Let's face it, fears remain a significant barrier to moving data into the cloud. Every survey we've seen on the subject over the years has featured security on the list of concerns, and usually near the top. These concerns are caused largely by fear and ignorance regarding cloud security, and these factors in turn are rooted in the comparisons that IT professionals make between what they know, and don’t know.
They certainly think they know exactly how secure their data is when it's held on their own premises, in a familiar and trusted physical location. They know the policies and procedures that they've put in place and they have trust in them, even if that trust is sometimes misplaced.
Don't Let Medias Influence Your Perception
On the other hand, the cloud is perceived as remote, unknown and dangerous. There are questions over physical access to data when it's “at rest”, i.e. stored in the Cloud provider’s datacenter, as well as while it's in transit on the Internet’s network infrastructure. The fact that every Cloud related security incident is given prominent and occasionally hysterical media coverage does nothing to calm nerves.
In this post, we'll see what steps Microsoft have taken to secure SharePoint Online and convince the buying public that their Cloud offering can be trusted.
Encryption at Rest
The first SharePoint Online feature I’d like to discuss is data encryption. Encryption is used to bolster Microsoft’s already impressive physical security.
Encrypting disks means that in the unlikely event an attacker is actually able to break into one of Microsoft's facilities and get their hands on a hard disk that contains some of your information, the disk would be useless.
This mystery thief wouldn’t be able to interpret the information without a key to decrypt the disk, so they wouldn’t know who the data belonged to or what it was. The disk in and of itself is also redundant, so if an attacker was purely intent on denying you access to your data, they wouldn’t be able to achieve it by disconnecting a single disk either.
In mid-2014 Microsoft upped the encryption ante even further with their latest improvement (code-named “Fort Knox”) which now encrypts each file with its own key. Not only does each file have a unique key, but each subsequent version of that file has a unique key as well.
Encryption in Transit
Whether you’re viewing a web page or opening a document from a SharePoint Online site, your data is encrypted with the strongest algorithms possible as it travels over the Internet by default. If you require additional protection you can enable features like Rights Management Services (RMS), and Data Loss Prevention.
Data Loss Prevention
Data Loss Prevention (DLP) is a feature of Exchange Online and SharePoint Online that enables Office 365 administrators to discover and report on how sensitive information is being stored. For example, if an employee stores a customer’s credit card number in a OneNote document in their OneDrive for Business document library, it would be an obvious breach of the corporate policies controlling storage of sensitive information, albeit extremely difficult to detect.
Now you can set up an Office 365 eDiscovery Center, and use SharePoint Online Search to find and identify this kind of rogue document. The eDiscovery Center has 51 (at time of writing) search filters that can reach into any SharePoint Online or OneDrive for Business location and search for documents containing sensitive data.
Any documents that match the criteria are displayed in a report and the report can be exported for further analysis. Further improvements are planned in 2015 that'll make it easier to scan outgoing emails for attempts at sharing sensitive information stored in SharePoint Online.
Office 365 Trust Center
Security is an ever-changing subject, Microsoft offers the Office 365 Trust Center as the primary online resource for anyone with questions about Office 365 security. Microsoft uses the Trust Center as a communication and education tool; it’s packed with great resources aimed at a variety of IT professionals, from succinct videos covering popular topics in layman’s terms to deeply technical whitepapers.
Visit the Trust Center to learn more about the features discussed in this post as well as the upcoming improvements that will make SharePoint Online security even better.
SharePoint Online Security, a Top Shelf Solution
The benefits of the Cloud are compelling, and IT decision makers are increasingly called upon to consider adopting Cloud solutions like SharePoint Online. It'd be foolish to suggest that there are no threats, but fear can’t be allowed to paralyze decision making; instead you should assess the threats, and the countermeasures which have been put in place to mitigate those threats.
If you are concerned about unauthorized access to your data, either in the datacenter or in transit, rest assured that Microsoft has implemented the best possible security to make SharePoint Online as safe as possible.
Now that we've cleared a few misconceptions on SharePoint Online security, tell me: what would be a major blocking point for you stopping your move in the Cloud?