As businesses move away from on-premises IT infrastructure to cloud-based applications like Office 365, they retain less and less control over their data. Cloud service providers such as Microsoft operate under a shared responsibility model. Under this model, Microsoft is accountable for security of their Office 365 platform (also known as security “of” the cloud); this includes preventing intrusions, DDoS, malware, and other advanced threats to customer information. However, customers are still responsible for things such as preventing employee misuse of data stored in Office 365 (also known as security “in” the cloud).
With that in mind, we recently published our latest ebook titled the Definitive Guide to Office 365 Data Protection (download a free copy here).
In this ebook, we discuss how enterprises use Office 365. In addition, we cover:
- Some of the most common data loss scenarios in Office 365
- Potential threats to data and users in Office 365, including real life threats that McAfee discovered in the wild
- How to make most of the security controls built into Office 365 platform
- How to implement comprehensive data protection in Office 365 and across all cloud environments
- Office 365 data protection best practices
With this knowledge, enterprises can better prepare themselves from falling victim to security incidents in Office 365.
Why you need a single, comprehensive data protection solution for Office 365 and across your cloud environments
To prevent silos of security, inconsistent policy enforcement, and costly administrative overhead, organizations need a central point of control to enforce their security policies for Office 365 as well as all the other cloud services, thereby consolidating many different security and compliance capabilities into a single platform.
Specifically, we have identified 7 of the most common Office 365 security use cases that customers are most concerned about:
- Prevent unauthorized data from being shared externally
- Prevent regulated, high-value data from being store in the cloud
- Block download of Office 365 data to personal devices
- Detect compromised accounts and insider/privileged user threats
- Capture an audit trail of activity for forensic investigations
- Prevent loss of corporate Office 365 data from use of personal Office 365 instances
- Prevent proliferation of malware
For more information, read McAfee’s eBook on Office 365 Data Protection.