One of the first questions we are asked by customers or potential customers is "how secure is Office 365?". Many people believe that the Cloud is incredibly easy for hackers to get into and to use valuable information. This report looks into the security steps and stages that Microsoft goes through, in order to make sure that every bit of your data is as secure as it could ever be: Microsoft is an industry leader when it comes to Cloud security. It implements and controls, on average, the same or even better than on-premise data centers of even the most sophisticated organizations. The security within Office 365 consists of three parts:

  • Built-in security features
  • Security controls
  • Scalable security

Microsoft has ensured that Office 365 is a security-hardened service which has security features built into it. Microsoft has two decades of experience in security from managing online data and significant investment in their security infrastructure. Microsoft makes it a priority to invest and improve processes and technologies to proactively identify and remove security threats before they become a risk for them. Customers also have the ability to customize their security settings. Office 365 is a product that is trusted by customers of all sizes across almost every industry. This includes highly regulated industries such as healthcare, finance, education and government. Due to the fact that Office 365 manages productivity services for a wide range of industries and geographies, it offers feature choices which customers can control in order to improve the security of their data.

Office 365 built in security

24-hour monitored physical hardware

The Microsoft network of data centers which stores the Office 365 data, is located around the world and is run by the Microsoft Global Foundation Services. The data-centers have been built in a way to protect services and data from being affected by natural distastes or unauthorized access. Access to the data centers is restricted 24/7 by job function, this means that only the essential personnel have access to customer appliances and services. In order to be able to access control over account, you are required to go through multiple authentication and security processes, as well as badges, smart cards, bio-metric scanner, on-premises security officers, continuous video surveillance and two factor-authentication is required. The data centers have motion sensors, video surveillance and security breach alarms installed in them.

Isolated customer data

Office 365 is a multi-tenant surface, which means that different customer share the same hardware resources, helping to make it scalable and low cost. It has been designed to host multiple tenants securely, this is done via data isolation. Active Directory is used in order to divide the data storage and processing, helping to build, manage and secure multi-tenant environments. The data is safeguarded so that the data cannot be accessed or changed by co-tenants.

Automated operations

The IT systems that stores the customers data is strictly controlled within the Microsoft data centers, this involves an automated process which ensures that the engineer requesting the IT systems has met all of the requirements, which involves the following;

  • Background Screening
  • Fingerprint security
  • A required security training
  • Access approvals
  • Secure network

The Office 365 data centers include segmented networks, helping to provide physical separation of critical back-end servers and storage devices from the public-facing interfaces. intrusions and signs of vulnerability can be detected through the edge router security. Office 365 uses a Secure Socket Layer (SSL) in order to secure Outlook, Outlook Web Apps, Exchange ActiveSync, POP3 and IMAP.  Through the use of TLS/SSL, a highly secure client-to-server connection is established to provide confidentiality and integrity between the desktop and the data center.

Encrypted data

The customer data within Office 365 exists in two ways:

  • At rest on storage media
  • In movement from a data center over a network to a customer device

All email content is encrypted on dish using the Advanced Encryption Standard (AES). All disks on mailbox servers which includes mailbox database files, mailbox transaction log files, search content index files, transport database files, transport transaction log files, and page file OS system disk tracing/message tracking logs is covered. Office 365 will transport and store messages that are encrypted using client-side, third-party encryption solutions such as Pretty Good Privacy (PGP). The security within Microsoft is incredibly high and you can be sure that they will ensure that your data will remain safe within their security systems. Data Protection by Office 365

If you would like to learn more about Office 365 security:

Contact ComTech to help you manage your IT systems through better Smart-Sourced IT