Office 365 Security From Built-In Features
If Microsoft can’t protect your organization from the countless threats lurking in the cyber world, then no one can. Naturally, Microsoft has built in plenty of safeguards into Office 365 to protect your business from potential attacks of all kinds. Office 365 is a security-hardened service, designed following the Microsoft Development Lifecycle. Microsoft brings together the best practices from 20 years of building enterprise software and managing online services to give you an integrated software-as-a-service solution. At the service level, Office 365 uses the defense-in-depth approach to provide physical, logical and data layers of security features and operational best practices. In addition, Office 365 gives you enterprise-grade user and admin controls to further secure your environment.
For physical security, Microsoft Office 365 offers 24-hour monitoring of data centers and multi-factor authentication, including biometric scanning for datacenter access. It also includes internal datacenter networks segregated from the external networks and role separation, which renders location of specific customer data unintelligible to the personnel that have physical access. Any faulty drives and hardware that are discovered are demagnetized and destroyed.
In terms of logical security, Office 365’s lockbox processes for a strictly supervised escalation process greatly limit the human access to your data. Servers run only processes that are white-listed, minimizing risk from malicious code. Dedicated threat management teams proactively anticipate, prevent and mitigate malicious access. An port scanning, perimeter vulnerability scanning and intrusion detection prevent or detect any malicious access.
For data security, encryption at rest protects your data on Microsoft’s servers. Encryption also is in transit with SSL/TLS protects your data when it’s transmitted between you and Microsoft. Threat management, security monitoring and file/data integrity prevent or detect any tampering of data. Microsoft’s Exchange Online Protection provides advanced security and reliability against spam and malware to help protect your information and access to email.
User controls include Office 365 Message Encryption, which allows users to send encrypted email to anyone, whatever email service recipients may use. Data loss prevention can be combined with Rights Management and Office 365 Message Encryption to give greater controls to your admins to apply appropriate policies to protect sensitive data. S/MIME provides message security with certificate-based email access. Azure Rights Management also prevents file-level access without the right user credentials.
For admin controls, multi-factor authentication protects access to the service with a second factor such as phone. Data loss prevention prevents sensitive data from leaking either inside or outside the organization while providing user education and empowerment. Built-in mobile device management capabilities allow you to manage access to corporate data. Mobile application management within Office mobile apps powered by Intune provides granular controls to secure data contained in these apps. Built-in antivirus and antispam protection along with advanced threat protection safeguard against external threats. Office 365 Cloud App Security provides enhanced visibility and control into your Office 365 environment.
Determining the appropriate levels of control you need to safeguard your company from cyberattacks, it helps to have a third-party audit your operations. 2W Tech is a Microsoft Gold Certified Partner and has Consultants on staff that specialize in Office 365 solutions. For help with your security through Office 365, contact us today.
Total Economic Impact of Microsoft Azure IaaS
Interested in reading this article? Click the button below to download this asset.