A major concern for IT leaders looking to move to the cloud is information security. In this blog post, we will address some of the benefits of Office 365 from a SharePoint security perspective.
Why SharePoint Online is secure:
Office365 and SharePoint Online are HIPPA compliant. Not only is SharePoint Online HIPPA compliant but it is also PCI, FERPA, and FISMA compliant as well.There are several important reasons for this.
Unless someone with permissions is viewing it, all of your content in SharePoint Online and Office365 is encrypted. If it's just sitting out in Microsoft's servers, it's encrypted. If you are in the middle of accessing it, it's encrypted. This means that on the off- chance someone actually gets their hands on your data, they can't really do anything with it. All they get is a bunch of meaningless gibberish. With SharePoint Online, and really all data management tools, it isn't about someone "hacking into the mainframe" but rather how your users are treating their information.
Luckily MS has your back there, too.
Data Loss Prevention:
95% of the time, when confidential information gets out, it is because someone did not follow protocol. A common example; if sensitive company information leaks outside of the organization, there is always a chance this information was leaked via email or text message. If documents such as records or documents were leaked, someone may have broken protocol and stored them in a company-wide public site.
Data Loss Prevention (DLP) is a service of Office365 that tells you where the sensitive information lives on your SharePoint intranet and stops actions that would break compliance. You can control the conditions to which the content must match and what the automatic response from the system is. Some of the Out-of-the-Box filters and conditions are preset to match data compliance laws in the US. Combine DLP with an analytics engine and you can not only learn where information is, but also who is accessing it and how often they are accessing it.
Microsoft constantly updates the procedures, algorithms, and servers that your data lives on. Remember WannaCry? MS knew about that breach before it happened. In fact, they had already updated O365 to protect against it before the virus was ever created. Companies on the cloud never had to think about NSA-identified weaknesses because there is an entire division of a multi-billion dollar company that's dedicated to it. MS made the patch available for 2007 servers and up; however,that required companies to manually update their servers (which they should have been doing anyway!)
O365 will always be the most up-to-date, secure, and monitored location to store your data, because it's not just your data that lives there, but the data of 1.1 million companies. The resources on its maintenance are greater than any other individual company server.
Ready for an easy, secure intranet? Request an IntranetPro demo today!