Office 365
Inside the Cloud

From Inside the Cloud: What commitments does Microsoft make when you subscribe to Office 365?

If you have been following the From Inside the Cloud series, you know we regularly bring you an insider’s view from the people behind the services on how we operate and manage Office 365 for security, privacy and compliance. We thought we’d focus our first edition of the New Year on outlining the commitments Microsoft makes when you subscribe to Office 365 services.

Office 365
DKIM and DMARC in Office 365 2

Enhanced email protection with DKIM and DMARC in Office 365

Spoofing is a common challenge that enterprises face in today’s world, which can lead to increased spam and more intensified phishing campaigns. In order to reduce spoofing and provide a safer client experience, Office 365 now supports inbound validation of DomainKeys Identified Mail (DKIM) over IPv4, and Domain-based Messaging and Reporting Compliance (DMARC).

Office 365
Inside the Cloud Nov 2

From Inside the Cloud: How do we monitor and safeguard your data in the Office 365 service?

The rigor and discipline required to testing ourselves continuously to keep your data safe within the service, is by nature an operation of tremendous scale especially when you consider the terabytes (TB) of data flowing daily through the service. And it’s the Blue team’s job, to literally find that potential needle in the haystack of activity that may signify anomalous behavior and to then take action. Which is what we…

Office 365
Inside the Cloud Nov

From Inside the Cloud: What does Microsoft do to prepare for emerging security threats to Office 365?

Recently, there have been a number of cyber security related news articles about vulnerabilities and exploits. If you are wondering if the Cloud increases your data risk, in this week’s episode we focus on the measures that our engineering team has in place to prepare for emerging security threats to the Office 365 service.

Security

Protecting you against the SSL 3.0 vulnerability

As we announced yesterday, driving innovations in security capabilities of Office 365 is a top priority. We understand that the security of your data is important and we’ll continue to be transparent about our approach. To that end, we wanted to share details around Security Advisory 3009008. This advisory provides guidance related to a vulnerability in Secure Sockets Layer (SSL) 3.0 which could allow information disclosure. This is an industry-wide vulnerability…

Office 365

Expanding data loss prevention (DLP) to SharePoint Online, OneDrive for Business, Windows File Share and Office applications

One of the key tenets of our approach to security with Office 365 is to give you the right set of tools and services to address your organization’s specific security and compliance needs. Data loss prevention (DLP) is a critical part of the security capabilities we’ve built right into Office 365. We first rolled out DLP in Exchange and Outlook and then expanded into Outlook Web App (OWA), adding new…

Exchange
EOP

Evolving Exchange Online Protection (EOP) to protect against tomorrow’s threats

Ten million spam messages blocked every minute. That’s the average number of spam messages that are blocked by Microsoft every minute. However, every day attackers around the world find new techniques to attack your email. The threats take different forms, such as an unidentified spam campaign, an unknown malware, or a completely new virus. The ever-expanding world of such attacks keeps changing and, to better protect your email against these…

Office 365
Asef Kashi

From Inside the Cloud: What controls do we provide to protect your data in transit in Office 365?

In our last few posts in our From Inside the Cloud series, my colleagues and lead engineers, Perry Clarke, Vivek Sharma and Kamal Janardhan shared insider overviews on how we design and run various aspects of security, privacy and compliance in Office 365. Today, I would like to share an overview of the controls you have within Office 365 to protect your data in transit.

Security
Office 365 logo

Microsoft Online Services Bug Bounty Program launches with Office 365

Today we’re announcing the participation of Office 365 in the new Microsoft Online Services Bug Bounty Program. Through this program, which launches today, we are able to reward and recognize security researchers by offering a bounty for qualifying security vulnerabilities they report to us. We are participating in this program for a number of reasons, chief among them are: