Office 365 can help you meet and exceed your compliance requirements - both now and in the future. It is accredited to many international standards including ISO 27001, the international gold standard for data security and ISO 27018 which protects personal data in the cloud. A specialist compliance team continuously tracks standards and regulations and develops common control sets to build into Office 365. It can also help you on your journey to reducing risk and achieving compliance with the GDPR by helping you discover and control what personal data you hold and where it resides.
Your data will be stored in secure UK data centres and will always remain yours, even if you choose to end your subscription. For archiving, auditing, compliance, regulatory and eDiscovery challenges, Office 365 will help you find up-to-date and relevant content quickly, and transfer content for review and production. In-Place and legal hold features preserve and hold user information, for use in future litigation for example, and additional security capabilities protect sensitive customer and business data.
Office 365 meets the requirements specified in ISO 27001, ISO 27018, EU model clauses, G-Cloud, HIPAA BAA, and FISMA. Cloud Direct are accredited to ISO 27001:2013, ISO 20000 and G-Cloud so we meet and exceed the level of security and service required by highly regulated businesses. Cloud Direct is also compliant with the Data Protection Act and the UK Financial Conduct Authority’s (FCA) regulations.
Office 365 eDiscovery can find text and metadata in content across Office 365 including SharePoint Online, OneDrive for Business, Skype for Business Online, and Exchange Online. In addition, Office 365 Advanced eDiscovery can help you identify documents that are relevant to a particular subject quickly and with more precision than traditional keyword searches or manual reviews.
Data loss prevention in Office 365 will help you identify over 80 common sensitive data types, including financial, medical and personally identifiable information, in your files. You can configure policies to protect this information and prevent both accidental and malicious data breaches. Office 365 also includes Advanced Data Governance that uses machine learning to help you find, classify and apply policies to manage business critical data throughout its lifecycle.
Legal hold and eDiscovery are built into Office 365 help you find and preserve electronic content (often referred to as electronically stored information or ESI) for a legal request or investigation. Exchange Online offers both In-Place Hold or Litigation Hold to help you hold mailbox content, including email messages and attachments for regulatory purposes.