Be the first to like this
Office 365 Trust has three main principles and they are realized in two distinct dimensions – Built-in capabilities and Customer controls
Built-in Capabilities is what we built into the service that is enabled by default:
We have many best practices in design and operations in our data centers to maintain Security, Privacy and Compliance.
Customer Controls is one that our customers have flexibility to implement in their environments:
Over and above what we do in the service, where we are differentiated is with giving flexible controls to achieve Security, Privacy and Compliance based on the needs of their organization. We bring in over two decades of experience to build these capabilities.
Let’s walk through each one of these important aspects one by one.
Microsoft has deep experience in building on premise or workplace environments. Using that knowledge and added operational best practices like regular penetration testing we have built a security hardened service in the cloud
Physical security with 24 hour monitoring, seismic bracing, multi-factor authentication for physical access to data centers.
Data security with features like encryption, logical isolation of customer data and strong authentication
Operational best practices like prevent breach and assume breach to monitor, anticipate, and mitigate threats to protect your data
Office 365 provides unique customer controls like Rights Management Services, Group policy settings empower you to tune up or tune down security controls based on your need.
We contractually commit to not mine your data for advertising purposes. In fact we do not use your data for anything other than providing you world-class services.
We are transparent with your data about the location where it is stored, who has access to it and when. We make this information accessible to you in http://trust.office365.com.
Further we give you flexibility so that if you decide to leave the service, you get to take your data with you – You can get more information in the Data portability section of the Trust Center – http://trust.office365.com.
Office 365 gives you capabilities to collaborate but also give you the ability to regulate information sharing
Rights management allows users to encrypt information and apply policies to give explicit permissions to only do what they are allowed to do with that information (like copy, share, print etc.
When we build features, we consider if privacy controls need to be enabled at the admin level or at the user level
Presence sharing with Lync allows users to let others see their online presence status or block it.