I am not a fan of Microsoft, especially in the area of security. As of the end of November, Microsoft had released 112 Security Bulletins in 2015. Yet many of us are absolutely dependent on Microsoft products, including Word, Excel, PowerPoint, Outlook, and SharePoint. Even if you do not run on Windows, you still likely use these Office products. Since 2010, Microsoft Office 365 provides Cloud-based software plus services subscriptions to Office products plus storage space in Microsoft’s OneDrive.
While Microsoft does not provide sales figures for its Cloud business, adoption of Office 365 and SharePoint workloads has been rapid, with over 80 million users, and could be Microsoft’s “fastest growing product in history.”
While many customers do not put highly sensitive data into OneDrive, Office 365 is compliant with the ISO/IEC 27001 security standards, the European Union’s Data Protection Directive, the US Health Insurance Portability and Accountability Act (HIPAA), and the US Federal Information Security Management Act (FISMA). On the other hand, Microsoft has admitted it will hand over OneDrive data stored on European servers to US authorities under the Patriot Act. So anything stored in OneDrive is vulnerable to access by the US government without notice or recourse.
OneDrive is not compliant with PCI (Payment Card Industry) standards, so it is never appropriate to put personal finance information in OneDrive.
Microsoft Office 365 is also priced like the Cloud: pay-for-use. You pay a set amount for each user each month depending on which options you choose. There are benefits to this payment model:
- The costs are expense, not capital budget items.
- The cost of the service directly corresponds to the number of users, making clear correlation between benefit and cost.
- You have the full support of Microsoft behind these products, including those far-too-frequent security bulletins and patches. For Cloud-based applications, these security updates are completely handled by Microsoft in the background requiring no effort by your IT department or users.
The bottom line is that Microsoft Office 365 provides, in my opinion, the best environment for collaborative from-anywhere access to documents, and provides security that is probably better than what most small and mid-sized businesses provide in their own environment. One important issue is the management and control of your Office 365 environment. It is critical for the security of your data to manage your users as their roles change and especially when they leave your company, whether your data is in the Cloud or in your own data center.
A few weeks ago, I wrote about Metalogix ControlPoint, a way to monitor for suspicious behavior in SharePoint. Tomorrow, Metralogix will announce a new version of Essentials for Office 365 to optimize the migration, management, and security of collaborative data in the Cloud and on-premise. This new release of Essentials for Office 365 provides:
- Comprehensive backup and data protection for Exchange Online, alongside the existing OneDrive and SharePoint functionality which allows IT to quickly create, manage and restore backups of site collections, lists, libraries, content mailboxes, and individual OneDrives to local or cloud storage.
- Seamless restoration with zero downtime for business continuity.
- Management of all user attributes including license, permission and content.
- Flexibility to migrate to multiple Cloud services.
- Enhanced Diagnostic Manager, including email alerts on Office 365 service status.
The last word:
You may have noticed that this post came out Monday morning instead of the usual Sunday morning. That is because the new version of Metalogix Essesentials for Office 365 will be announced on Tuesday, 8 December 2015, and information on the release was embargoed until 7 December.
Keep your sense of humor.