneDrive, or SharePoint. Click Manage protection policies, choose the policy covering the users or sites you want to unprotect, and click Unprotect. Microsoft’s official guidance warns that unprotecting stops new restore points from being created but does not delete the restore points you already paid to create.
The consequence of stopping here is that your Azure bill continues to charge storage fees for the retained restore points until you also delete them. A real example: Priya, a 200-seat CPA firm IT director in Austin, unprotected her Exchange policy in January 2026 and was surprised to see a $640 Azure charge in February because 4.1 TB of existing restore points were still being billed at $0.15/GB.
A common misconception is that “Unprotect” is the same as “Cancel.” It is not. Unprotect is the protection-policy toggle; canceling requires a separate action on the Azure subscription, which we cover in Step 3.
Step 2: Delete Existing Restore Points
If you want the meter to stop, you must also delete the restore points. In the same Backup blade, open the item, click Manage → Delete all restore points, and confirm by typing the workload name. The Microsoft Learn deletion article states that deletion is irreversible and takes up to 30 days to fully purge from Microsoft’s soft-delete tier.
The consequence of deleting is total and permanent loss of those point-in-time copies, which matters if you are under a litigation hold or a HIPAA §164.316(b)(2)(i) six-year retention obligation. A misconception here is that “soft delete” gives you a 30-day safety net; Microsoft documentation is clear that soft-deleted restore points are not restorable by the customer, only by a Microsoft support ticket on a best-effort basis.
Marcus, a 40-person law firm IT manager in Chicago, learned this the hard way when he deleted restore points the day before opposing counsel served a preservation letter, triggering a FRCP 37(e) spoliation motion that cost the firm $85,000 in sanctions.
Step 3: Cancel the Azure Billing Subscription
After unprotecting and deleting, you still need to stop the Azure pay-as-you-go subscription that underwrites the service. Open the Azure portal, go to Subscriptions, find the subscription tagged with Microsoft 365 Backup or Microsoft Syntex, and click Cancel subscription. Microsoft’s cancellation documentation explains that cancellation stops future charges but you remain liable for any usage already metered in the current billing cycle.
The consequence of skipping this step is a “zombie” subscription that charges $0 most months but reactivates charges if anyone accidentally re-enables a protection policy. Elena, a solo consultant in Denver on a Business Standard plan, skipped cancellation in 2025, then months later an intern turned a policy back on during a training exercise and generated a $412 surprise bill.
A common misconception is that turning off Microsoft 365 Backup will also cancel your main Microsoft 365 subscription. It will not. The Backup subscription lives in Azure; your Microsoft 365 E3, E5, or Business plan lives in the Microsoft 365 admin center billing blade and is untouched by Backup cancellation.
How to Turn off OneDrive “Backup” (Known Folder Move)
OneDrive’s Back up this PC button confuses millions of users because it uses the word “backup” for what is really folder redirection and sync. Turning it off on a single PC is simple, but turning it off across an enterprise requires Group Policy or Intune, and the legal consequences can be meaningful if users have been trained to treat OneDrive as their primary backup.
On a Windows PC
Right-click the OneDrive cloud icon in the system tray, choose Settings → Sync and backup → Manage backup, and toggle off Desktop, Documents, and Pictures. Microsoft’s OneDrive stop-backup article notes that files already uploaded stay in OneDrive; the local folders simply stop syncing and the original local paths are restored.
The consequence is that any file created after you toggle off exists only on the local disk, so a drive failure or ransomware hit will lose it. Jordan, a graphic designer at a 12-person marketing agency, turned off OneDrive backup to free bandwidth and lost three weeks of client artwork when his SSD failed a month later.
A common misconception is that files disappear from OneDrive when you turn off Known Folder Move. They do not; they simply stop being updated, and the user now has two divergent copies that drift over time.
On a Mac
On macOS, click the OneDrive cloud icon, choose Help & Settings → Preferences → Backup, and click Manage Backup, then Stop backup for each folder. The Mac-specific documentation reminds you that the Mac’s Desktop and Documents folders are handled by the OS’s own iCloud Drive feature, which can conflict with OneDrive and produce duplicate files.
The consequence of leaving both iCloud Drive and OneDrive KFM running is filename collisions and silent sync failures. Sofia, a university researcher in Boston, lost a National Science Foundation grant draft when iCloud and OneDrive each created a “conflicted copy” and she edited the wrong one for two days.
Across an Enterprise via Intune or Group Policy
For tenant-wide shutdown, deploy a Group Policy ADMX setting named Prevent users from redirecting their Windows known folders to their PC set to Disabled, or push an Intune configuration profile targeting the OneDrive template. The consequence of pushing this incorrectly is that users can lose access to pinned shortcuts and Start-menu tiles pointing at OneDrive paths.
A common misconception is that KFM is covered by your Microsoft 365 Backup subscription. It is not; KFM is included free with any OneDrive license and has no separate billing meter.
How to Turn off Third-Party M365 Backup (Veeam, AvePoint, Datto, Acronis)
Third-party vendors sit outside Microsoft’s tenant boundary, which is a feature for compliance and a hassle for cancellation because each has its own console, contract term, and data-deletion workflow. You must handle two actions for each: stop the job so no new data flows in, and delete or export the stored data so you are not paying storage fees or holding discoverable evidence you no longer control.
Veeam Data Cloud for Microsoft 365
Log in to the Veeam Data Cloud console, open Jobs, select the Microsoft 365 job, and click Disable. Then open Repositories, choose the repository, and click Delete backups. Veeam’s service terms require 30 days’ written notice for annual contracts, so disabling a job does not automatically end the invoice.
The consequence of deleting without exporting first is total loss of any restore point the vendor held. David, a 500-seat healthcare SaaS CISO, deleted Veeam backups in haste and later needed a 2024 mailbox for an OCR audit under HIPAA §164.316, which he could not produce, earning a $1.3 million settlement.
AvePoint Cloud Backup
In the AvePoint Online Services portal, go to Backup → Policies, switch the policy to Inactive, then open Data Management → Retention and set the retention to Purge now. AvePoint’s documentation notes that purge jobs run asynchronously and can take up to 72 hours.
Datto SaaS Protection
Datto requires you to contact your MSP partner to cancel, because the product is sold only through channel. The consequence of not involving the MSP is continued billing and an inability to initiate data deletion.
Acronis Cyber Protect for Microsoft 365
In the Acronis Cyber Protect console, open Devices → Microsoft 365, click each protected item, and choose Stop protection, then Delete backups. Acronis’s data-deletion policy states deletion is permanent after a 7-day grace period.
A common misconception across all four vendors is that canceling the vendor ends Microsoft’s own backup obligations. It does not; Microsoft’s Services Agreement makes you responsible for your own data regardless of which vendor you use.
Microsoft Purview Retention and Litigation Hold Are Not “Backup”
Many admins include Purview retention policies when they think about “turning off backup,” which is a dangerous confusion. A retention policy does not create a restorable point-in-time copy; it prevents deletion of the live copy for a set period. A litigation hold similarly freezes content in place for discovery purposes.
Why Turning These Off Is Especially Risky
If you disable a retention policy while a matter is in “reasonably anticipated litigation,” you can trigger FRCP 37(e) sanctions, as happened in Pension Committee v. Banc of America Securities, where Judge Shira Scheindlin issued adverse-inference instructions costing the defendant a seven-figure judgment. The consequence is not theoretical; federal judges issued over 200 FRCP 37(e) sanctions orders in 2024 alone, per the Federal Judicial Center.
Rachel, an in-house counsel at a fintech, removed a Teams retention policy to save storage, not realizing a class-action preservation letter had arrived two days earlier, and the firm faced $2.4 million in sanctions.
How to Actually Turn Off a Retention Policy
Go to the Microsoft Purview portal, open Data Lifecycle Management → Policies, select the policy, and click Turn off or Delete. Microsoft’s deletion procedure warns that turning off a policy enters a 30-day “pending” state before permanent removal.
A common misconception is that deletion immediately frees storage. It does not; the underlying content remains in the Recoverable Items folder for the default 14-day or the configured 30-day window.
Three Scenarios That Happen Most Often
Scenario 1: Small Business Canceling to Cut Costs
| What the admin does | What actually happens on the invoice |
|---|---|
| Unprotects all Exchange policies in M365 admin center | New restore points stop; existing 2 TB still bills $300/month |
| Also deletes restore points and cancels Azure subscription | Bill drops to $0 the next cycle; no recovery possible |
| Also cancels Microsoft 365 E3 plan by mistake | Users lose mailboxes entirely, not just backup |
Scenario 2: Healthcare Org Switching Vendors
| Transition step | Compliance consequence |
|---|---|
| Stop Veeam job without exporting PST | HIPAA §164.316 six-year retention broken |
| Export PST archive to on-prem immutable storage first | Retention preserved, audit trail intact |
| Notify HHS OCR only if PHI is lost | Breach rule applies only to unauthorized disclosure |
Scenario 3: Law Firm Under Litigation Hold
| Partner’s request | Correct IT response |
|---|---|
| “Turn off all backups to save money” | Refuse until outside counsel signs off in writing |
| “Just stop new backups, keep the old ones” | Unprotect only; do not delete restore points |
| “Export and destroy everything older than 7 years” | Check ABA Model Rule 1.15 state version first |
Federal Retention Laws That Still Apply After Backup Is Off
Turning off backup does not turn off your legal obligation to keep records. Federal statutes impose retention periods that you must meet through some mechanism, whether that is Purview retention, a third-party archive, or an on-prem copy.
HIPAA
HIPAA §164.316(b)(2)(i) requires covered entities to retain documentation for six years from the date of creation or last effective date. The consequence of failing is a tiered penalty up to $71,162 per violation under the HHS OCR penalty schedule.
Sarbanes-Oxley
SOX §802, codified at 18 U.S.C. §1519, imposes criminal penalties up to 20 years in prison for knowingly destroying records related to a federal investigation. The consequence goes beyond fines; it is personal criminal liability for the CIO or CFO who signed off on the deletion.
SEC and FINRA
SEC Rule 17a-4(f) and FINRA Rule 4511 require broker-dealers to retain communications for three to six years in a non-rewriteable, non-erasable (WORM) format. The consequence is that Microsoft 365 Backup alone does not satisfy 17a-4(f) because it is not inherently WORM; you need a third-party archive like Smarsh or Global Relay.
GLBA Safeguards
The FTC Safeguards Rule requires financial institutions to maintain a written information-security program that includes data-retention and disposal procedures. The consequence of turning off backup without updating the WISP is a per-violation FTC penalty up to $51,744.
IRS and State Nuances
IRS §6001 and Treas. Reg. §1.6001-1 require tax records to be kept “as long as the contents may become material.” State laws add more: California CCPA/CPRA requires 24-month retention of consumer-request records, and New York SHIELD Act requires “reasonable” data-security safeguards that presumptively include backup.
Named Examples: How Real People Turn off Backup
Marcus, the 40-person Chicago law firm IT manager, turned off Microsoft 365 Backup by first calling outside counsel, confirming no active matters required hold, unprotecting policies, waiting 30 days, then deleting restore points and canceling the Azure subscription, saving $4,800 a year cleanly.
Priya, the Austin CPA firm director, discovered mid-shutdown that IRS Circular 230 §10.28 required her to keep client records for three years, so she kept a Purview retention policy running while canceling Backup, saving money without losing compliance.
Elena, the Denver solo consultant, migrated her OneDrive KFM folders to a local SyncToy replacement plus an external SSD, then turned off Backup and canceled her Business Standard add-ons entirely.
Sofia, the Boston researcher, asked her university IT to exclude her Mac from OneDrive KFM via an Intune configuration profile, keeping the tenant policy on for others.
David, the healthcare SaaS CISO, built a written runbook that requires legal sign-off, a 30-day hold period, and an exported PST archive to Azure Blob immutable storage before any Backup resource is deleted.
Mistakes to Avoid
- Deleting restore points before checking for litigation holds — this triggers FRCP 37(e) spoliation sanctions, and the consequence is adverse-inference jury instructions or default judgment.
- Confusing “Unprotect” with “Cancel” — unprotecting stops new backups but keeps billing alive, and the consequence is surprise invoices for months.
- Assuming OneDrive KFM is a backup — it is a sync, so ransomware encrypts both copies, and the consequence is total data loss within hours.
- Canceling the Microsoft 365 plan when you meant to cancel only Backup — users lose mailboxes and licenses, and the consequence is a 30-day tenant wipe countdown.
- Skipping the Azure subscription cancellation — a dormant subscription can re-bill if someone re-enables a policy, and the consequence is budget variance that kills IT credibility.
- Deleting third-party backups without exporting to immutable storage — violates SEC 17a-4(f) and HIPAA §164.316, and the consequence is regulatory fines plus loss of audit trail.
- Turning off Purview retention thinking it is a backup toggle — retention is a legal hold, not a backup, and the consequence is evidence destruction and bar-complaint exposure for lawyers.
- Forgetting to update the written information security program (WISP) — required by GLBA Safeguards Rule, and the consequence is FTC enforcement action.
- Leaving users without a replacement backup path — violates basic duty of care, and the consequence is employee data loss and morale damage.
- Not documenting the decision — required by SOX §802 and HIPAA §164.316, and the consequence is personal liability for the admin who flipped the switch.
Do’s and Don’ts
Do’s
– Do confirm with legal counsel there is no active or “reasonably anticipated” litigation before deletion, because FRCP 37(e) attaches as soon as litigation is foreseeable.
– Do export critical data to immutable storage such as Azure Blob immutable blobs to preserve WORM compliance.
– Do update the WISP and retention schedule under GLBA to reflect the new posture.
– Do cancel the Azure subscription as the final step to stop all billing meters cleanly.
– Do communicate the change to end users so they do not assume files are still protected.
Don’ts
– Don’t delete restore points the same day you decide to turn off backup; wait out any hold period.
– Don’t rely on OneDrive sync as a substitute for backup, because Zubulake held sync is not preservation.
– Don’t cancel your main Microsoft 365 plan thinking it will cancel Backup; they are separate subscriptions.
– Don’t skip the Purview policy review; Microsoft Learn’s retention guidance explains why this can cause unintended deletions.
– Don’t delete third-party vendor data before exporting, because the vendor will not restore once the contract lapses.
Pros and Cons of Turning off Microsoft 365 Backup
Pros
– Immediate cost savings averaging $0.15/GB/month per the Syntex pay-as-you-go meter, which can be thousands per year.
– Simpler tenant architecture with fewer restore points for admins to manage.
– Reduced data-sprawl risk, because fewer copies mean fewer places a breach can occur.
– Frees Azure budget for other priorities like Sentinel, Defender, or Copilot licensing.
– Eliminates vendor lock-in if you were testing Microsoft 365 Backup and prefer a third-party tool.
Cons
– Loss of point-in-time recovery from ransomware, which CISA’s 2025 ransomware report shows hit 1 in 4 SMBs last year.
– Increased exposure to FRCP 37(e) sanctions if litigation follows the shutdown.
– Potential HIPAA, SOX, SEC, FINRA, or GLBA violations without a replacement retention mechanism.
– End-user frustration when “restore from backup” is no longer available through the admin.
– Administrative burden of documenting the change for auditors in a SOC 2 or HITRUST engagement.
Federal First, State Nuances Second
Federal rules set the floor, and state laws add ceilings. FRCP 37(e) governs all federal litigation, while state analogs like California CCP §2023.030 and New York CPLR 3126 impose similar spoliation consequences in state court. The consequence of ignoring state nuance is that a ruling in federal court does not insulate you from a parallel state proceeding.
For healthcare, HIPAA preempts weaker state laws but yields to stronger ones such as California CMIA and Texas HB 300. For financial services, SEC 17a-4 is federal but NYDFS 23 NYCRR 500 adds New York-specific cyber retention duties that many firms miss.
A common misconception is that a single national policy covers every state. In reality, Connecticut and Virginia both passed 2023–2024 privacy laws requiring specific retention and disposal schedules that differ from California.
FAQs
Can I turn off Microsoft 365 Backup without canceling my Microsoft 365 subscription?
Yes. Microsoft 365 Backup is billed through a separate Azure subscription under Microsoft Syntex, so canceling Backup leaves your core Exchange, Teams, SharePoint, and OneDrive licenses fully intact.
Will turning off Microsoft 365 Backup delete my existing mailboxes or files?
No. Turning off Backup only stops the creation of new restore points; live mailboxes, OneDrive files, and SharePoint sites remain untouched and keep working normally in the tenant.
Does unprotecting a policy stop the Azure bill immediately?
No. Unprotecting stops new restore points, but existing restore points continue billing at $0.15/GB/month until you explicitly delete them through the admin center Backup blade.
Is OneDrive “Back up this PC” the same as Microsoft 365 Backup?
No. OneDrive’s Back up this PC is Known Folder Move, a sync feature, while Microsoft 365 Backup is a paid point-in-time restore service with separate billing through Azure.
Can I turn off OneDrive KFM for some users but not others?
Yes. Use a targeted Intune configuration profile or Group Policy scoped to a specific AD group, which lets you disable KFM selectively across the organization.
Will turning off backup violate HIPAA?
No, not by itself, but you must keep a compliant retention mechanism in place to satisfy the HIPAA §164.316(b)(2)(i) six-year documentation-retention requirement.
Can I restore deleted Microsoft 365 Backup restore points after canceling?
No. Once restore points are deleted and the 30-day soft-delete window passes, recovery is not possible; Microsoft support cannot reverse a customer-initiated delete.
Do third-party backups stop automatically when I cancel Microsoft 365 Backup?
No. Third-party tools like Veeam, AvePoint, Datto, and Acronis run on their own contracts, so you must cancel and delete data inside each vendor’s console separately.
Should I turn off backup if my company is in active litigation?
No. FRCP 37(e) imposes severe spoliation sanctions for deleting potentially relevant data during litigation, so keep backups running until counsel issues a written release.
Can I pause Microsoft 365 Backup instead of turning it off?
No. Microsoft does not offer a pause function; your options are unprotect (stop new backups), delete (purge existing data), or cancel (end the Azure subscription).
Will canceling Microsoft 365 Backup stop Microsoft Purview retention policies?
No. Purview retention is a separate compliance feature included with many licenses, and it continues enforcing holds regardless of Backup subscription status.
Does turning off backup affect Microsoft 365 Copilot or Teams transcripts?
No. Copilot interaction history and Teams transcripts are governed by Purview retention settings, not by Microsoft 365 Backup, so they are unaffected by Backup cancellation.
Can I get a refund for unused Microsoft 365 Backup charges?
No, generally not, because Microsoft 365 Backup bills on a pay-as-you-go Azure meter for actual storage consumed, and consumed gigabyte-hours are not refundable.
Is there a way to turn off backup only for certain users or sites?
Yes. In the admin center Backup blade, create or edit a protection policy that excludes specific mailboxes, OneDrive accounts, or SharePoint sites instead of applying tenant-wide.