Security and legal concerns with Office 365

Security and legal concerns with Office 365

Security concerns about the public cloud are on the decline – but they continue to slow down adoption.

In fact, in a recent survey of hundreds of IT decision makers, security was the leading reason (48.5% of respondents) why businesses haven’t yet made the leap to the cloud.

why businesses haven't yet made the leap to the cloud

In a strange twist, though, that same study — conducted by a cloud migration expert SADA — showed that cloud security was also the key driver of its adoption (51.5%). So, simply put: cloud security is both scaring business away and attracting it en masse.

What gives? Office 365 Adoption Shift is slow-moving.

As the ZDnet writer Joe McKendrick puts it, public opinion about the public cloud is shifting, but it’s a trend that has been evolving — slowly — over the last few years.

The reality is that public cloud has its own security risks and concerns, just like anything. But when closely examined, most leaders would have to agree the cloud offers more security, better compliance options, far more control and transparency than the fears would have you believe.

This was the key topic of discussion in our latest webinar on Office 365, where we dug into the security and legal concerns present with adopting the cloud productivity suite.

Key Security Concerns with Office 365: 

The core concerns about Office 365 centre around security, access, visibility, and encryption, namely:

  • Is my content safe in your data centers?
  • Who has access to my organization’s content in the service?
  • What visibility do I have into the activity on my content in the service?
  • Can I encrypt everything so that it’s not possible for you (Microsoft) to have access to my content?

As we have shown in our expert-hosted webinar, which was attended by IT leaders from across North America, is that under each of those key categories, Office 365 delivers a safe, secure and business friendly set of tools and solutions.

  • Security: Office 365 offers the highest security on all levels, from content to the network to the admin and all things in between. On top of this, it offers continuous security best practices and services, like penetration testing and granular end-user controls over configurations.
  • Privacy: With it’s “privacy by design” ethos, no one is ever able to use your data in a way that you do not approve of. This means Microsoft builds no back doors and provides no unfettered governmental access to your data.
  • Compliance: Microsoft’s broad and thorough approach to compliance is a big positive and helps to relieve a major concern many businesses are struggling to overcome. With it, you meet out-of-the-box standards such ISO 27001, HIPAA, FedRAMP/FISMA and SOC. You also have access to deep analytical auditing and reporting and much control over how your data is handled and where.
  • Transparency: With the “Transparency Hub” you get up to date insight on how law enforcement and other agencies attempt to request data and what Microsoft provided. You can easily see where your data is stored geographically, too, at any given time.

Of course, this does not mean that you are completely “off the hook.” Security on the cloud is always a shared responsibility — and you are still charged with much of the access, admin, and connections with the cloud applications that could provide other security issues not handled by Microsoft.

For a much deeper dive into all of the topics above, watch the recorded webinar above.

A roadmap every CIO needs when launching Office 365

A Roadmap Every CIO Needs When Launching Office 365

Picture this: It’s your tenth birthday, and you’ve just unwrapped the gift you had begged for all year. A brand new Lego set of your favorite NASA space shuttle. You tear open the box, spread the blocks around the carpet, ready to build, and then you notice it… The instructions are missing.

The example above might seem like a trivial childhood drama – but IT leaders embarking on an Office 365 project are facing a similar sort of surprise. We’ve opened the box, so to speak, expecting huge productivity, simplicity and licensing gains, only to discover we’ve got no user-manual to this complicated, unknown new technology.

[Read more…]

Microsoft Azure Security, Compliance Fears Are Slowing Adoption – Should They Be?

Microsoft Azure Security, Compliance Fears Are Slowing Adoption - Should They Be?

It might seem contradictory.

One one hand, a majority of businesses are now considering leveraging the public cloud to get their business done, and get it done at levels of efficiency never before possible. But at the same time, the concept of the cloud still instills fear and concerns across all levels of the business.

With so much on the line, and the cloud being seen as the key to competitiveness in the years to come, can businesses afford to be ambivalent about its value? And when it comes to Microsoft Azure, their own cloud platform, many organizations are treading lightly, unsure how to proceed. Is it something to fear, or to embrace?

Read on, as we put these fears to rest.

[Read more…]

The 5 Key Considerations Before Adopting Microsoft Azure

The 5 Key Considerations Before Adopting Microsoft Azure

The news comes as no surprise to anyone in IT: Microsoft Azure is poised to take the lead in the enterprise public cloud battle.

This comes just as Microsoft beefed up online services, with new Hybrid capabilities, better Big Data tools and enhanced security and compliance standards. If Azure doesn’t make 2015 it’s year to take over the enterprise cloud, I don’t know who will.

Just because something has momentum, doesn’t necessarily mean its time to jump on the bandwagon. The cloud is a major undertaking. Perhaps one top of your list for the year – but not something you should rush into. Don’t consider adopting Microsoft Azure without taking these five key considerations into mind.

[Read more…]

Beyond Office 365: Building a Global SaaS Identity Strategy


If you are considering deploying Microsoft Office 365, you’re probably thinking about the challenges of managing user identities in the cloud. For many organizations, Office 365 represents their first “official” SaaS application and will likely pave the way for larger SaaS investments down the road.If you haven’t already, now is the time to think about the systems you need to support a global SaaS identity strategy.

A global SaaS identity strategy has two key components: authentication – or the process of confirming that users are who they say they are – and authorization – or determining what users are allowed to do after they log in. Put another way, you might have a valid passport (authentication), but you can’t board a flight without a ticket (authorization).

As more SaaS apps find their way into the workplace, the more authentication and authorization challenges you will face. Without an overarching strategy, you’ll need to address these challenges with every new SaaS provider – hardly a recipe for success. Here are five drivers that prompt many organizations to think beyond Office 365 and create a global SaaS identity strategy: [Read more…]

Microsoft Simplifies the Select Plus Program

The Select Plus agreement, launched in October 2008, was designed for organizations with 250 or more PCs and allows customers to make transactional purchases from three product pools: applications, servers, and systems. Discount price levels are established based on points per product pool and updated as purchases are made. Software Assurance (Microsoft’s term for maintenance or upgrade protection) is optional.

In response to customer’s needs for greater flexibility and ease of manageability, Microsoft made two changes to the Select Plus program that took effect in March 2011.

Change to how rollover points are accounted for: [Read more…]