office 365 security

The 3 layers of Office 365 that keep your data secure

At this point, to be worried about the security of your data is only natural.

In fact, if you aren’t worried, then there’s probably something wrong with you.

Breaches happen all the time; new threats pop up every day, and malware wreaks havoc like glitter at a 1980s dance party.

So when it comes to your mission-critical business tools and applications — like Office 365 — it’s important to remain confident in the way your data is managed and secured.

With Office 365, in particular, your data is secured with a “defense-in-depth strategy” that incorporates three main layers: physical, logical, and data. Let’s take a quick look at those three layers.

Physical Layer

The physical layer addresses two areas: the facility and the network.

When it comes to the facility, Office 365 is referencing the physical data centers — the place where your data is actually stored. Microsoft distributes data into multiple geographic locations and builds its data centers in a way that can withstand natural disasters and eliminate unauthorized access.

To control access, Microsoft relies on a variety of automated controls and surveillance tools (like biometric scanners, 24/7 security guards, smart cards, alarms, and motion sensors).

As far as the network is concerned, Microsoft uses a host of controlled devices to restrict connections and communications. A series of policies and firewall rules further aid these restrictions, and edge router security helps Microsoft proactively identify potential vulnerabilities within its network.

Logical Layer

The logical layer goes a bit more in-depth than the physical layer. This layer involves the host machines and the actions, applications, or work that might be performed on those machines.

In other words, it’s there to combat malicious activity, human error, and configurations that don’t fall in line with the typical Office 365 standards. This heavily involves administrative access and role-based policies.

Microsoft also uses a security process known as Security Development Lifecycle (SDL) to predict and eliminate vulnerabilities. This process is used alongside new services and software to ensure complete security from the very beginning.

Data Layer

The third and final layer addresses how data is secured in a multi-tenant service (where one customer’s data shares resources with another customer’s data).

This layer involves a process for storing and isolating data in a way that prevents unauthorized access by “co-tenants.” More specifically, data is “segregated through Azure Active Directory” and then isolated with “security boundaries.”

To secure your data even further, cryptography, encryption, and a detailed threat management strategy are all utilized. Office 365’s strategy, in particular, incorporates four pillars of thought:

  1. Prevent Breach
  2. Detect Breach
  3. Respond to Breach
  4. Recover from Breach

The general idea is that Microsoft “assumes a breach,” so that they can always be involved in a process of detecting and eliminating security threats.

If you’d like to learn more about the security of Office 365 and how Microsoft is able to protect your data from malicious activity, then send us a message today. We’d love to talk.