Solved

Security considerations & assessment for using Office365 (MS Cloud?)

Posted on 2016-08-24
3
107 Views
Last Modified: 2016-09-15
http://www.google.com.sg/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&cad=rja&uact=8&sqi=2&ved=0ahUKEwjb3dLts9rOAhUKQI8KHcKQA1UQFgg1MAE&url=http%3A%2F%2Fgo.microsoft.com%2Ffwlink%2Fp%2F%3FLinkId%3D401240&usg=AFQjCNE651HQzeEpPyS-3ewonyaPJIeWUg&sig2=UDpUlCIMDzdg7hdBle3_gw&bvm=bv.130731782,d.c2I

The above link gives many security features/compliance about Office365 but
I still have doubts on:

a) I suppose to use Office365, we'll run a link from our office to MS Cloud, right?
    Is this a point-to-point leased circuit link that is encrypted (hardware encryption
    or software?) or via public Internet (site to site VPN?) .  How many bit encryption
    is used here?

b) how is SharePoint service provided by Office365 safer/more secure than we
    using our own SharePoint?  I've always heard in defense projects, they won't
    trust to host their data offsite but only within their own local DC


http://en.share-gate.com/blog/office-365-data-protection-infographic
  referring to above link,

c) does MS offers continuous backup so that we can restore to a specific point
    in time (up to a specified minute) ?

d) does the above service offers NIDS & endpoint IPS protection ?

e) do we still use our own Data Loss Protection (to prevent leakage) or
    the above service provides it?

f) how is MS Exchange via this service more secure compared to hosting our
    MS Exchange server?  Is it more effective against spam, phishing & 
    ransomware?

g) in some clouds, data of numerous tenants/customers are backed up to
    a common tape via a shared tape drives ie data are co-mingled on the
    tape.  In the event a tenant wants to exit this service, how does the
    service provider ensure data is securely erased from the tapes or they
    do offer dedicated tapes (& tape drives) for each customer?   Can't be
    a tape holding multiple tenants' data need to be degaussed or securely
    destroyed??
0
Comment
Question by:sunhux
3 Comments
 
LVL 40

Accepted Solution

by:
Vasil Michev (MVP) earned 450 total points
ID: 41769105
You've already found the whitepaper, now start looking at the links therein. Here are the short answers:

a) Data is always encrypted in transit, but that will not help you against MITM attacks. You need to trust your ISP and all the network equipment in between.

b) you know there's a separate O365 instance that the USA gov is using, right? Obviously it's secure enough for them.

c) they don't offer point-in-time backups, if you have specific needs for such, you need to use 3rd party services/products

d) it "offers" it on the datacenter level, not many details are given usually as they can pose potential security risk. again, half the world is using O365 now, including governments, big banks, huge enterprises... it's secure

e) you can either use your own, or the one that comes with the service, at additional price.

f) already covered above. spam/malware effectiveness can vary, but you can always use 3rd party service if you are not happy with what you get with O365

g) again, covered above, also check the links in the document.

I'd also recommend checking the Trust center (https://products.office.com/en-us/business/office-365-trust-center-security) and if you have an existing O365 (even trial), the documents in the Service assurance portal (https://protection.office.com/#/serviceassurance/othertrust). You can always talk to your Microsoft representatives as well.
0
 
LVL 16

Assisted Solution

by:Walter Curtis
Walter Curtis earned 50 total points
ID: 41769138
You have very good questions, indicating some cloud doubts. If you have doubts, then stick to what you can control, on premise. Always remember, Microsoft and other cloud providers are in the business of making money, which I am not against, but their marketing will be geared towards that goal, which could be more important to them than your security goals....

Just saying...
0
 

Author Comment

by:sunhux
ID: 41769696
A couple more questions:

h) for users who VPN in, they VPN direct to our office & then connect to O365
    or they VPN direct to O365 at MS Cloud?

i) in some Cloud Service Provider, their sysadmins could login to tenants' servers;
   could MS login to their O365 tenants environmt or access their tenants' data?

j) does MS uses any sort of virtual firewall that segregates one tenant from the
    other?

k) should there be data leaks due to use of O365, does MS provide any provision
    to take up the liability?
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Creating a Vendor Admin user 23 54
Palo Alto Networks - find the sec zone 3 48
application access evidence windows 7 5 30
PCI compliance 16 33
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
As technology users and professionals, we’re always learning. Our universal interest in advancing our knowledge of the trade is unmatched by most industries. It’s a curiosity that makes sense, given the climate of change. Within that, there lies a…
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question