Microsoft is an industry leader in cloud security and implements policies and controls on par with or better than on-premises data centers of even the most sophisticated organizations.
- Security in Office 365 is an ongoing process, not a steady state. It is constantly maintained, enhanced, and verified by highly skilled, experienced and trained personnel at Microsoft who strive to keep software and hardware technologies up to date and refined through robust designing, building, operating, and supporting processes.
- All Office 365 applications use 128-bit SSL/TLS encryption
- Antivirus tools are applied to the whole environment and are kept up to date; multiple antivirus engines are used to protect Exchange Online.
- Microsoft’s Online Services use the Security Development Lifecycle (SDL) for development, deployment, and maintenance.
- Security Teams operate 24/7 monitoring for suspicious behaviour and blocking malicious activity.
- Microsoft conducts regular security audits and employ ethical hacking techniques.
- Office 365 provides a service level agreement (SLA) and has 99.9% scheduled uptime. Microsoft has multiple datacentres within Europe offering resilience through a hosted redundant network architecture. Queen’s data is currently held in Dublin (live) and the Netherlands with one acting as a backup for the other, typically failover is seamless between centres on a data level.
- Office 365 services are certified as compliant with ISO 27001 standards, completed SAS70 Type I and II audits, and Microsoft adhere to the EU Data Clauses and the EU US Privacy Shield agreement, being the first to sign it on the 01/08/17.
- Office 365 offers patched systems and up to date software