Office 365
Inside the Cloud Nov 2

From Inside the Cloud—How do we monitor and safeguard your data in the Office 365 service?

The rigor and discipline required to testing ourselves continuously to keep your data safe within the service, is by nature an operation of tremendous scale especially when you consider the terabytes (TB) of data flowing daily through the service. And it’s the Blue team’s job, to literally find that potential needle in the haystack of activity that may signify anomalous behavior and to then take action. Which is what we…

Office 365
Inside the Cloud Nov

From Inside the Cloud: What does Microsoft do to prepare for emerging security threats to Office 365?

Recently, there have been a number of cyber security related news articles about vulnerabilities and exploits. If you are wondering if the Cloud increases your data risk, in this week’s episode we focus on the measures that our engineering team has in place to prepare for emerging security threats to the Office 365 service.

Security

Protecting you against the SSL 3.0 vulnerability

As we announced yesterday, driving innovations in security capabilities of Office 365 is a top priority. We understand that the security of your data is important and we’ll continue to be transparent about our approach. To that end, we wanted to share details around Security Advisory 3009008. This advisory provides guidance related to a vulnerability in Secure Sockets Layer (SSL) 3.0 which could allow information disclosure. This is an industry-wide vulnerability…

Office 365
DLP_FeatureImage

Expanding data loss prevention (DLP) to SharePoint Online, OneDrive for Business, Windows File Share and Office applications

One of the key tenets of our approach to security with Office 365 is to give you the right set of tools and services to address your organization’s specific security and compliance needs. Data loss prevention (DLP) is a critical part of the security capabilities we’ve built right into Office 365. We first rolled out DLP in Exchange and Outlook and then expanded into Outlook Web App (OWA), adding new…

Exchange
EOP

Evolving Exchange Online Protection (EOP) to protect against tomorrow’s threats

Ten million spam messages blocked every minute. That’s the average number of spam messages that are blocked by Microsoft every minute. However, every day attackers around the world find new techniques to attack your email. The threats take different forms, such as an unidentified spam campaign, an unknown malware, or a completely new virus. The ever-expanding world of such attacks keeps changing and, to better protect your email against these…

Office 365
Asef Kashi

From Inside the Cloud: What controls do we provide to protect your data in transit in Office 365?

In our last few posts in our From Inside the Cloud series, my colleagues and lead engineers, Perry Clarke, Vivek Sharma and Kamal Janardhan shared insider overviews on how we design and run various aspects of security, privacy and compliance in Office 365. Today, I would like to share an overview of the controls you have within Office 365 to protect your data in transit.

Security
Office 365 logo

Microsoft Online Services Bug Bounty Program launches with Office 365

Today we’re announcing the participation of Office 365 in the new Microsoft Online Services Bug Bounty Program. Through this program, which launches today, we are able to reward and recognize security researchers by offering a bounty for qualifying security vulnerabilities they report to us. We are participating in this program for a number of reasons, chief among them are:

Office 365
Office 365 logo

What does it mean to own your data in Office 365? How we aim to raise the bar on visibility and control of your organization’s data with Office 365

In our last few From Inside the Cloud posts, we offered an insider’s perspective from lead engineers Perry Clarke, Vivek Sharma and Shawn Veney on how we protect your data at rest, who has access to your data within Office 365, and how Office 365 does continuous compliance. They explained the various mitigations that we have in place for data security, access control, and ensuring that customers have the ability…

Garage Series
markruss

The Garage Series for Office 365: Assessing the Top 5 Cloud Security Threats with Mark Russinovich

In this week’s show Jeremy Chapman is joined by cyber security expert and author, Mark Russinovich, to assess the most frequently heard cloud security threats. Mark describes each threat with its threat level and shares how Microsoft architects its cloud services to maximize data security and protect against data loss. Jeremy and Mark also give pro tips to protect against credential loss and contain the risk of user-driven shadow IT. …

Garage Series
swann

Garage Series Under the Hood: Continually Safeguarding your Data in the Office 365 Service

In this special edition of Garage Series Live Under the Hood, Jeremy Chapman goes deep on the operational side of information protection with lead engineer Matt Swann – from Office 365’s blue team – responsible for detecting and analyzing anomalies in the service. They discuss how the service is architected for security across physical, network, access and data vectors then Matt demonstrates how the cloud is used to protect the…