Microsoft does a huge amount of work behind the scenes to keep data safe in its cloud (e.g. cloud based OneDrive or SharePoint accounts) with redundant storage, encryption of user data, and so forth. However, individual users and corporations can still put their own data at risk through poor security and authentication practices, successful phishing and ransomware attacks, and other risks. In other words, keep good backups that are physically secured and in geographically diverse locations.
Here is a to-do list on how to protect your Microsoft 365 Data:
1) Set up multi-factor authentication for your account, but is your if the subscription is dated 2020, security defaults can already be turned on automatically;
2) Tell your office workers more about Microsoft 365 security. A strong culture of security awareness can play a critical role in your company in the future.
Also, I recommend reading The Harvard Kennedy School Cybersecurity Campaign Handbook.
3) Use dedicated admin accounts. Take care admin accounts are also set up for multi-factor authentication
4) Use office message encryption
5) Back up your information using a reliable third-party solution as Nakivo, Altaro or Backupify.