Hello,
The technology world is moving fast towards Software as a Service (SaaS) solutions in several areas from collaboration, e-commerce and many other types of solutions, moving from a reality where systems and respective data where deployed within the companies infrastructure (On-Premises) to the Cloud.
One of the main concerns of companies in choosing a Cloud collaboration platform, in which the Office 365 is an example and leading platform, is the security of their information. One of the biggest challenges in Office 365 is related to the demystification that having the information in the Cloud is less secure than if it resides on the premises of the organizations themselves.
To address these same concerns, Microsoft has made a very strong investment in security of the Office 365 platform which provides users and system administrators with several features to address these needs and apply a set of best practices in three main areas:
-
- Security
-
- Privacy
- Compliance
Below we present some of the main features natively offered by the platform.
Regarding Security, the Office 365 platform ensures the encryption of data in transit and at rest. At rest, Bitlocker technology is used to encrypt all information on the servers’ hard drives. In addition, all files are segmented (in small pieces called chunks) and each segment is individually encrypted and encryption keys are securely stored in a different physical location.
In transit, all files are encrypted with TLS using 2048-bit keys.
Regarding Privacy, it is possible to define differentiated access policies based on 4 vectors: user, device, location and sensitivity of the information. Some examples include defining a time bound window when sharing information or only allow sharing with certain domains.
In what regards to Compliance, the main concern is to define a set of rules that allow sensitive information to be protected and to prevent the leakage of sensitive information outside of the organization. The Office 365 platform offers the following features to address this need:
- Data Loss Prevention: allows organizations to create policies to protect their most sensitive information. Example: prevent documents with credit card information or citizen card numbers from being shared outside the organization.
- Information Rights Management: allows organizations to create policies that protect the content of documents stored in the Office 365 platform. Examples: prevent documents from being printed and prevent “Copy & Paste” from document contents. It is important to note that IRM policies continue to apply after documents are downloaded and viewed offline.
Using DLP together with IRM provides a very powerful combination in order for companies to protect their most sensitive documents.
- Mobile Device Management: allows organizations to create policies to manage security when accessing corporate information using mobile devices. Examples include defining PINs to access corporate information, prevent sensitive content from being copied from an corporate document to personal applications (prevent for example a user from copying credit card numbers to the body of an email and sending it to someone outside of the organization) or prevent Screen Capture of information within sensitive documents.
These are just a few of the examples of the vast set of features available to users and administrators to protect information residing on the Office 365 platform.
A very important note is that Microsoft does not have access to the organization’s data and the only occasions where this may be necessary is in resolving support incidents that require access to the data. In these cases, and using a feature called Customer Lockbox, the customer can approve or reject access requests, and access is only granted in case the request is approved. In addition, all accesses are audited to ensure the transparency of the process.
Security is therefore and increasingly not only a central concern for customers who evaluate a migration to the Cloud but rather a concrete reality for those who already enjoy it.
In you are interested in learning more about this subject, you can check out:
- My Intelligent Security, Compliance and Privacy in Office 365 session at SharePoint Saturday Lisbon post
- The Microsoft Office 365 security page
- The “Videos On Office” Microsoft Mechanics channel in YouTube
Related Articles
To learn why your business should migrate to SharePoint Online and Office 365, click here and here.
If you want to convert your tenant’s root classic site into a modern SharePoint site, click here.
If you or your customers are not ready to move entirely to the Cloud and Office 365, a hybrid scenario could be an interesting scenario and SharePoint 2019 RTM was recently announced with improved hybrid support! To learn all about SharePoint 2019 and all its features, click here.
If you are a SharePoint administrator or a SharePoint developer who wants to learn more about how to install a SharePoint 2019 farm in an automated way using PowerShell, I invite you to click here and here.
If SharePoint 2019 is still not an option, you can learn more about how to install a SharePoint 2016 farm in an automated way using PowerShell, click here and here.
If you want to learn how to upgrade a SharePoint 2013 farm to SharePoint 2019, click here and here.
If you want to learn all the steps and precautions necessary to successfully keep your SharePoint farm updated and be ready to start your move to the cloud, click here.
If you learn how to greatly speed up your SharePoint farm update process to ensure your SharePoint farm keeps updated and you stay one step closer to start your move to the cloud, click here.
If you want to learn how to upgrade a SharePoint 2010 farm to SharePoint 2016, click here and here.
If you are new to SharePoint and Office 365 and want to learn all about it, take a look at these learning resources.
If you are work in a large organization who is using Office 365 or thinking to move to Office 365 and is considering between a single or multiple Office 365 tenants, I invite you to read this article.
If you want to know all about the latest SharePoint and Office 365 announcements from SharePoint Conference 2019, click here and here.
Happy SharePointing!
A recent trend has been to train AI to recognise the profiles of attacking agents.
Thanks Jeff, I will take a look into that!