One of the most common arguments we hear from businesses against moving to the cloud is around security. The perception is that cloud computing is less secure, the data stored on cloud servers is vulnerable to attack and that anyone could steal their data. The reality is exactly the opposite. Just like any business service, as long as you choose your partner carefully, you’re as secure in the cloud as you would be on premise.
Many of these security concerns have been laid at Microsoft’s door. So, at this years’ RSA Conference, the Redmond tech giant sought to alleviate those concerns by introducing Customer Lockbox for Office 365.
Office 365 already has a credible security record according to independent testing, so any enhancement of that is going to be good news. The Office 365 Trust Center is a great resource to see exactly how secure data is protected already but there is always more to do. That’s where the Customer Lockbox comes in.
Customer Lockbox
Customer Lockbox for Office 365 offers more control for business users by providing the means to determine exactly when and how a Microsoft employee may gain access to customer data. When asking for Microsoft assistance with an issue, users of Customer Lockbox will have to grant specific permission for access, allowing complete control over your data.
Office 365 is mostly automated, meaning Microsoft employees rarely need to go anywhere near your data during day to day running. It’s only when troubleshooting an issue specific to your service that they may access your area. Currently, Microsoft engineers go where they need to go to solve your problem, which not everyone is happy with. Opt in to Customer Lockbox and you have complete control over where and when Microsoft accesses your business area, giving you the final say over who goes where.
More secure Office 365
In addition, a new Office 365 Management Activity API will allow a complete overview of security logs and access for full transparency and compliance. Access via Customer Lockbox will be included in this new API.
Finally, Microsoft is also widening file-level encryption to include Exchange email. Currently only SharePoint files are encrypted but that’s changing. It clears the way for further planned security enhancements next year, including the ability for users to provide their own security keys rather than having to use Microsoft generated ones.
With Customer Lockbox for Office 365, users will be able to control when, when and for how long Microsoft can access data for troubleshooting. They will then be able to use new APIs to track exactly who accesses data and will also enjoy new levels of file encryption. All at no extra charge! Customer Lockbox for Office 365 will be turned on by the end of 2015.
