Today’s (Cloud) Tip…Security of customer data in Office 365

We employ all of the follow methods to secure customer data in Office 365:

  1. Network segmentation to ensure physical separate of back-end services and devices from public-facing interfaces
  2. BitLocker 256-bit AES Encryption for all email content at rest (i.e., on storage media)
  3. Access to physical hardware is monitored and controlled by including badges and smart cards, biometric scanners, on-premises security officers, continuous video surveillance, and two-factor authentication
  4. Our racks are seismically braced (I just think that is cool!)
  1. Traffic Throttling to Prevent Denial of Service Attacks
  1. Deleting unnecessary accounts automatically when an employee leaves, changes groups, or does not use the account prior to its expiration

The service is also certified by a number of independent compliance checks and validations such as:

  1. ISO 27001
  2. FISMA moderate Authority to Operate
  3. HIPAA Business Association Agreement (BAA)
  4. EU Model Clauses
  5. Cloud Security Alliance (https://cloudsecurityalliance.org/research/projects/cloud-controls-matrix-ccm/)

See http://www.microsoft.com/en-us/download/details.aspx?id=26552 for all the details.