Brandon Koeller, principal program manager for the Office security and compliance team, lays out the 7 ways that Office 365 in the cloud offers more security than any on-premises datacenter. While many might think a privately controlled datacenter less of a security risk, Office 365 in the cloud can offer enterprise customers a better, more secure experience than anything that is offered on-premises.
Here’s the 7 ways that Office 365 in the cloud is a better choice than any on-premises datacenter option:
- Broader scope of threat intelligence—When a customer’s on-premises servers are attacked by an external actor, the customer can take steps to protect themselves from subsequent attacks from that same actor. With Office 365, instead of simply reacting to individual attacks, customers gain the benefit of intelligence gathered from threats against other customers within the service as well. An attack launched against any organization in Office 365 can functionally inoculate everyone else.
- Greater automation and decreased human intervention—In the cloud, managing things like hardware, operating systems and patches boils down to a set of tasks that is familiar to any IT administrator. First, gaps in the security posture are addressed at scale. Second, with software operating the service instead of humans, there is less risk of falling prey to spear-phishing, offering an additional layer of protection. Manual management activities are minimal and must be approved by multiple people, which can include customers.
- Better anomaly detection due to uniformity and simplicity—When cloud services started out, they were mostly based on the same on-premises products that you always used—except they were deployed and managed on servers owned by the provider. In recent years, cloud services have evolved to dramatically simplify configuration options, server roles and management complexity. This simplification gives services the ability to consolidate how they protect, detect and respond to threats. Since software is the main source of interaction, illicit activity by human attackers is easier to identify.
- Constant innovation—Cloud security teams face two key pressures when building security capabilities: Every feature breaks at some scale, and every customer brings a particular set of concerns and requirements. Some cloud services, including Office 365, have a full-time team of penetration testers who look for vulnerabilities. We asked ourselves how we would make sure that once the vulnerability has been fixed, it doesn’t recur, and that detections of illicit activity by penetration testers work for all instances of a given vulnerability. Our answer was to automate penetration testing attacks and then use that signal to verify the quality of our detections.
- Smaller breach boundary—A key piece of an effective security strategy is to make your breach boundary is as small and as diverse as possible. Sensitive assets should be isolated from each other, so that it is more difficult for an attacker to move from one asset to another. If an attacker can acquire domain admin privileges, they can access any information managed in that domain. When you adopt cloud services, it is more difficult for the attacker to breach your domain and gain access to any of the data in the cloud service beyond normal “front-door” access to the services which are audited.
- Cross-application security model—Traditional on-premises security capabilities center on the computer, the operating system and firewalls. In on-premises systems, you parse the logs for multiple applications and must make sense of what those logs mean. In the cloud, we standardize our logging systems to make them more consumable. You can evolve your security capabilities to enable an application-aware security model that adjusts to how attackers work—by breaching accounts, then achieving their goals through front-door interfaces. Cloud application services take your security to a new level by delivering integrated and context-aware security capabilities that cross application boundaries.
- Transparency—With Office 365 in particular, there is one other benefit: transparency. With many organizations using Office 365, we are compelled to operate in the full light of day. To earn your business, we must have your trust, and to earn that we must be transparent with you about how we protect your data. To that end, we allow our customers to control how a Microsoft support engineer accesses their data. Our business model relies profoundly on the belief that there are no shortcuts and no excuses when it comes to the security of your data.
Office 365 Trust Center offers more details on these 7 ways and more on what Microsoft can offer enterprise customers. Office 365 in the cloud can be a better security option than anything that is offered on-premises.