The cloud provides a number of key advantages, from potentially lower costs to reduced administrative overhead to gaining access to more features than an organization might be able to host locally. At the same time, the cloud introduces new concerns, with the security of data hosted by a third party among the most serious. Microsoft understands these concerns and has taken some time to discuss how cloud data is protected in Office 365.
Office 365 is a massive undertaking, according to Microsoft hosting “one of the largest data sets in the world.” With millions of people creating, editing, and collaborating on personal and business-critical documents, that should come as no surprise. Protecting this data is a serious endeavor, and requires various levels of protection.
Here’s an overview of how Microsoft is protecting your Office 365 data:
Generally speaking, Microsoft has taken a three-pronged approach to data security. These steps are in addition to the physical security that underpins the integrity of Microsoft’s datacenters.
Data Loss Prevention (DLP)
To minimize disruption for you, as an end user, we need to ensure that the protection we offer is not counterproductive. We follow a people-centric approach to make sure that everything happens in the background. For example, as you are authoring a document that contains sensitive information we warn you if the action places your data at risk through policy tips. These are based on the policies that you have set.
Advanced Threat Protection (ATP)
Another example of how the service proactively protects you from incoming threats from external sources is Advanced Threat Protection (ATP). For example, as you are reading your email, the service may be activated to isolate suspicious attachments and block malicious links across your devices to protect you from phishing attacks. All suspicious content goes through a real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity.
This service-level protection is an example of intelligent protection where we track vulnerabilities at scale through machine learning and mitigating them. Today, we give you the ability to programmatically access our service logs to integrate with your in-house or third-party security monitoring systems. In the future, with the intelligence available in the Microsoft Cloud, we see the potential to aggregate security signals so that you can gain a 360-degree view on the security of your data even outside of the Microsoft Cloud, including data stored on-premises, in other Cloud services and on devices.
Protecting your data is clearly a priority for Microsoft. Large-scale data breaches would spell real trouble for the company’s “cloud-first, mobile-first” strategy, and so it’s no surprise to see Microsoft investing significant resources in maintaining data integrity. We’ll continue to keep our eyes on their efforts in this area because nobody wants their private and proprietary data compromised and out in the wild.