Microsoft Office 365 compliance and security concerns are always part of the conversation for IT pros evaluating a move to the Web-based service. Fortunately, there are several tools available to keep corporate data safe in the cloud.
Organizations need to meet regulatory compliance standards and ensure that all their data is adequately protected when it's stored in someone else's data center. Microsoft has made it clear that cybersecurity is a top priority.
"One of the most pressing issues of our times, of our industry, is cybersecurity," noted CEO Satya Nadella at the Microsoft Government Cloud Forum in November 2015."Customers aren't going to use technology if they aren't going to trust it."
To that end, Microsoft offers Office 365 compliance and security capabilities that IT administrators can take advantage of, such as the following:
Office 365 data security
One such feature is access control, which allows IT to ensure that only authorized users can access content intended for them.
For example, site administrators can restrict access to SharePoint Online just as they do in on-premises versions. In addition to those controls, IT can implement tools such as Azure Rights Management Services (RMS), an add-on that imposes certain restrictions to specific content. If a document contains sensitive data that a user is concerned may be leaked, RMS restrictions can block recipients from forwarding the email, printing it or even copying the content into a USB flash drive. RMS can be applied to SharePoint content and email messages, as well as files within a network folder or Microsoft's cloud storage.
What is Office 365?
Microsoft Office 365 is a cloud-hosted version of the Microsoft Office software. This subscription-based version includes Office, Exchange Online, SharePoint Online, Lync Online and Microsoft Office Web Apps.
In addition to RMS, Microsoft does offer security controls to lock down who can see certain email messages and what content is allowed to leave the organizations. With data loss prevention (DLP) in Exchange Online, IT administrators can create rules and policies that will encrypt, block or warn email senders or designated parties based on the content being distributed, defined by custom rules.
Mobile devices also affect data security and compliance. To address that, Microsoft offers a capability that allows users or IT to restrict Office 365 access to approved, enrolled devices. Conditional access can be applied to Google Android, Apple iOS and Windows devices.
Office 365 compliance tools
Organizations may be subject to data policies and restrictions, particularly in markets such as healthcare and finance. IT can implement policies as part of DLP to detect specific data elements, such as Social Security numbers, credit cards or client numbers, and can block visibility to some users across SharePoint Online and other Microsoft productivity tools.
In addition, end users can encrypt certain email messages as part of Office 365 message encryption prior to sending sensitive information externally. This functionality, which is available in DLP, can also be automated so that the system detects sensitive information to prevent it from leaving the organization.
Microsoft Office 365 ProPlus and Enterprise plans -- which range from $12 per user, per month to $35 per user, per month -- include compliance tools such as eDiscovery. In addition, auditing as well as archiving and retention policies can be applied on some or all content being stored within Exchange Online, SharePoint Online, OneDrive and Skype for Business.
Microsoft's built-in security and compliance tools create protections at a number of different layers, while still making it easy for users to manage all of it. But IT administrators must ensure that they educate end users on Office 365 compliance and security functionalities, as well as any policies that the organization must meet to avoid data breaches due to human error.
Office 365 archiving policy inconsistent
Users confront host of new challenges with Office 365
Moving to SharePoint Online experience varies