Office 365 - How Safe is it?

Posted by: Stephen Wilson on March 23, 2020

With the current state of work a lot of organizations are scrambling to figure out a way to get work done remotely and/or inoffice 365 cloud the cloud. The need to keep at least the basics running while being concerned about how secure the “cloud” is creates a lot of tension. Here at PAIT Group we specialize in Office 365. Normally we do a lot of work with planning, migrating, and training customers to make this kind of transition as smooth and orderly as possible. For the moment though, we are also doing our best to capture your questions and concerns quickly.

Here are a few tidbits to help you with the basics:

  • The default level of protection offered in Office 365 is described like this: Data is encrypted and available only to authenticated users. Data is encrypted while it resides in the service and in transit between the service and client devices.

This is probably better than the default most organizations  maintain for their on-premises operation. The databases are probably not encrypted, neither are the connections to the devices in the network. The VPN is encrypted, yes, but not all of the content resting on the file share.  

This is probably better than the default most organizations  maintain for their on-premises operation. The databases are probably not encrypted, neither are the connections to the devices in the network. The VPN is encrypted, yes, but not all of the content resting on the file share.  

  • If you have advanced concerns like HIPAA or some other security framework, the cloud is still an option. Office 365 has been verified as having all necessary privacy and security controls to comply with HIPAA Rules.  The burden of setting things up correctly still lies with the organization using it, however (https://www.hipaajournal.com/microsoft-office-365-hipaa-compliant/).

That may take more time and resources than you have in the short term, but remember your goal may be simpler than getting everything online and working right this minute. You may just need a simpler solution for a more basic problem of communicating with people you are used to having down the hall and getting basic work done. There are solutions that can be much more convenient and secure than emailing files back and texting co-workers.

  • If you have no specific framework that you need to comply with, it’s relatively simple to set up  Office 365 to be as secure, or in many cases, more secure than the in-place information technology solutions that many organizations have today. Setting up Two-factor authentication, limiting external sharing, and creating private areas for different work teams to upload, share and store information can be a very quick exercise. 
  • More importantly, if you need something NOW, Microsoft has been working to make Microsoft Teams widely available for the duration. https://www.microsoft.com/en-us/microsoft-365/blog/2020/03/05/our-commitment-to-customers-during-covid-19/

Teams is a very good solution for sharing content online with your peers in a secure and  controllable environment. As a bonus you get unlimited chat, built-in group and one-on-one audio or video calling, to keep your people connected and working together (as well as supporting each other socially).  

If you have questions or think you need a jumpstart on any of this, we are here. Our team has been using these solutions to work as traveling and remote users since our inception, we would love to share our experience.

Once things settle down, you can move things back in-house if you like, or if these changes in the way people work prove to be durable we can help you build out that security compliant cloud-based workplace that is usable both remotely, and inside your office. Maybe you were already thinking about moving in this direction?  We have a ton of information in the blogs on this site, and I will be writing more around security and compliance  if you need some ideas of how to scale out both the range of information you can put online and the people you can connect to it. Let us know how we can help.

PAIT stands for Powerful Alone, Invincible Together. It’s a good message for the times. Social distance doesn’t mean social isolation, we need to stand together to keep moving forward.

Topics: Microsoft Teams, Office 365 Security

    Recent Posts

    Categories