Office 365 has robust policies, controls and systems to keep your data safe and secure. They are constantly being updated with new features to respond to the latest security concerns. Enterprise-grade security requirements are embedded in every development phase of Office 365 and fall into two categories:
It’s important to note that your Office 365 data will always belong to you. You will have extensive privacy controls and visibility of where your data resides and who has access to it. And if you end your Office 365 subscription, you can take your data with you.
Your data is hosted in secure UK data centres built specifically to protect against natural disasters or unauthorised access. Data centres are monitored 24 hours a day with video surveillance, motion sensors and onsite security teams. Physical access is strictly controlled by multiple authentication processes, including biometric scanning. Fire prevention measures include automatic extinguishing systems. If engineers need to investigate a service issue, Office 365’s Lockbox will give you a stringent escalation process that limits human access to your data.
Your data is encrypted at rest and with SSL/TLS when in transit. Office 365 includes admin and user controls to help you protect the data in your business. Rights Management Services can be used to specify access permissions to documents, workbooks, and presentations. Data loss prevention in Office 365 helps you identify and monitor confidential information and stop it from being emailed either inside or outside your organisation.
Anomaly detection policies will alert you to potential security breaches. They scan user activities and evaluate risk against over 70 different indicators, including sign-in failures, administrator activity and inactive accounts. For example, if a user accesses email in New York and then two minutes later is downloading a document from SharePoint Online in Tokyo, you will be alerted.
Protect mailboxes against new, sophisticated attacks in real time. Suspicious attachments go through a real-time behavioural malware analysis that uses machine learning techniques to evaluate the content for suspicious activity. Unsafe attachments are sandboxed in a detonation chamber before being sent to recipients. When users click on a link in an email, the URL is examined in real time and flagged/blocked if malicious.