Can you really trust Office 365? How is Office 365 Compliant?
Office 365 is a global service and continuous compliance refers to Microsoft’s commitment to evolve the Office 365 controls and stay up to date with standards and regulations that apply to your industry and geography. We get lots of questions from our customers on controls and compliance, the purpose of this post is to surface some of the features and controls present to give our customers full peace of mind.
Office 365 provides admin and user controls, including eDiscovery, legal hold, and data loss prevention, to help you meet internal compliance requirements. These require no additional on-premises infrastructure to use.
- Microsoft Office 365 is verified to meet requirements specified in ISO 27001, EU model clauses, HIPAA BAA, and FISMA.
- Our data processing agreement details privacy, security, and handling of customer data, which helps you comply with local regulations.
Proactive approach to regulatory compliance
- Microsoft have built over 900 controls in the Office 365 compliance framework that enable us to stay up to date with the ever-evolving industry standards.
- A specialist compliance team is continuously tracking standards and regulations, developing common control sets for our product team to build into the service.
Customer controls for organisational compliance
- Legal hold and eDiscovery built into the service help you find, preserve, analyse, and package electronic content (often referred to as electronically stored information or ESI) for a legal request or investigation. Privacy controls allow you to configure who in your organization has access and what they can access. The Silver Cloud are experts in these features and are able to support all Premier Support customers with discovering them.
- Data loss prevention in Office 365 helps you identify, monitor, and protect sensitive information in your organisation through deep content analysis.