Office 365 is the fastest growing offering in Microsoft’s history, and customers are entrusting the platform to not just meet all of their productivity needs, but to secure and manage their business-critical information assets. Security in Office 365 is a constant effort to monitor, maintain, enhance, report, and verify. While Microsoft has taken every precaution to build security into the platform there are always additional steps you the user or admin can take to ensure your data truly is secure - no matter what. In today’s post we will cover three common types of security, explain why they matter and provide additional resources where you can learn more.

Physical Security

Physical security controls access to systems and data. Microsoft provides 24-hour security for all of their data center facilities, including multi-factor authentication for all systems, and biometric scanning for physical access. All systems on the internal network are segregated from the external network. In addition, because of role separation, even those employees with physical access to the systems are unable to identify the location of specific customer data. World-class data center procedures ensure that as hardware and systems are updated and optimized, faulty drives and equipment is demagnetized and destroyed. You can sleep soundly at night knowing that the equipment your data resides on is protected within some of the most secure data centers in the world.

Video tutorial: How do we monitor and safeguard your data in Office 365?

Video tutorial: What does Microsoft do to prepare for emerging security threats to Office 365?

Logical Security

Safeguards of software and platforms through authentication, passwords, permissions levels and other measures that ensure only the right people have access to your data. Microsoft gives full customer control over their content in the rare instances where Microsoft may need to access the data to resolve a conflict, called the Office 365 Customer Lockbox. Office 365 security provides proactive threat management, port and perimeter scanning, and tightly managed processes from an approved server whitelist, ensuring against malicious code and access.

Office blog: Announcing customer lockbox for Office 365

Video tutorial: From Inside the Cloud: Who has access to your data within Office 365?

Video tutorial: Managing Access to the Exchange Online Service

Data Security

Protection of your data privacy and integrity from natural disaster, system corruption or hardware failure, and human malfeasance. Encryption at rest and in transit protects your data whether on our servers or in storage devices, or when being transmitted between you and Microsoft. In addition to ongoing threat management, security monitoring, and detection and prevention of any system or data tampering, Office 365 also provides detailed service level agreements (SLAs) around disaster recovery and business continuity, helping meet all of your security requirements.

Video tutorial: What does Microsoft do to Prepare for Emerging Security Threats to Office 365?

Video tutorial: Explaining Data Security and your Control in Office 365

Video tutorial: Making Sense of the Microsoft Information Protection Stack

Chances are you will never need to use any of these security measures we covered today. But it’s wise to understand what Microsoft does behind the scenes to manage and protect your data so if there is an issue, you know how to react to it quickly and efficiently. For the complete guide to securing your Office 365 domain, download our eBook: The Complete Guide to Office 365 Security