With Office 365 Enterprise-grade Security Features, Businesses Can Put Their Mind To Ease

Author: Gordon Tong

According to a survey by specialist recruitment firm Robert Half, data security and legislation are 2 key areas of concern for Singapore CIOs. The survey, which polled 407 CIOs in Singapore, Australia, Hong Kong and Japan, revealed that 65 per cent of CIOs in Singapore believe security risks are the biggest problem with cloud technology.

With security being a huge concern, it is thus very important for organizations to adopt technologies which are accredited with the highest level of certification.

In this regard, Microsoft definitely comes into the picture seamlessly. The Microsoft Cloud is based on decades of experience, a strong commitment to security, privacy, and transparency, and strict adherence to leading industry practices. As the only cloud leader credited in all four of the Gartner Cloud Computing Magic Quadrants, it has also received the most certifications from around the world for its compliance – including being the first cloud computing platform to conform to ISO/IEC 27018, the only international set of privacy controls in the cloud.

Right here at home in Singapore, Microsoft’s Office 365 have also achieved the highest level certification, Level 3, of the Multi-Tier Cloud Security (MTCS) Standard for Singapore which has been designed for regulated organizations with specific requirements and more stringent security requirements.

With that, let’s probe deeper into some of the compelling security features of Office 365:

1)     Advanced Threat Protection (ATP)

ATP is an email filtering service that provides additional protection against specific types of advanced threats. Currently, Exchange Online Protection employs a robust anti-virus protection against known malwares and viruses. With ATP, this protection is extended through a feature called Safe Attachments, which protects against unknown malware and viruses. Messages and attachments that do not have a known virus/malware signature are routed to a special hypervisor environment, where a behavior analysis is performed using a variety of machine learning and analysis techniques to detect malicious intent. If no suspicious activity is detected, the message is released for delivery to the mailbox.

2)     Message Encryption & Rights Management

With Office 365 message encryption, users can deliver confidential business communications with enhanced security, allowing users to send and receive encrypted email as easily as regular emails. As communication is done through a TLS-enabled network, the message security is enhanced. This feature will also eliminate certificates as the recipient’s email address is used as the public key. Ultimately, the administrators can still maintain control of the environment using a policy-based encryption, and help to manage compliance by leveraging the strong integration with data loss prevention.

Furthermore, Rights Management in Office 365 allows individuals and administrators to specify access permissions to documents, workbooks, and presentations. This helps to prevent sensitive information from being printed, forwarded, or copied by unauthorized people by applying intelligent policies.

3)     Federated Identity

All Office 365 users whose identities are based on the federated domain can use their existing corporate logons to authenticate to Office 365. Federation enables secure, token-based authentication. This also allows administrators to create additional authentication mechanisms such as:

·       Multi-factor authentication

·       Client-based access control, allowing organizations to control how users access information from specific devices or specific locations or a combination of both

Furthermore, with IM federation, Skype for Business users can also IM in a highly secure environment. All federated communications are encrypted between the IM systems using access proxy servers.

4)     Data Loss Prevention

Exchange Online provides Data Loss Prevention (DLP) technology that identifies, monitors, and protects sensitive data and helps users understand and manage data risk. For example, DLP proactively identifies sensitive information in an email message such as credit card numbers. The administrators also have a full range of controls and can customize the level of restrictions for their organization. For example, users can simply be warned about sensitive data before sending, or users can be blocked from sending data completely.

In a nutshell, to remain competitive, businesses today need productivity services that help their employees get more done from anywhere without compromising security in the face of ever-evolving threats. Office 365 supports both of these needs at once with a highly secure, cloud-based productivity platform. When businesses choose Office 365, they get a partner that truly understands business security needs and is trusted by companies of all sizes across nearly every industry and geography.

If you would like to know more Information regarding Office 365 security, privacy, compliance, transparency, and service, please visit Office 365 Trust Center and the Service Trust Portal.