Microsoft claims that Office 365 services have been built from ground up with one important thing in mind, Security. To prove that the cloud services offered by Microsoft through office 365 are adequate, Microsoft has obtained quite a few compliance certifications including ISO 27001, Safe Harbor, etc. Microsoft also brings to light that it has compliance with GLBA (Gramm-Leach-Bliley Act) to some extent as well in terms of Financial Privacy Rule and Safeguards Rule. But, the question that does come to mind is, “Are these compliance claims enough for Organizations that want to bring their SharePoint, Exchange, Message & Collaboration to the cloud?”
Compliance in the Cloud has been a hot topic of discussion and Microsoft has certainly done a good job as far as information security is concerned with the above mentioned certifications. The certifications do bring some level of surety to the table but one thing that has to be kept in mind all the while is that the compliance is in terms of Microsoft Infrastructure and services. Organizations themselves won’t be automatically complying with the aforementioned standards.
Organizations would have to derive their own mechanism to extent their existing compliance and management systems to Office 365. One such aspect is the email compliance that demands encryption, data loss prevention, archival, etc.
“Concerns about security and compliance have been a major barrier to accelerated adoption of cloud solutions”, says David Knight, Vice President at Proofpoint.
With today’s information world, we see a rise in the litigations across the technology spectrum. Privacy and complex regulatory requirements are pushing organisations over the edge and with cloud in the equation, the complexity attain new heights. Microsoft Office 365 does address some of these issues with its compliance certifications and audits.
Proofpoint has architected a solution: Compliance for Office 365: Email Privacy, DLP, Encryption & Archiving, in conjunction with Office 365 that enable organisations to attain compliance with HIPAA/HITECH, SOX, GLBA, PCI, FERPA, FINRA and SEC regulations. David adds, “With Proofpoint Compliance for Office 365, we’re delivering a powerful, proven compliance solution that allows enterprises to move email services to the cloud without hesitation.”
Proofpoint solution brings Compliance for Microsoft Office 365 through a bundle solution that offers features enabling organisations to protect the email communications and achieve regulatory compliance. The bundled solution includes Proofpoint Enterprise Archive, Proofpoint Enterprise Protection and Proofpoint Enterprise Privacy. Some of the features offered include Email archival with rapid searchability and eDiscovery, Data Leakage Prevention that protects private and confidential information in emails while in compliance with international, industry and U.S. Data protection regulations. Last but not the least, Proofpoint brings with it policy-based email encryption while mitigating risks associated with regulatory and corporate policy violations.