'One stop shop' in progress: The Office 365 Security & Compliance Center
No time to read the full series now? Download our white paper ‘Getting Started with the Security and Compliance Center’ which includes all the blogs on Office 365 Security and Compliance. Get your copy here
People tend to believe that their possessions are more secure when they are located where they can be seen and safeguarded. This is also true for data, and has often been a serious consideration when organisations evaluate the suitability of cloud services: Where exactly is my data? How is it protected? Do I have any control over its security?
This belief and the questions it provokes have both shaped the way that organisations approach the cloud. But it has also served to develop and refine the technology itself, prompting providers to educate their audience, dispel the myths and most importantly demonstrate their security credentials through the creation of innovative and effective solutions.
When dealing with the cloud, most organisations require a balanced approach to security and compliance: they need to feel confident that their data is protected to the highest degree, but also that their information is always accessible to them, enabling appropriately qualified staff to monitor and manage their environment. At its core, it is a matter of building and maintaining trust, as explained by Microsoft, ‘Moving to a cloud service shouldn’t mean losing access to knowing what’s going on. With Office 365, it doesn’t. We aim to be transparent in our operations so you can monitor the state of your service, track issues, and have historical view of availability.’
If you are involved in governing your services and data across Office 365, then it’s likely that you will have come into contact with the Compliance Center, an area where Office 365 admins are able to manage security and permissions and meet any legal, regulatory, and organisational compliance requirements.
You also may have noticed that it’s recently received a makeover.
Positioning itself as the ‘One stop shop’ for security and compliance, the new center has all of the compliance functionality of its predecessor, split into eight features: Archiving, Data Loss Protection, Device Management, eDiscovery, Import, Permissions, Retention and Search.
According to Microsoft ‘This new management interface represents our evolving compliance offering, which will eventually span all Office 365 compliance-related features and help you meet your legal, regulatory, and organizational compliance requirements. Consolidating compliance functionality across services into this single area will make compliance features easier to access and enhance your end-to-end task-based experience.’ With this in mind, let’s have a look at what’s changed.
The previous Office 365 Compliance Center looked like this
As you can see, the options on the left-hand navigation have changed. While no features have been lost, some of the options have been grouped into sections alongside new additions, as shown in the screenshot below.
In all the documentation both inside and outside the new Security and Compliance Center, Microsoft are keen to emphasise that it is a work in progress, and the current offering is far from fully-fledged. Their vision isn’t without some challenges, creating a framework that enables every organisation to coordinate their own security, and achieve compliance will not be simple, particularly when most environments have specific needs, and some industries require extremely stringent regulation. It will be interesting to see how the center develops.
Over the coming weeks, we will be exploring the main features of the new Security and Compliance Center, and evaluating their capabilities against typical business use cases. In the meantime, take a look at the new center for yourself, as Microsoft has emphasised, their ‘One stop shop’ is at a point where further development can be informed and refined through the feedback provided – if there is something that your organisation needs, why not let them know about it?
(Read the full blog series here First Impressions, Reports, Permissions, Data Loss Prevention, Data Management and Service Assurance, Search and Investigation, and Alerts)
Not got time for a blog binge read now? Why not download our white paper on the Office 365 Security and Compliance Center here?