Why Microsoft Security Takes the Fear Out of Online Collaboration
I talk with a lot of people about their collaboration needs, how they get work done, and the processes used to move “knowledge work” along inside an organization. This generally leads me to explore their thoughts on SharePoint.
I generally find people still think of it as the SharePoint of 15 years ago and not the robust secure business platform it is today. SharePoint is so much more than the lists of lists and folders of folders that people generally still restrict themselves to today.
SharePoint Online has become one of the transformational platforms available to companies, big and small. Security is always a question I am asked about so consider a few things regarding SharePoint Online security.
· Security Standards
Whether the standard is SOC, SSAE, ISO, PCI, MTCS, HITRUST CSF, FedRAMP, or others, Microsoft can provide the audit reports for the O365 platform to support an organization’s security program documentation and performance requirements.
· Data Encryption
Security in depth and by layers provides robust protection for an organization’s data. Microsoft employs different techniques to encrypt data throughout the lifecycle of the data. Whether in motion or at rest, data is encrypted. As information is created by users and stored or shared, SSL / TLS encryption is used to encrypt data as it moves between their machine to the servers. This same encryption is used as that data is then accessed for use during transit back to a user’s machine. Files and information stored in SharePoint Online are secured using two methods.
Data in Motion:
1. Creating and sharing data
2. Data center replication as part of redundancy and disaster recovery
Data at Rest:
1. BitLocker encryption. Microsoft’s full disk encryption protocol. It is available for use to encrypt PC’s as well and is included in Windows 10 and other PC Operating Systems.
2. Advanced Encryption Standard (AES). This encryption algorithm uses 256-bit keys to encrypt individual files on SharePoint.
· Sharing and Security
Security groups have been a staple of SharePoint security for years. Again, as part of a broader governance effort, managing access to documents, libraries or information is streamlined for an administrator. Setting discrete permission levels for user access, setting policies and managing overall access helps manage the frontline of an organization’s security needs.
External sharing has been around for a while and Microsoft continues to improve the experience, ability and integration in this area. SharePoint sharing rules set dependencies in OneDrive sharing which assists an organization’s ability to achieve an integrated security and governance profile. As part of a broader governance effort, organizations are able to determine at what level anonymous sharing will be allowed or when sharing links will expire. When combined with Azure Information Protection, the granularity of information protection becomes even more robust
· Malware and Virus Protection:
The Content Front Ends in SharePoint Online are monitored and protected by anti-malware. This malware and virus scan protects an organization by restricting a file from being downloaded or synched with OneDrive if that file is infected. Depending on the configuration, the user will receive a warning they attempted to download an infected file.
· Location Based Access:
Microsoft supports an organization’s security profile by enabling the ability to restrict access depending on where the network is located. If an organization has concerns regarding the loss of intellectual property or data, they can set boundaries as an additional layer of security to block access.
· Flexibility and Customization:
Scripts are a powerful way to enhance a solution in SharePoint Online. Unfortunately managing these scripts has been difficult. Administrators can now restrict the SharePoint Site collection customizations by restricting custom scripts either in full or in part.
So, if you thought SharePoint online would not meet your security needs, look further into what is possible. If you have questions or need assistance, reach out and we can help.
If you want to experience what is possible, schedule an Immersion Experience to encounter the full capabilities of Office 365 and SharePoint online.