Solved

Security considerations & assessment for using Office365 (MS Cloud?)

Posted on 2016-08-24
3
76 Views
Last Modified: 2016-09-15
http://www.google.com.sg/url?sa=t&rct=j&q=&esrc=s&source=web&cd=2&cad=rja&uact=8&sqi=2&ved=0ahUKEwjb3dLts9rOAhUKQI8KHcKQA1UQFgg1MAE&url=http%3A%2F%2Fgo.microsoft.com%2Ffwlink%2Fp%2F%3FLinkId%3D401240&usg=AFQjCNE651HQzeEpPyS-3ewonyaPJIeWUg&sig2=UDpUlCIMDzdg7hdBle3_gw&bvm=bv.130731782,d.c2I

The above link gives many security features/compliance about Office365 but
I still have doubts on:

a) I suppose to use Office365, we'll run a link from our office to MS Cloud, right?
    Is this a point-to-point leased circuit link that is encrypted (hardware encryption
    or software?) or via public Internet (site to site VPN?) .  How many bit encryption
    is used here?

b) how is SharePoint service provided by Office365 safer/more secure than we
    using our own SharePoint?  I've always heard in defense projects, they won't
    trust to host their data offsite but only within their own local DC


http://en.share-gate.com/blog/office-365-data-protection-infographic
  referring to above link,

c) does MS offers continuous backup so that we can restore to a specific point
    in time (up to a specified minute) ?

d) does the above service offers NIDS & endpoint IPS protection ?

e) do we still use our own Data Loss Protection (to prevent leakage) or
    the above service provides it?

f) how is MS Exchange via this service more secure compared to hosting our
    MS Exchange server?  Is it more effective against spam, phishing & 
    ransomware?

g) in some clouds, data of numerous tenants/customers are backed up to
    a common tape via a shared tape drives ie data are co-mingled on the
    tape.  In the event a tenant wants to exit this service, how does the
    service provider ensure data is securely erased from the tapes or they
    do offer dedicated tapes (& tape drives) for each customer?   Can't be
    a tape holding multiple tenants' data need to be degaussed or securely
    destroyed??
0
Comment
Question by:sunhux
3 Comments
 
LVL 39

Accepted Solution

by:
Vasil Michev (MVP) earned 450 total points
ID: 41769105
You've already found the whitepaper, now start looking at the links therein. Here are the short answers:

a) Data is always encrypted in transit, but that will not help you against MITM attacks. You need to trust your ISP and all the network equipment in between.

b) you know there's a separate O365 instance that the USA gov is using, right? Obviously it's secure enough for them.

c) they don't offer point-in-time backups, if you have specific needs for such, you need to use 3rd party services/products

d) it "offers" it on the datacenter level, not many details are given usually as they can pose potential security risk. again, half the world is using O365 now, including governments, big banks, huge enterprises... it's secure

e) you can either use your own, or the one that comes with the service, at additional price.

f) already covered above. spam/malware effectiveness can vary, but you can always use 3rd party service if you are not happy with what you get with O365

g) again, covered above, also check the links in the document.

I'd also recommend checking the Trust center (https://products.office.com/en-us/business/office-365-trust-center-security) and if you have an existing O365 (even trial), the documents in the Service assurance portal (https://protection.office.com/#/serviceassurance/othertrust). You can always talk to your Microsoft representatives as well.
0
 
LVL 15

Assisted Solution

by:Walter Curtis
Walter Curtis earned 50 total points
ID: 41769138
You have very good questions, indicating some cloud doubts. If you have doubts, then stick to what you can control, on premise. Always remember, Microsoft and other cloud providers are in the business of making money, which I am not against, but their marketing will be geared towards that goal, which could be more important to them than your security goals....

Just saying...
0
 

Author Comment

by:sunhux
ID: 41769696
A couple more questions:

h) for users who VPN in, they VPN direct to our office & then connect to O365
    or they VPN direct to O365 at MS Cloud?

i) in some Cloud Service Provider, their sysadmins could login to tenants' servers;
   could MS login to their O365 tenants environmt or access their tenants' data?

j) does MS uses any sort of virtual firewall that segregates one tenant from the
    other?

k) should there be data leaks due to use of O365, does MS provide any provision
    to take up the liability?
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Extracting Outlook appointment information for invoicing 3 58
Account Lockouts 25 145
active directory 6 74
Reseller Hosting 2 35
You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
This Experts Exchange video Micro Tutorial shows how to tell Microsoft Office that a word is NOT spelled correctly. Microsoft Office has a built-in, main dictionary that is shared by Office apps, including Excel, Outlook, PowerPoint, and Word. When …
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now