Security In Microsoft Office 365

Microsoft Office 365 promises a complete user experience in terms of word processing, collaboration, messaging, voice and video calls, publishing, etc. through the different component services like Office Professional Plus, Exchange Online, Lync Online and last but not the least SharePoint Online.

Microsoft has designed the architecture of Office 365 [Image courtesy Microsoft.com] keeping in mind and using the key principles of Microsoft Trustworthy Computing Initiative. To safeguard customer data from risks and threats, common security policies are applied to Office 365 through the Microsoft Security Program. Office 365 has also obtained security certifications based on industry standards and hence promises security as well as continuity.

The data centres in which Office 365 cloud servers are hosted are protected through physical as well as logical security. Physical security controls include physical controls, video surveillance and access controls. Logical security has been provided through data isolation, federated identity, single sign-on, hosted application security, identity and access management, etc.

Physical Security

Microsoft hosts the cloud servers for Office 365 in data centres which are physically controlled through multiple security checks. Carrier-class data centres are used to house customer data through which Microsoft promises consistent and secure delivery according to the SLA [Image courtesy Microsoft.com]. Some of the features of the data centres include Secure Physical Access for authorised personnel only, redundant power supplies, climate control, natural disaster control, 24-hour secured areas with constant surveillance recording and monitoring.

The Microsoft Office 365 services have been deployed across multiple data centres located across the globe for better regional connectivity. Microsoft promises to use the best of the breed hardware for cloud computing and this helps Microsoft eliminate the unnecessary costs, reduce power and space consumption and ultimately pass on the saving to its customers.

Logical Security

Microsoft understands and appreciates the fact that logical security carries the same importance as that of physical security and for this reason it utilises the best in the industry devices for optimum logical security.

Few of the features under logical security include:

Data isolation: As Office 365 is a cloud based Productivity Suite, there will be multiple tenants within the same physical server utilising the services and Microsoft takes care that the unauthorised data access is out of bounds. For this, Active Directory based structure and capabilities specifically designed for secure multitenant environment are utilised.

Hosted Application Security: Microsoft promises that the applications hosted on its servers in its data centres will be highly protected through robust security measures. Some of the features of these security measures include support for encrypted communications, support for Secure/Multipurpose Intern Mail Extensions (S/MIME), Real-time Block Lists (RBL), Active Directory Rights Management for Enterprise users, Multi-layered malware protection through deployment of antivirus software for operating systems, email messaging systems and shared data.

Infrastructure Security: Infrastructure-level security measures have been also put in place to complement the physical security. Some of the features are secure remote access via Remote Desktop Services for Windows 2008, Environment security scanning, Intrusion detection systems, Data Execution Prevention measures, Central Management of all Security Policies, etc.

Network-level Security Measures: Microsoft has taken care that whenever customers access their data over the internet, it is always encrypted through Transport Layer Security (TLS)/Security Socket Layer (SSL). Redundant network is provided at each site which ensures and 99.9% uptime and availability. Filtering routers have been also put in place at the edge of the Office 365 to stop any unwanted and unauthorised packets from entering the Microsoft data centres.