– Jeff Gorman, Business Unit Director
With more workers on the go, your business information is likely accessed by more people and from more places and platforms than ever before. With this increased access comes an increased responsibility to protect your information in all locations and across all platforms. As data becomes more accessible, attack methods can become more sophisticated and malicious. A comprehensive approach to security is required to protect your systems and data in this environment. As organizations consider integrating cloud-based services for core business functions, it is important that the security methodologies deployed by those providers are carefully considered.
One such offering that has gained significant positive attention regarding providing business services via the online model is Microsoft’s Office 365 solution. This solution combines the familiar Office desktop suite with the cloud-based versions of communications and collaboration services of Exchange Online, Sharepoint Online, and Lync Online. In support of the requirement to provide customers with details around the security of an online model, Microsoft provides a considerable amount of data regarding the security features and functionality of their offerings.
Office 365 client data is stored in Microsoft’s own network of highly available data centers, strategically located around the world. These facilities are built from the ground up to protect services and data from harm, whether natural disaster or unauthorized access. Physical security best practices are maintained, including state-of-the-art hardware, 24-hour secured access, redundant power, multiple fiber trunks, and many other features. Because of system redundancy, updates can generally be deployed to the system without any downtime for your users. The system is protected at the logical layer by robust data isolation, continuous monitoring, and a wide array of other recognized practices and technologies. All of the physical and logical security tasks are taken care of in the data center, which can drastically reduce the amount of time you spend keeping your data and systems safe.
Office 365 is a multi-tenant service, meaning that data is distributed among hardware resources. Therefore, your data may be stored on the same hardware as that of other customers. This is one reason that Office 365 can provide the cost and scalability benefits that it does. Microsoft goes to great lengths to ensure the multi-tenant architecture of Office 365 supports enterprise privacy and security standards. Data storage and processing is logically segregated between customers through specialized Active Directory technology engineered specifically for the purpose. For organizations that want additional data isolation, a version of Office 365 is available that stores your data on dedicated hardware.
Unlike an on-premises installation that lives behind a corporate firewall and may be accessed over a virtual private network (VPN), Office 365 is designed specifically for secure access over the Internet. There are two options for user identification: Microsoft Online IDs and Federated IDs. In the first case, users create Microsoft Online Services accounts for use with Office 365. Users sign in to all their Office 365 services using a single login and password. The single sign-on application helps users easily create and use strong passwords that keep their services safe.
You can also choose federated identification, which uses on-premises Active Directory Federation Services (a service of Microsoft Windows Server 2008) to authenticate users on Office 365 using their corporate IDs and passwords. In this scenario, identities are administered only on-premises. This also enables organizations to use two-factor authentication (such as smart cards or biometrics in addition to passwords) for maximum security.
Moving productivity services to the cloud requires a serious consideration of security and privacy issues and technologies. Office 365 is designed to deliver the enterprise-grade security you require to move to the cloud with more confidence. Microsoft’s data centers are designed, built, and managed using a defense-in-depth strategy at both the physical and logical layers, and their services are engineered to be secure using the Security Development Lifecycle. Office 365 attempts to make it easy for users and administrators to access and use data and services while following security best practices.
Contact your Keller Schroeder Account Manager for more information or a demonstration of this product and how you, together with Keller Schroeder, can benefit your environment.
– Jeff Gorman, Business Unit Director