5 Common Questions About Office 365 Data Security

If you feel uneasy about whether your data will be safe in the cloud, the following Q&A on Office 365 data security measures should put your mind at ease.

How do I know my data is safe?

This is the most obvious and frequently asked question when people are considering moving to a cloud-based solution like
Office 365, and the good news is that there’s plenty of reassurance available. Firstly, consider it from Microsoft’s point of view – they know that data security is going to be every customer’s main concern and therefore, has to be their main concern if they’re to survive in what’s always been a competitive and rapidly changing industry. For that reason, they continue to invest heavily in data security.

Second, the Microsoft Trust Center provides in-depth information about the measures they’ve taken and continue to develop to keep your data secure. Here’s just a sampling:

• Their data centers, over 100 of them worldwide, are monitored continuously with motion sensors and video cameras, and multi-factor authentication including biometric scanning is used for staff access.
• Role separation prevents data center staff knowing where a particular customer’s data is stored.
• There are regular backups and each data center has a backup site.
• Your data is encrypted both while residing in the Microsoft servers and while travelling between you and Microsoft. Microsoft enforces the use of hard passwords and multi-factor authentication.
• Nobody at Microsoft has access to your content. If an engineer needs access to your content to solve a problem for you, there is a rigorous approval process and access is granted only to the required content and for the time required.
• You manage the privacy settings, so you decide who can and cannot access your content.

Are Office 365 data security measures compliant?

The Office 365 data security measures have been found to meet, or enable their customers to meet, over 50 compliance standards from around the world, including the very stringent EU Model Clauses and:

• codes of GxP
• FDA CFR Title 21 Part 11
• ISO 9001 (Quality), ISO 22301 (Business Continuity Management), ISO 27001 (Information Security Management), ISO 27010 (Code of Practice for Information Security Controls), ISO 27018 (Cloud Privacy)
• standards for handling data relating to healthcare, criminal justice, the military, and financial services.

Office 365 and Azure both appear on the Australian Signals Directorate’s Certified Cloud Services List (CCSL).

Many of Office 365’s data security features can be configured to allow customers to meet the requirements of local or regional regulations. For example, Office 365’s Advanced Data Governance tool can be ‘trained’ by users to analyse massive volumes of data and make recommendations about whether to keep or discard particular items, in line with local document retention requirements. It can also detect data governance risks such as the download, deletion or modification of an unusually high number of files or the external sharing of documents, and can provide alerts about such activity. Unless your current systems have these capacities, they seem like good reasons to seriously consider moving to Office 365.

Where is my data stored?

As part of the Office 365 data security features, you can select which region your data is stored in, to allow compliance with local regulations. Office 365 has been designed with cross-border data transfer regulations in mind.

How do I know my data is not being sold or used?

Microsoft has committed to never using your data for any purpose other than delivering or improving their services. It’s not in their interests to share or sell data when their continuing success relies on data protection and security.

What happens to my data if I stop using Office 365?

You’ll have 90 days in which to move your data to the storage site of your choice. Microsoft guarantees the fidelity of your data in this situation.

To summarise

Microsoft continues to go to enormous lengths to give you peace of mind that your data is safe and secure from all known threats. They offer 24/7 support and aim to exceed their 99.9% reliability of service score. They have rapid feedback loops in place so that customer feedback can be examined and any necessary improvements implemented in as short a timeframe as possible, so that any evolving threats are managed proactively.

With a range of industries moving towards adopting Industry 4.0 practices, data volumes are going to explode and data security will be one of the challenges to be met.

At QikSolve, we believe the Office 365 data security features are the best available to meet the data security challenges of today and tomorrow and we’d love to help you implement this powerful suite of tools in your business. Get in touch today to learn more about how Office 365 could revolutionise the way you manage your data.