At Microsoft we are continually working to improve the level of trust that our partners and customers have in us. To that end Microsoft established the Trust Center very early on (http://trustoffice365.com) and we have evolved that over time. Microsoft believes that as your customers embark on this journey to the cloud that they have the right to know how Office 365:
- Safeguards confidentiality, integrity, availability and reliability of their data.
- Let’s them control access to their data.
- Helps them comply with various regulatory standards
We have heard that you want the ability to do your own risk assessment on Office 365 services and that your customers are demanding the same from you. Previously you could request reports and they would be sent to you via a manual process, but there needed to be a seamless way to request and get access to this data. For this we have introduced the Service Assurance Dashboard inside of the Office 365 Security and Compliance Center. By leveraging this dashboard you can have immediate access to:
- Details on how Office 365 implements security, privacy and compliance controls including details of how third-party independent auditors perform audits to test these controls.
- Third-party independent audit reports including: SSAE 16 / SOC 1, SOC 2 / AT 101, ISO 27001 and ISO 27018.
- Deep insights into how we implement encryption, incident management, tenant isolation and data resiliency.
- Information on how you can leverage Office 365 security controls and configurations to protect your data.
For more information on the Service Assurance Dashboard, please take a look at the Office Teams Blog Post here. If you want to just dive in and start using the Service Assurance center you can follow the guide at Security and Compliance Center—Service Assurance
Till Next Time,