FAQ and Whitepapers – Describe the Trust, Privacy, Risk, and Compliance Solutions of Microsoft 365

1 November, 2021 Kajol Ahluwalia 0 Comments 4 categories

FAQ and Whitepapers

There are several FAQ and whitepaper documents located in the Service Trust Portal. Some of the most common documents organizations use when creating their governance policies include the following:

  • Tenant isolation in Office 365
  • Data residency
  • Encryption in the Microsoft cloud
  • Data resiliency in Office 365

You will now look into them in detail.

Tenant isolation in Office 365

Tenant isolation answers the question, How is my data separated from that of other organizations?

Microsoft 365 enables customers to share physical resources such as computing power and storage in a multi-tenancy model. To isolate one organization’s data from another’s, several forms of protection are implemented, such as the following:

  • Logical isolation through Azure Active Directory (Azure AD)
  • Encryption for data at rest
  • Encryption for data in transit

The tenant is a logical security boundary, and all information and data related to that organization are held within that container. You can learn more about how Microsoft’s tenant isolation procedures are used to separate organizations’ data at https://docs.microsoft.com/en-us/office365/ Enterprise/office-365-tenant-isolation-overview.

Data residency

Data residency answers the question, Where is my data stored?

When an organization signs up for Microsoft 365, they indicate where their primary place of business is. This decision maps their tenant to a region, which in turn is used to define which data centers will be used to store their data. Organizations using sovereign clouds (such as 21Vianet or Government Community Cloud) have very explicitly designated storage regions. For security purposes, Microsoft does not disclose the exact address of its data centers. Customers can, however, leverage public documents to learn where in the Microsoft cloud their data is stored, depending on which type of service they are using.

You can learn more about where data is located by visiting https://products.office.com/ en-us/where-is-your-data-located.

Encryption in the Microsoft cloud

Microsoft uses several encryption technologies to secure data. Encryption technologies and platforms used include the following:

  • BitLocker
  • Azure Storage Service Encryption (SSE)
  • Distributed Key Manager (DKM)
  • Internet Protocol Security (IPsec)
  • Transport Layer Security (TLS)

Depending on the data’s activity status (at rest or in transit) and in which service it resides, encryption may be either 128-bit or 256-bit Advanced Encryption Standard (AES). Many Microsoft 365 services also allow customers to manage their own encryption keys, further restricting access to their data.

Note

You can learn more about the encryption protocols and standards used at https:// docs.microsoft.com/en-us/microsoft-365/compliance/office-365-encryption-risks-and-protections.

Category: Data lifecycle management, Microsoft Defender for Endpoint, Microsoft MS-900, Priva Subject Rights Request

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Posts