Built-in security from office 365

Office 365 is a security-hardended service, designed using Microsoft Security development Lifecycle. Which brings together the best practices from two decades of building enterprise software and managing online services to give you and integrated software-as-a-service solution.


At the service level, Office 365 uses the defense-in-depth approach to provide physical, logical, and data layers of security features and operational best practices. Office 365 will give your business enterprise-grad user and administrative control to further secure you individual business environment.



Logical Security


  • Lockbox processes for a strictly supervised escalation process greatly limit human access to your data. Learn how to activate Lockbox.
  • Servers run only processes that are whitelisted, minimizing risk from malicious code.
  • Dedicated threat management teams proactively anticipate, prevent, and mitigate malicious access.
  • Port scanning, perimeter vulnerability scanning, and intrusion detection prevent or detect any malicious access.

Physical Security


  • 24-hour monitoring of datacenters.
  • Multi-factor authentication, including biometric scanning for datacenter access.
  • Internal datacenter network is segregated from the external network.
  • Role separation renders location of specific customer data unintelligible to the personnel that have physical access.
  • Faulty drives and hardware are demagnetized and destroyed.

Data Security


  • Encryption at rest protects your data on our servers.
  • Encryption in transit with SSL/TLS protects your data when it’s transmitted between you and Microsoft.
  • Threat management, security monitoring, and file/data integrity prevent or detect any tampering of data.
  • Exchange Online Protection provides advanced security and reliability against spam and malware to help protect your information and access to email.

User Controls


  • Office 365 Message Encryption allows users to send encrypted email to anyone, whatever email service recipients may use.
  • Data loss prevention can be combined with Rights Management and Office 365 Message Encryption to give greater controls to your admins to apply appropriate policies to protect sensitive data.
  • S/MIME provides message security with certificate-based email access.
  • Azure Rights Management prevents file-level access without the right user credentials.

 Admin Controls


  • Multi-factor authentication protects access to the service with a second factor such as phone.
  • Data loss prevention prevents sensitive data from leaking either inside or outside the organization while providing user education and empowerment.
  • Built-in mobile device management capabilities allow you to manage access to corporate data.
  • Mobile application management within Office mobile apps powered by Intune provides granular controls to secure data contained in these apps.
  • Built in antivirus and antispam protection along with advanced threat protection safeguard against external threats.
  • Office 365 Cloud App Security provides enhanced visibility and control into your Office 365 environment.