SlideShare una empresa de Scribd logo

Securing Your Content with SharePoint and OneDrive for Business

David J Rosenthal
David J Rosenthal

In this e-book, you’ll learn about the Microsoft approach to security and compliance with SharePoint Online and OneDrive for Business, which encompasses: Platform security Protect content at rest and in transit with layered encryption customer controls and keys to lock down data. Information governance Manage your data life cycle process with customizable data retention, discovery, and deletion. Secure access and sharing Manage access and sharing settings to guard against leaks of sensitive data. Awareness and insights Gain full transparency and insights into users and data with auditing, reports, and alerts. Compliance and trust Leverage the proactive and continuous compliance and certification process.

Software
1 de 22
Descargar para leer sin conexión
SharePoint and OneDrive for Business Securing your content in the new world of work
01 Introduction 02 Platform security 03 Information governance 04 Secure access and sharing 05 Awareness and insights 06 Compliance and trust 07 Conclusion
Microsoft has been building enterprise software for decades and running some of the largest online services in the world. We draw from this experience to keep making Microsoft SharePoint Online and OneDrive for Business more secure for users, implementing and continuously improving security-aware software development, operational management, and threat-mitigation practices that are essential to the strong protection of your services and data. The collaboration landscape has changed. Connectivity is ubiquitous, and the ability to work remotely has become an ingrained part of the work practice. People have come to expect to be able to access email and documents from anywhere on any device—and for that experience to be seamless. 01 Introduction
In this e-book, you’ll learn about the Microsoft approach to security and compliance with SharePoint Online and OneDrive for Business, which encompasses: Platform security Protect content at rest and in transit with layered encryption customer controls and keys to lock down data. Information governance Manage your data life cycle process with customizable data retention, discovery, and deletion. Secure access and sharing Manage access and sharing settings to guard against leaks of sensitive data. Awareness and insights Gain full transparency and insights into users and data with auditing, reports, and alerts. Compliance and trust Leverage the proactive and continuous compliance and certification process of While this has been an enormous boost to productivity, it also presents huge challenges for security. Previously, businesses needed be concerned with a firewall that ended at the corporate boundary. Now that boundary has shifted to the end user. Businesses need to ensure that corporate data is safe while enabling users to stay productive in today’s mobile-first world, where the threat landscape is increasingly complex and sophisticated. SharePoint Online and OneDrive for Business are uniquely positioned to help you address these evolving security challenges. To begin with, Microsoft has continued to evolve with new standards and regulations. This has been a guiding principle behind security for SharePoint Online and OneDrive for Business. Right alongside that principle is this one: There is no security without usability. If security gets in the way of productivity, users will find a different, less secure way to do their work. SharePoint Online and OneDrive for Business allow your organization to go beyond its regular business rhythms and be nimbler in responding to market changes and opportunities. These solutions enable users to access the files and documents they need wherever they’re doing work, while sharing and collaborating in real-time. And you control and own your data while Microsoft takes care of it. billion records compromised in the last year (Source: Risk Based Security) days between infiltration and detection (Source: Mandiant Consulting M-Trends, 2016) of senior managers admit to using personal accounts for work (Source: Stroz Friedberg, On the Pulse: Information Security in American Business) of organizations lack data governance, leaving them open to litigation and data security risks (Source: AIIM – Information Management in 2016 and Beyond, March) year over-year-growth in electronic data (Source: AIIM – Information Management in 2016 and Beyond, March) Customer challenges by the numbers
Data loss is non-negotiable for your business, and exposure of sensitive information and assets can have enormous legal and compliance implications— and impacts on your competitive edge. SharePoint Online and OneDrive for Business safeguard against unintentional disclosures through the defense-in- depth approach of Microsoft Office 365. Microsoft is constantly working on ways to mitigate the effects of attacks on data and information. These security measures form the foundation of our business products and cloud services. Office 365 gives you enterprise-grade physical and logical security capabilities to secure your IT environment, along with encryption controls to protect your files and email communications. Protect content at rest and in transit with layered encryption customer controls and keys to lock down data. 02 Platform security
Physical security Capabilities: Extensive auditing and supervision prevent administrators from getting unauthorized access to your data. Multiple copies of your data are located across datacenters for redundancy. With Office 365, your data is stored in Microsoft datacenters that are protected by layers of security. These datacenters guard against not only unauthorized access and security breaches, but natural and environmental threats as well. They are built like, yes, fortresses. These fortresses, however, are transparent to you. Moving to a cloud service shouldn’t mean losing visibility into your services. We make it easy for you to monitor the status of your services, track issues, and get a historical view of availability. You also always have awareness of who has access to your data and under what circumstances they have it. Multiple copies of your data are kept across datacenters, which are geographically distributed. If Microsoft expands into a new country in the region where your data is stored, you are notified one-month in advance .
Logical security Logical security keeps administrator access to your files under strict control. This happens through multitenancy architecture and automation processes, plus a combination of port scanning, perimeter vulnerability scanning, and intrusion detection—all to prevent malicious access. Multitenant architecture In cloud computing, multitenancy is the ability to share common infrastructure across numerous customers simultaneously, leading to economies of scale. The multitenant architecture of Office 365 supports enterprise- level security, confidentiality, privacy, integrity, and availability standards. Microsoft continuously works to ensure this, and does so based on the assumption that all tenants are potentially hostile to all other tenants. Multiple forms of protection have been implemented throughout Office 365 to prevent customers from compromising Office 365 services or applications, gaining unauthorized access to other tenants’ information, or breaching the Office 365 system itself. Automation Most Office 365 operations are automated. At the same time, Microsoft limit its own access to customer content. This enables Office 365 to be managed at scale while protecting against potential internal threats to customer content, such as a malicious actor or the spear-phishing of a Microsoft engineer. A Microsoft engineer might have limited, audited, secured access to customer content, but only when necessary for service operations and approved by a member of senior management at Microsoft (and, for customers who are licensed for the Customer Lockbox feature, by the customer). Customer data management In addition to these controls, you can manage your data in Office 365 much like you would in an on-premises environment. As the global admin, you have access to all features in the admin centers. This means you can add or edit users, and assign admin roles to others. And you can also control how users access information from specific devices or specific locations, or a combination of both.
Encryption Capabilities: Easily and cost-effectively manage and maintain control of the encryption keys used by cloud apps and services. Encrypt keys and small secrets like passwords by using keys stored in hardware security modules (HSMs) with Azure Key Vault. Office 365 protects the confidentiality and integrity of customer data by following industry cryptographic protocols like Transport Layer Security (TLS)/Secure Sockets Layer (SSL) and Advanced Encryption Standard (AES). Data is protected at rest and in transit, and protection extends to file-level protection in some scenarios. “Privacy and security are essential to everything we do. Our customers expect us to process their sensitive data according to their country’s unique regulations, which is why we use Office 365. I advised our leaders and CIO that the Microsoft approach to security, compliance, and privacy is of the highest standard in the industry.” Sascha Schneider Privacy Counsel Deputy Data Protection Officer NGA Human Resources Data in transit For data in transit, Office 365 secures customer data by forcing all customer-facing servers to negotiate a secure session with client machines through TLS/SSL protocols. This applies to protocols on any device used by clients—such as SharePoint Online—on the web. Data at rest BitLocker volume encryption secures data at rest. It addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers and disks. Office 365 deploys BitLocker with AES 256-bit encryption on servers that hold all messaging data, including email and IM conversations, as well as content stored in SharePoint Online and OneDrive for Business. File-level encryption OneDrive for Business and SharePoint Online also use file-level encryption to encrypt data at rest. Office 365 moves beyond a single encryption key per disk to deliver a unique encryption key for every file stored in SharePoint Online—including OneDrive for Business folders. These files are distributed across multiple Azure Storage containers, each with separate credentials. Not only are these files spread across storage locations–the map of file locations is itself encrypted and the master encryption keys are physically separated from both content and the file map. All this makes OneDrive for Business and SharePoint Online a highly secure environment for stored files.
Data overload is an issue for many organizations. While your organization might be obligated to keep content for a certain period—because of compliance, legal, or other requirements— holding on to data longer than you need it can create unnecessary legal risks. Office 365 can help you get a handle on your data life_cycle. With data governance features, you can 03 Information governance archive and preserve content from your SharePoint Online sites and OneDrive for Business locations—and import that content into your Office 365 organization. The Retention feature in the Office 365 Security & Compliance Center allows you to manage the lifecycle of your content, keeping the content you need and then removing the content after it’s no longer required.
Data retention policies Capabilities: Enforce compliance with information management processes and enforce regulations with information management policies. Data retention policies allow you to meet your organization or industry compliance requirements. You can set global retention policies on all content in Office 365, or dig deeper by setting granular policies on specific users or content. Then, to follow through, you can use intelligence to automate data retention, classifying data based on age, type, user, or sensitivity, and use policy recommendations based on machine learning. And, of course, you’re only going to purge data that’s redundant, obsolete, or trivial. High value data can be preserved through applied actions. This can also be automated, by means of a customized schedule for preserving and deleting content. eDiscovery Identify and collect the data that might be relevant to a specific legal case. Capabilities: Identify and deliver electronic information that can be used as evidence in legal cases. Use advanced eDiscovery to analyze unstructured data within Office 365, perform more efficient document review, and make decisions to reduce data for eDiscovery. Office 365 in-place capabilities simplify the eDiscovery process, making it easy for you to find and preserve the right documents in cases of litigation or government litigations. Predictive coding enables you to train the system to automatically distinguish between documents that are likely to be relevant and non-relevant. And with clustering technology, you can look at documents in context and identify relationships among them. Legal and litigation controls Protection of the confidentiality of data that’s stored within the infrastructure. Capabilities: Prevent important documents from being edited or deleted, and define how long documents must be stored by using in-place holds and document deletion policies. Control the life_cycle of a SharePoint site and its associated site mailbox. Legal and litigation controls help you prevent important documents from being edited or deleted, and define how long documents must be stored. These controls enable you to manage the lifecycle of documents to comply with your organization’s records management policies. They allow you to control the lifecycle of a SharePoint site and its associated site mailbox, while providing a single experience for searching and preserving across Office 365.
04 Secure access and sharing Gain full transparency and insights into users and data with auditing, reports, and alerts. Your data belongs to you. Simple as that. This is another one of the guiding principles behind security for SharePoint Online and OneDrive for Business— that while, at Microsoft, we serve as custodians of your data, you remain in control of it. And we help you to manage this through access controls, sharing controls, and application and device management.
Access controls Capabilities: Policies that provide contextual controls at the user, location, device, and app levels. Location-based conditional access policy that blocks users who are working from an untrusted location. The risks to information exposure have increased in today’s collaboration landscape because users don’t always work on desktop computers. Access controls now need to account for users connecting their mobile devices to nonsecure networks or using their own unmanaged devices. These new access controls start with conditional access policies. Conditional access allows you to keep your corporate data safe while providing your users a secure environment in which they can work from any device. Conditional access in SharePoint Online and OneDrive for Business offers security that goes beyond user permissions. It takes into account the identity of the user, the devices and applications being used, the network that the user has connected to, and the sensitivity of the data being accessed. Conditional access works alongside Multi-Factor Authentication in providing another layer of security. Multi-Factor Authentication requires two or more verification methods for user sign-ins and transactions. These methods can include randomly generated pass codes, a phone call, a smart card, or a biometric device. Advanced Security Management ensures that you’re aware of any suspicious activity in Office 365. This gives you the opportunity to investigate situations that are potentially problematic and, if needed, revoke suspicious user sessions.
Sharing controls Capabilities: Extensive sharing controls to support external sharing, link expiration, and revocation of access to content and files. In working with vendors, clients, or customers outside your organization, you often need to share documents with these external users to collaborate directly. External users can be authenticated or anonymous. Because authenticated users have their own Microsoft accounts, you can share sites and documents much like you would with users within your organization. However, since these users don’t have access to your Office 365 subscription, they’re limited to basic-collaboration tasks. Users without Microsoft accounts are considered anonymous. These users can access folders and documents through shareable links without having to log in with a username or password. Anonymous users can’t access sites or be assigned licenses, so they’re only able to see your documents through the links you provide. These links are valid only for as long as you choose. The external sharing features of SharePoint Online help you manage security risks by giving you the capability to set up an extranet site. Extranet sites can be locked down so that only you can invite external users. Admins can control the list of partner domains that their employees can share with users outside the organization. Allow-and deny lists of email domains can be configured. Activities of the business partner users are audited, and reports can be viewed in Office 365 Activity Reports. “Many of our employees used multiple storage solutions, but we moved to OneDrive for Business because it has the stringent data protection standards that our clients expect and that give us more control over access to our data.” Sudesh Withanage Senior Technology Consultant Virtusa
Application and device management Capabilities: Azure Active Directory management tools enable collaboration and deliver holistic identity protection and adaptive access control. Integrated device and app management is enabled through Microsoft Intune. With device-based policies, you can allow, block or challenge access through Multi-Factor Authentication, device enrollment, or password change. Device-based policies for SharePoint Online and OneDrive for Business help you ensure that your corporate resources data isn’t leaked onto unmanaged devices, such as devices that are non-domain joined or non-compliant. These policies limit content access to the browser while preventing files from being taken offline or synchronized with OneDrive for Business on unmanaged devices. Microsoft Intune helps you with mobile device management, securing corporate data on devices used by licensed Office 365 users in your organization. If a device is lost or stolen, you can remotely wipe the device to remove sensitive organizational information.
Understanding usage within your organization helps you get ahead of security risks and usability issues. Advanced auditing enables you to discover forensic information about specific activities conducted by a user or an administrator. Personalized reporting offers seamless access to information through a 05 Awareness and insights Manage your data life cycle process with customizable data retention, discovery, and deletion. unified dashboard. And intelligent alerting allows you to monitor and investigate actions taken on your data, so that you can contain and respond to threats—and protect your valuable intellectual property.
Advanced auditing Capabilities: Discover forensic information about specific activities that were conducted by a user or an administrator. Use RESTful APIs to get an unprecedented level of visibility into user and admin transactions within Office 365. Leverage hybrid auditing across cloud and on-premises. With advanced auditing in Office 365, you can track changes and user activity in SharePoint Online and OneDrive for Business. This allows you to audit changes made to files and site collections, as well as the users who made changes. Every user action is recorded for a full audit trail. And you can set up custom alerts when a specific event occurs. You can quickly access these audit reports through the Office 365 Security and Compliance Center.
Personalized reporting Unified reporting and seamless information access. Capabilities: Unified reporting dashboard for seamless access to information. Product-level reports for more granular insight about the activities within each product. Personalized reporting helps you avoid the unexpected by being aware of what’s going on in your organization. Activity reporting for SharePoint lets you see how users in your organization are using SharePoint Online sites to access, save, and collaborate on documents. It shows you which users are active on each team site, and which users sync documents back to their local machines or share documents externally. The OneDrive for Business activity report gives you a holistic view of OneDrive usage in your organization. As with SharePoint reporting, you can see which users are using OneDrive to sync files back to their local machines and how users are actively engaging across OneDrive accounts in your organization.
“We have revealed a more agile way of working that helps us simplify access to information, promote insights and analytics across the business, and remain competitive without sacrificing our essential security and compliance concerns.” Matt Potashnick Chief Information Officer AXA UK and Ireland Intelligent alerting Email notification when users perform specific activities in Office 365. Enabled through Advanced Security Management, intelligent alerting allows you to monitor and investigate actions taken on your data, identify risks, and contain and respond to threats made on your intellectual property. Threat Intelligence analyzes billions of data signals across Office consumer and commercial services, helping to protect you before attacks reach your network. These insights can be integrated with your existing security management tools.
For customers considering a move to the cloud, compliance is a major issue. And it’s a paramount concern for us at Microsoft as well, which is why Office 365 offers you continuous compliance. Our base level of requirements for Microsoft products and services is always increasing, as impacted by needs worldwide and across industries. Our specialist 06 Compliance and trust Take advantage of the proactive and continuous compliance and certification process used by Microsoft. compliance team tracks standards and regulations, developing common control sets for our product team to build into the service. We have built over 1,000 controls into the Office 365 compliance framework that enable us to stay up to date with frequent changes to industry standards.
Microsoft regularly submits self assessments to independent third party auditors. Microsoft holds key certifications, including: EU Model Clauses FedRAMP FERPA FISMA HIPAA Business Associate Agreement ISO/IEC 27001 UK G-Cloud v6 Official Continuous compliance Capabilities: Discover forensic information about specific activities performed a users or administrators. Use RESTful APIs to get an unprecedented level of visibility into all user and admin transactions within Office 365. Office 365 helps you meet evolving internal investigation, legal, and regulatory requirements with rich set of eDiscovery capabilities. Validating your organization’s security practices can be an expensive, exhaustive, and exhausting process. Office 365 enables you to identify relevant data quickly through advanced tools like machine learning, predictive coding, and text analytics. Advanced eDiscovery reduces the volume of data by finding near-duplicate files, reconstructing email threads, and pinpointing key data relationships. Plus, you can easily export this data to third-party applications for review. These capabilities intelligently simplify the eDiscovery process, so there’s less time taken on your end and less strain on your budget. And as the compliance landscape expands, our capabilities expand with it. “Our legal department, risk management group, and human resources organization thoroughly reviewed our options to make sure the [system] we chose would support continuous adherence to all our requirements. Like other global companies, we must comply with all local regulations. Office 365 gives us confidence that we can remain in compliance from a data privacy and security standpoint.” Sherry Nubert Chief Information Officer The Goodyear Tire Rubber Company
“As we build the bank of the future, we are providing the right tools and technology for our people, resulting in improved agility and security. Our move to Office 365 is also helping us... reduce IT costs in half. We’re fully committed to the cloud as we add on all the Office 365 functionality, including the Enterprise Mobility Security Suite and Customer Lockbox.” Jeff Henderson Executive Vice President and Chief Information Officer TD Bank Group Transparent operations Capabilities: 24/7 escalation to the development team to resolve issues that cannot be resolved by operations alone. Thorough review of all service incidents and an analysis if your organization is affected. Controlled access to your data through Customer Lockbox. Our operations are transparent, so you can check in on the state of your service, track issues, and get a historical view of availability. This means you always know where your data is stored as well as who has access to it and under what circumstances. You can find all of this information in the Office 365 Trust Center. By design, Office 365 commercial services are separate from our consumer services so that there is no mixing of data between the two. We maintain that you are the owner of your data, and we do not mine customer data for purposes other than providing you productivity services. Even when you require a Microsoft support engineer to access your data, such as to troubleshoot and fix an issue, you maintain control of your data. Customer Lockbox enables you to approve or reject requests to access your data. Each approved access request is only available until it expires. Upon resolution of the issue, the request is closed and access is no longer approved. Customer Lockbox also helps you demonstrate that you have data access procedures in place, which can be necessary in meeting compliance obligations. Privacy by design Capabilities: Privacy controls enable you to configure who in your organization has access and what they have access to. Design elements prevent mingling of your data with that of other organizations using Office 365. Privacy controls enable you to configure your company privacy policies. To comply with business standards and industry regulations, you need to protect sensitive information and prevent its inadvertent disclosure. This includes financial data or personally identifiable information (PII), such as credit card numbers, social security numbers, and health records. With a data loss prevention (DLP) policy in the Office 365 Security Compliance Center, you can identify, monitor, and automatically prevent the accidental sharing of sensitive information across Office 365. DLP allows you to control how your data flows internally as well as outside your organization. Microsoft advocates for data privacy on behalf of customers, and safeguards customer data with strong contractual
In the new world of work, SharePoint Online and OneDrive for Business allows you to access email and documents from anywhere on any device—and to do so securely. Our approach provides this productivity protected by security with defense-in-depth solutions to safeguard your data. We give you the user and administrative controls to shield and defend your IT environment and the privacy of your customer data, so you can comply with standards and regulations. 07 Conclusion SharePoint Online and OneDrive for Business allow your business to get ahead while getting a handle on your data, providing tools to manage your users and devices, better understand usage within your organization, and be better prepared for any actions taken on your data. Microsoft has been a leader in trusted enterprise-grade solutions for decades now. And as the collaboration and compliance landscapes evolve, we do too. Learn more at the Microsoft Trust Center.

Recomendados

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleDavid J Rosenthal
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021David J Rosenthal
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021David J Rosenthal
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from MicrosoftDavid J Rosenthal
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainDavid J Rosenthal
 
Microsoft Viva Introduction
Microsoft Viva IntroductionMicrosoft Viva Introduction
Microsoft Viva IntroductionDavid J Rosenthal
 
Microsoft Viva Learning
Microsoft Viva LearningMicrosoft Viva Learning
Microsoft Viva LearningDavid J Rosenthal
 
Microsoft Viva Topics
Microsoft Viva TopicsMicrosoft Viva Topics
Microsoft Viva TopicsDavid J Rosenthal
 

Recomendados

Microsoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleMicrosoft Teams Phone - Calling Made Simple
Microsoft Teams Phone - Calling Made SimpleDavid J Rosenthal
 
Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021Whats New in Microsoft Teams Calling November 2021
Whats New in Microsoft Teams Calling November 2021David J Rosenthal
 
Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021Whats New in Microsoft Teams Hybrid Meetings November 2021
Whats New in Microsoft Teams Hybrid Meetings November 2021David J Rosenthal
 
Viva Connections from Microsoft
Viva Connections from MicrosoftViva Connections from Microsoft
Viva Connections from MicrosoftDavid J Rosenthal
 
Protect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainProtect your hybrid workforce across the attack chain
Protect your hybrid workforce across the attack chainDavid J Rosenthal
 
Microsoft Viva Introduction
Microsoft Viva IntroductionMicrosoft Viva Introduction
Microsoft Viva IntroductionDavid J Rosenthal
 
Microsoft Viva Learning
Microsoft Viva LearningMicrosoft Viva Learning
Microsoft Viva LearningDavid J Rosenthal
 
Microsoft Viva Topics
Microsoft Viva TopicsMicrosoft Viva Topics
Microsoft Viva TopicsDavid J Rosenthal
 
A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldDavid J Rosenthal
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the EnterpriseDavid J Rosenthal
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantDavid J Rosenthal
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021David J Rosenthal
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureDavid J Rosenthal
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Nintex Worflow Overview
Nintex Worflow OverviewNintex Worflow Overview
Nintex Worflow OverviewDavid J Rosenthal
 
Microsoft Power BI Overview
Microsoft Power BI OverviewMicrosoft Power BI Overview
Microsoft Power BI OverviewDavid J Rosenthal
 
Better Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsBetter Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsDavid J Rosenthal
 
What is Microsoft Teams
What is Microsoft TeamsWhat is Microsoft Teams
What is Microsoft TeamsDavid J Rosenthal
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Knowledge and Insights from Microsoft
Knowledge and Insights from MicrosoftKnowledge and Insights from Microsoft
Knowledge and Insights from MicrosoftDavid J Rosenthal
 
Microsoft SharePoint Syntex
Microsoft SharePoint SyntexMicrosoft SharePoint Syntex
Microsoft SharePoint SyntexDavid J Rosenthal
 
Microsoft Viva
Microsoft VivaMicrosoft Viva
Microsoft VivaDavid J Rosenthal
 
Secure Access to Your Enterprise
Secure Access to Your EnterpriseSecure Access to Your Enterprise
Secure Access to Your EnterpriseDavid J Rosenthal
 
Build Agile Business Processes With Power Apps in Modern Workplace
Build Agile Business Processes With Power Apps in Modern WorkplaceBuild Agile Business Processes With Power Apps in Modern Workplace
Build Agile Business Processes With Power Apps in Modern WorkplaceDavid J Rosenthal
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...kalichargn70th171
 

Más contenido relacionado

Más de David J Rosenthal

A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365David J Rosenthal
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftDavid J Rosenthal
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewDavid J Rosenthal
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldDavid J Rosenthal
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the EnterpriseDavid J Rosenthal
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantDavid J Rosenthal
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021David J Rosenthal
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureDavid J Rosenthal
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelDavid J Rosenthal
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active DirectoryDavid J Rosenthal
 
Better Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsBetter Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsDavid J Rosenthal
 
Knowledge and Insights from Microsoft
Knowledge and Insights from MicrosoftKnowledge and Insights from Microsoft
Knowledge and Insights from MicrosoftDavid J Rosenthal
 
Secure Access to Your Enterprise
Secure Access to Your EnterpriseSecure Access to Your Enterprise
Secure Access to Your EnterpriseDavid J Rosenthal
 
Build Agile Business Processes With Power Apps in Modern Workplace
Build Agile Business Processes With Power Apps in Modern WorkplaceBuild Agile Business Processes With Power Apps in Modern Workplace
Build Agile Business Processes With Power Apps in Modern WorkplaceDavid J Rosenthal
 

Más de David J Rosenthal (20)

A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365A Secure Journey to Cloud with Microsoft 365
A Secure Journey to Cloud with Microsoft 365
 
Azure Arc Overview from Microsoft
Azure Arc Overview from MicrosoftAzure Arc Overview from Microsoft
Azure Arc Overview from Microsoft
 
Microsoft Windows Server 2022 Overview
Microsoft Windows Server 2022 OverviewMicrosoft Windows Server 2022 Overview
Microsoft Windows Server 2022 Overview
 
Windows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid WorldWindows365 Hybrid Windows for a Hybrid World
Windows365 Hybrid Windows for a Hybrid World
 
Windows 11 for the Enterprise
Windows 11 for the EnterpriseWindows 11 for the Enterprise
Windows 11 for the Enterprise
 
Microsoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital AssistantMicrosoft Scheduler for M365 - Personal Digital Assistant
Microsoft Scheduler for M365 - Personal Digital Assistant
 
What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021What is New in Teams Meetings and Meeting Rooms July 2021
What is New in Teams Meetings and Meeting Rooms July 2021
 
Modernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft AzureModernize Java Apps on Microsoft Azure
Modernize Java Apps on Microsoft Azure
 
Microsoft Defender and Azure Sentinel
Microsoft Defender and Azure SentinelMicrosoft Defender and Azure Sentinel
Microsoft Defender and Azure Sentinel
 
Microsoft Azure Active Directory
Microsoft Azure Active DirectoryMicrosoft Azure Active Directory
Microsoft Azure Active Directory
 
Nintex Worflow Overview
Nintex Worflow OverviewNintex Worflow Overview
Nintex Worflow Overview
 
Microsoft Power BI Overview
Microsoft Power BI OverviewMicrosoft Power BI Overview
Microsoft Power BI Overview
 
Better Meetings with Microsoft Teams
Better Meetings with Microsoft TeamsBetter Meetings with Microsoft Teams
Better Meetings with Microsoft Teams
 
What is Microsoft Teams
What is Microsoft TeamsWhat is Microsoft Teams
What is Microsoft Teams
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
Knowledge and Insights from Microsoft
Knowledge and Insights from MicrosoftKnowledge and Insights from Microsoft
Knowledge and Insights from Microsoft
 
Microsoft SharePoint Syntex
Microsoft SharePoint SyntexMicrosoft SharePoint Syntex
Microsoft SharePoint Syntex
 
Microsoft Viva
Microsoft VivaMicrosoft Viva
Microsoft Viva
 
Secure Access to Your Enterprise
Secure Access to Your EnterpriseSecure Access to Your Enterprise
Secure Access to Your Enterprise
 
Build Agile Business Processes With Power Apps in Modern Workplace
Build Agile Business Processes With Power Apps in Modern WorkplaceBuild Agile Business Processes With Power Apps in Modern Workplace
Build Agile Business Processes With Power Apps in Modern Workplace
 

Último

AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...kalichargn70th171
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdfPearlKirahMaeRagusta1
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfryanfarris8
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionSolGuruz
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionOnePlan Solutions
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfVishalKumarJha10
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...software pro Development
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 

Último (20)

AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdfAzure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
Azure_Native_Qumulo_High_Performance_Compute_Benchmarks.pdf
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) SolutionIntroducing Microsoft’s new Enterprise Work Management (EWM) Solution
Introducing Microsoft’s new Enterprise Work Management (EWM) Solution
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 

Securing Your Content with SharePoint and OneDrive for Business

  • 1. SharePoint and OneDrive for Business Securing your content in the new world of work
  • 2. 01 Introduction 02 Platform security 03 Information governance 04 Secure access and sharing 05 Awareness and insights 06 Compliance and trust 07 Conclusion
  • 3. Microsoft has been building enterprise software for decades and running some of the largest online services in the world. We draw from this experience to keep making Microsoft SharePoint Online and OneDrive for Business more secure for users, implementing and continuously improving security-aware software development, operational management, and threat-mitigation practices that are essential to the strong protection of your services and data. The collaboration landscape has changed. Connectivity is ubiquitous, and the ability to work remotely has become an ingrained part of the work practice. People have come to expect to be able to access email and documents from anywhere on any device—and for that experience to be seamless. 01 Introduction
  • 4. In this e-book, you’ll learn about the Microsoft approach to security and compliance with SharePoint Online and OneDrive for Business, which encompasses: Platform security Protect content at rest and in transit with layered encryption customer controls and keys to lock down data. Information governance Manage your data life cycle process with customizable data retention, discovery, and deletion. Secure access and sharing Manage access and sharing settings to guard against leaks of sensitive data. Awareness and insights Gain full transparency and insights into users and data with auditing, reports, and alerts. Compliance and trust Leverage the proactive and continuous compliance and certification process of While this has been an enormous boost to productivity, it also presents huge challenges for security. Previously, businesses needed be concerned with a firewall that ended at the corporate boundary. Now that boundary has shifted to the end user. Businesses need to ensure that corporate data is safe while enabling users to stay productive in today’s mobile-first world, where the threat landscape is increasingly complex and sophisticated. SharePoint Online and OneDrive for Business are uniquely positioned to help you address these evolving security challenges. To begin with, Microsoft has continued to evolve with new standards and regulations. This has been a guiding principle behind security for SharePoint Online and OneDrive for Business. Right alongside that principle is this one: There is no security without usability. If security gets in the way of productivity, users will find a different, less secure way to do their work. SharePoint Online and OneDrive for Business allow your organization to go beyond its regular business rhythms and be nimbler in responding to market changes and opportunities. These solutions enable users to access the files and documents they need wherever they’re doing work, while sharing and collaborating in real-time. And you control and own your data while Microsoft takes care of it. billion records compromised in the last year (Source: Risk Based Security) days between infiltration and detection (Source: Mandiant Consulting M-Trends, 2016) of senior managers admit to using personal accounts for work (Source: Stroz Friedberg, On the Pulse: Information Security in American Business) of organizations lack data governance, leaving them open to litigation and data security risks (Source: AIIM – Information Management in 2016 and Beyond, March) year over-year-growth in electronic data (Source: AIIM – Information Management in 2016 and Beyond, March) Customer challenges by the numbers
  • 5. Data loss is non-negotiable for your business, and exposure of sensitive information and assets can have enormous legal and compliance implications— and impacts on your competitive edge. SharePoint Online and OneDrive for Business safeguard against unintentional disclosures through the defense-in- depth approach of Microsoft Office 365. Microsoft is constantly working on ways to mitigate the effects of attacks on data and information. These security measures form the foundation of our business products and cloud services. Office 365 gives you enterprise-grade physical and logical security capabilities to secure your IT environment, along with encryption controls to protect your files and email communications. Protect content at rest and in transit with layered encryption customer controls and keys to lock down data. 02 Platform security
  • 6. Physical security Capabilities: Extensive auditing and supervision prevent administrators from getting unauthorized access to your data. Multiple copies of your data are located across datacenters for redundancy. With Office 365, your data is stored in Microsoft datacenters that are protected by layers of security. These datacenters guard against not only unauthorized access and security breaches, but natural and environmental threats as well. They are built like, yes, fortresses. These fortresses, however, are transparent to you. Moving to a cloud service shouldn’t mean losing visibility into your services. We make it easy for you to monitor the status of your services, track issues, and get a historical view of availability. You also always have awareness of who has access to your data and under what circumstances they have it. Multiple copies of your data are kept across datacenters, which are geographically distributed. If Microsoft expands into a new country in the region where your data is stored, you are notified one-month in advance .
  • 7. Logical security Logical security keeps administrator access to your files under strict control. This happens through multitenancy architecture and automation processes, plus a combination of port scanning, perimeter vulnerability scanning, and intrusion detection—all to prevent malicious access. Multitenant architecture In cloud computing, multitenancy is the ability to share common infrastructure across numerous customers simultaneously, leading to economies of scale. The multitenant architecture of Office 365 supports enterprise- level security, confidentiality, privacy, integrity, and availability standards. Microsoft continuously works to ensure this, and does so based on the assumption that all tenants are potentially hostile to all other tenants. Multiple forms of protection have been implemented throughout Office 365 to prevent customers from compromising Office 365 services or applications, gaining unauthorized access to other tenants’ information, or breaching the Office 365 system itself. Automation Most Office 365 operations are automated. At the same time, Microsoft limit its own access to customer content. This enables Office 365 to be managed at scale while protecting against potential internal threats to customer content, such as a malicious actor or the spear-phishing of a Microsoft engineer. A Microsoft engineer might have limited, audited, secured access to customer content, but only when necessary for service operations and approved by a member of senior management at Microsoft (and, for customers who are licensed for the Customer Lockbox feature, by the customer). Customer data management In addition to these controls, you can manage your data in Office 365 much like you would in an on-premises environment. As the global admin, you have access to all features in the admin centers. This means you can add or edit users, and assign admin roles to others. And you can also control how users access information from specific devices or specific locations, or a combination of both.
  • 8. Encryption Capabilities: Easily and cost-effectively manage and maintain control of the encryption keys used by cloud apps and services. Encrypt keys and small secrets like passwords by using keys stored in hardware security modules (HSMs) with Azure Key Vault. Office 365 protects the confidentiality and integrity of customer data by following industry cryptographic protocols like Transport Layer Security (TLS)/Secure Sockets Layer (SSL) and Advanced Encryption Standard (AES). Data is protected at rest and in transit, and protection extends to file-level protection in some scenarios. “Privacy and security are essential to everything we do. Our customers expect us to process their sensitive data according to their country’s unique regulations, which is why we use Office 365. I advised our leaders and CIO that the Microsoft approach to security, compliance, and privacy is of the highest standard in the industry.” Sascha Schneider Privacy Counsel Deputy Data Protection Officer NGA Human Resources Data in transit For data in transit, Office 365 secures customer data by forcing all customer-facing servers to negotiate a secure session with client machines through TLS/SSL protocols. This applies to protocols on any device used by clients—such as SharePoint Online—on the web. Data at rest BitLocker volume encryption secures data at rest. It addresses the threats of data theft or exposure from lost, stolen, or inappropriately decommissioned computers and disks. Office 365 deploys BitLocker with AES 256-bit encryption on servers that hold all messaging data, including email and IM conversations, as well as content stored in SharePoint Online and OneDrive for Business. File-level encryption OneDrive for Business and SharePoint Online also use file-level encryption to encrypt data at rest. Office 365 moves beyond a single encryption key per disk to deliver a unique encryption key for every file stored in SharePoint Online—including OneDrive for Business folders. These files are distributed across multiple Azure Storage containers, each with separate credentials. Not only are these files spread across storage locations–the map of file locations is itself encrypted and the master encryption keys are physically separated from both content and the file map. All this makes OneDrive for Business and SharePoint Online a highly secure environment for stored files.
  • 9. Data overload is an issue for many organizations. While your organization might be obligated to keep content for a certain period—because of compliance, legal, or other requirements— holding on to data longer than you need it can create unnecessary legal risks. Office 365 can help you get a handle on your data life_cycle. With data governance features, you can 03 Information governance archive and preserve content from your SharePoint Online sites and OneDrive for Business locations—and import that content into your Office 365 organization. The Retention feature in the Office 365 Security & Compliance Center allows you to manage the lifecycle of your content, keeping the content you need and then removing the content after it’s no longer required.
  • 10. Data retention policies Capabilities: Enforce compliance with information management processes and enforce regulations with information management policies. Data retention policies allow you to meet your organization or industry compliance requirements. You can set global retention policies on all content in Office 365, or dig deeper by setting granular policies on specific users or content. Then, to follow through, you can use intelligence to automate data retention, classifying data based on age, type, user, or sensitivity, and use policy recommendations based on machine learning. And, of course, you’re only going to purge data that’s redundant, obsolete, or trivial. High value data can be preserved through applied actions. This can also be automated, by means of a customized schedule for preserving and deleting content. eDiscovery Identify and collect the data that might be relevant to a specific legal case. Capabilities: Identify and deliver electronic information that can be used as evidence in legal cases. Use advanced eDiscovery to analyze unstructured data within Office 365, perform more efficient document review, and make decisions to reduce data for eDiscovery. Office 365 in-place capabilities simplify the eDiscovery process, making it easy for you to find and preserve the right documents in cases of litigation or government litigations. Predictive coding enables you to train the system to automatically distinguish between documents that are likely to be relevant and non-relevant. And with clustering technology, you can look at documents in context and identify relationships among them. Legal and litigation controls Protection of the confidentiality of data that’s stored within the infrastructure. Capabilities: Prevent important documents from being edited or deleted, and define how long documents must be stored by using in-place holds and document deletion policies. Control the life_cycle of a SharePoint site and its associated site mailbox. Legal and litigation controls help you prevent important documents from being edited or deleted, and define how long documents must be stored. These controls enable you to manage the lifecycle of documents to comply with your organization’s records management policies. They allow you to control the lifecycle of a SharePoint site and its associated site mailbox, while providing a single experience for searching and preserving across Office 365.
  • 11. 04 Secure access and sharing Gain full transparency and insights into users and data with auditing, reports, and alerts. Your data belongs to you. Simple as that. This is another one of the guiding principles behind security for SharePoint Online and OneDrive for Business— that while, at Microsoft, we serve as custodians of your data, you remain in control of it. And we help you to manage this through access controls, sharing controls, and application and device management.
  • 12. Access controls Capabilities: Policies that provide contextual controls at the user, location, device, and app levels. Location-based conditional access policy that blocks users who are working from an untrusted location. The risks to information exposure have increased in today’s collaboration landscape because users don’t always work on desktop computers. Access controls now need to account for users connecting their mobile devices to nonsecure networks or using their own unmanaged devices. These new access controls start with conditional access policies. Conditional access allows you to keep your corporate data safe while providing your users a secure environment in which they can work from any device. Conditional access in SharePoint Online and OneDrive for Business offers security that goes beyond user permissions. It takes into account the identity of the user, the devices and applications being used, the network that the user has connected to, and the sensitivity of the data being accessed. Conditional access works alongside Multi-Factor Authentication in providing another layer of security. Multi-Factor Authentication requires two or more verification methods for user sign-ins and transactions. These methods can include randomly generated pass codes, a phone call, a smart card, or a biometric device. Advanced Security Management ensures that you’re aware of any suspicious activity in Office 365. This gives you the opportunity to investigate situations that are potentially problematic and, if needed, revoke suspicious user sessions.
  • 13. Sharing controls Capabilities: Extensive sharing controls to support external sharing, link expiration, and revocation of access to content and files. In working with vendors, clients, or customers outside your organization, you often need to share documents with these external users to collaborate directly. External users can be authenticated or anonymous. Because authenticated users have their own Microsoft accounts, you can share sites and documents much like you would with users within your organization. However, since these users don’t have access to your Office 365 subscription, they’re limited to basic-collaboration tasks. Users without Microsoft accounts are considered anonymous. These users can access folders and documents through shareable links without having to log in with a username or password. Anonymous users can’t access sites or be assigned licenses, so they’re only able to see your documents through the links you provide. These links are valid only for as long as you choose. The external sharing features of SharePoint Online help you manage security risks by giving you the capability to set up an extranet site. Extranet sites can be locked down so that only you can invite external users. Admins can control the list of partner domains that their employees can share with users outside the organization. Allow-and deny lists of email domains can be configured. Activities of the business partner users are audited, and reports can be viewed in Office 365 Activity Reports. “Many of our employees used multiple storage solutions, but we moved to OneDrive for Business because it has the stringent data protection standards that our clients expect and that give us more control over access to our data.” Sudesh Withanage Senior Technology Consultant Virtusa
  • 14. Application and device management Capabilities: Azure Active Directory management tools enable collaboration and deliver holistic identity protection and adaptive access control. Integrated device and app management is enabled through Microsoft Intune. With device-based policies, you can allow, block or challenge access through Multi-Factor Authentication, device enrollment, or password change. Device-based policies for SharePoint Online and OneDrive for Business help you ensure that your corporate resources data isn’t leaked onto unmanaged devices, such as devices that are non-domain joined or non-compliant. These policies limit content access to the browser while preventing files from being taken offline or synchronized with OneDrive for Business on unmanaged devices. Microsoft Intune helps you with mobile device management, securing corporate data on devices used by licensed Office 365 users in your organization. If a device is lost or stolen, you can remotely wipe the device to remove sensitive organizational information.
  • 15. Understanding usage within your organization helps you get ahead of security risks and usability issues. Advanced auditing enables you to discover forensic information about specific activities conducted by a user or an administrator. Personalized reporting offers seamless access to information through a 05 Awareness and insights Manage your data life cycle process with customizable data retention, discovery, and deletion. unified dashboard. And intelligent alerting allows you to monitor and investigate actions taken on your data, so that you can contain and respond to threats—and protect your valuable intellectual property.
  • 16. Advanced auditing Capabilities: Discover forensic information about specific activities that were conducted by a user or an administrator. Use RESTful APIs to get an unprecedented level of visibility into user and admin transactions within Office 365. Leverage hybrid auditing across cloud and on-premises. With advanced auditing in Office 365, you can track changes and user activity in SharePoint Online and OneDrive for Business. This allows you to audit changes made to files and site collections, as well as the users who made changes. Every user action is recorded for a full audit trail. And you can set up custom alerts when a specific event occurs. You can quickly access these audit reports through the Office 365 Security and Compliance Center.
  • 17. Personalized reporting Unified reporting and seamless information access. Capabilities: Unified reporting dashboard for seamless access to information. Product-level reports for more granular insight about the activities within each product. Personalized reporting helps you avoid the unexpected by being aware of what’s going on in your organization. Activity reporting for SharePoint lets you see how users in your organization are using SharePoint Online sites to access, save, and collaborate on documents. It shows you which users are active on each team site, and which users sync documents back to their local machines or share documents externally. The OneDrive for Business activity report gives you a holistic view of OneDrive usage in your organization. As with SharePoint reporting, you can see which users are using OneDrive to sync files back to their local machines and how users are actively engaging across OneDrive accounts in your organization.
  • 18. “We have revealed a more agile way of working that helps us simplify access to information, promote insights and analytics across the business, and remain competitive without sacrificing our essential security and compliance concerns.” Matt Potashnick Chief Information Officer AXA UK and Ireland Intelligent alerting Email notification when users perform specific activities in Office 365. Enabled through Advanced Security Management, intelligent alerting allows you to monitor and investigate actions taken on your data, identify risks, and contain and respond to threats made on your intellectual property. Threat Intelligence analyzes billions of data signals across Office consumer and commercial services, helping to protect you before attacks reach your network. These insights can be integrated with your existing security management tools.
  • 19. For customers considering a move to the cloud, compliance is a major issue. And it’s a paramount concern for us at Microsoft as well, which is why Office 365 offers you continuous compliance. Our base level of requirements for Microsoft products and services is always increasing, as impacted by needs worldwide and across industries. Our specialist 06 Compliance and trust Take advantage of the proactive and continuous compliance and certification process used by Microsoft. compliance team tracks standards and regulations, developing common control sets for our product team to build into the service. We have built over 1,000 controls into the Office 365 compliance framework that enable us to stay up to date with frequent changes to industry standards.
  • 20. Microsoft regularly submits self assessments to independent third party auditors. Microsoft holds key certifications, including: EU Model Clauses FedRAMP FERPA FISMA HIPAA Business Associate Agreement ISO/IEC 27001 UK G-Cloud v6 Official Continuous compliance Capabilities: Discover forensic information about specific activities performed a users or administrators. Use RESTful APIs to get an unprecedented level of visibility into all user and admin transactions within Office 365. Office 365 helps you meet evolving internal investigation, legal, and regulatory requirements with rich set of eDiscovery capabilities. Validating your organization’s security practices can be an expensive, exhaustive, and exhausting process. Office 365 enables you to identify relevant data quickly through advanced tools like machine learning, predictive coding, and text analytics. Advanced eDiscovery reduces the volume of data by finding near-duplicate files, reconstructing email threads, and pinpointing key data relationships. Plus, you can easily export this data to third-party applications for review. These capabilities intelligently simplify the eDiscovery process, so there’s less time taken on your end and less strain on your budget. And as the compliance landscape expands, our capabilities expand with it. “Our legal department, risk management group, and human resources organization thoroughly reviewed our options to make sure the [system] we chose would support continuous adherence to all our requirements. Like other global companies, we must comply with all local regulations. Office 365 gives us confidence that we can remain in compliance from a data privacy and security standpoint.” Sherry Nubert Chief Information Officer The Goodyear Tire Rubber Company
  • 21. “As we build the bank of the future, we are providing the right tools and technology for our people, resulting in improved agility and security. Our move to Office 365 is also helping us... reduce IT costs in half. We’re fully committed to the cloud as we add on all the Office 365 functionality, including the Enterprise Mobility Security Suite and Customer Lockbox.” Jeff Henderson Executive Vice President and Chief Information Officer TD Bank Group Transparent operations Capabilities: 24/7 escalation to the development team to resolve issues that cannot be resolved by operations alone. Thorough review of all service incidents and an analysis if your organization is affected. Controlled access to your data through Customer Lockbox. Our operations are transparent, so you can check in on the state of your service, track issues, and get a historical view of availability. This means you always know where your data is stored as well as who has access to it and under what circumstances. You can find all of this information in the Office 365 Trust Center. By design, Office 365 commercial services are separate from our consumer services so that there is no mixing of data between the two. We maintain that you are the owner of your data, and we do not mine customer data for purposes other than providing you productivity services. Even when you require a Microsoft support engineer to access your data, such as to troubleshoot and fix an issue, you maintain control of your data. Customer Lockbox enables you to approve or reject requests to access your data. Each approved access request is only available until it expires. Upon resolution of the issue, the request is closed and access is no longer approved. Customer Lockbox also helps you demonstrate that you have data access procedures in place, which can be necessary in meeting compliance obligations. Privacy by design Capabilities: Privacy controls enable you to configure who in your organization has access and what they have access to. Design elements prevent mingling of your data with that of other organizations using Office 365. Privacy controls enable you to configure your company privacy policies. To comply with business standards and industry regulations, you need to protect sensitive information and prevent its inadvertent disclosure. This includes financial data or personally identifiable information (PII), such as credit card numbers, social security numbers, and health records. With a data loss prevention (DLP) policy in the Office 365 Security Compliance Center, you can identify, monitor, and automatically prevent the accidental sharing of sensitive information across Office 365. DLP allows you to control how your data flows internally as well as outside your organization. Microsoft advocates for data privacy on behalf of customers, and safeguards customer data with strong contractual
  • 22. In the new world of work, SharePoint Online and OneDrive for Business allows you to access email and documents from anywhere on any device—and to do so securely. Our approach provides this productivity protected by security with defense-in-depth solutions to safeguard your data. We give you the user and administrative controls to shield and defend your IT environment and the privacy of your customer data, so you can comply with standards and regulations. 07 Conclusion SharePoint Online and OneDrive for Business allow your business to get ahead while getting a handle on your data, providing tools to manage your users and devices, better understand usage within your organization, and be better prepared for any actions taken on your data. Microsoft has been a leader in trusted enterprise-grade solutions for decades now. And as the collaboration and compliance landscapes evolve, we do too. Learn more at the Microsoft Trust Center.