Office 365

Office 365 is your office in the cloud, with the professional tools you need to get more done - anytime, anywhere.

Office 365 Security

Office 365 has robust security policies, controls and systems to keep your data safe. And because threats are always evolving, so is the protection.

Enterprise-grade security requirements are embedded in every development phase of Office 365 and fall into two categories:

  1. Features and services controlled by you so you can tailor your Office 365 environment to fit the security needs of your organisation.
  2. Built-in security technologies and policies that are enabled by default and allow Microsoft to protect your information.


Your Office 365 data always belongs to you. You have extensive privacy controls and visibility of where your data resides and who has access to it. And, if you end your Office 365 subscription, you take your data with you.

  1. Infrastructure security
    Office 365 hosts your data in secure UK data centres built specifically to protect against natural disasters and unauthorised access. Fire prevention measures include automatic extinguishing systems, and 24-hours-a-day video surveillance, motion sensors and onsite security teams keep your data out of harm’s way.

    Physical access is strictly controlled by multiple authentication processes, including biometric scanning. If engineers need to investigate a service issue, Office 365’s Lockbox will give you a stringent escalation process that limits human access to your data.
  2. Data loss prevention
    Your data is encrypted at rest and with SSL/TLS when in transit. Office 365 includes admin and user controls to help you protect the data in your business. Rights Management Services allow you to specify access permissions to documents, workbooks, and presentations.

    Data loss prevention in Office 365 helps you identify and monitor confidential information and stop it from being emailed either inside or outside your organisation.
  1. Advanced Security Management
    Anomaly detection policies will alert you to potential security breaches. They scan user activities and evaluate risk against over 70 different indicators, including sign-in failures, administrator activity and inactive accounts.

    For example, if a user accesses email in New York and then two minutes later is downloading a document from SharePoint Online in Tokyo, you’ll get an alert.
  2. Advance Threat Protection for email
    Protect mailboxes against new, sophisticated attacks. Suspicious attachments go through a real-time behavioural malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. Unsafe attachments are sandboxed in a detonation chamber before being sent to recipients. When users click on a link in an email, the URL is examined in real time and flagged/blocked if malicious.