Office 365 has one of the biggest data sets in the world. As people send emails and collaborate on their day-to-day tasks, terabytes and terabytes of enterprise data flows through the service paltform at any given time. Microsoft focuses on protecting your data everywhere it is authored and shared, without any downtime or disrtuptions to your work.
This is a very real and vital engineering goal for Microsoft that requires an approach that balances both information security surrounding the needs of the end-user. It starts with harnessing the intelligence of the service itself and providing the controls to tailor protection to your specific organization requirements. Perhaps the most important engineering principle is ensuring that you are able to define and set rules for your data that follow your data. This is a departure from past approaches in the industry where the focus was on protecting device endpoints. Most importantly, you don't have to take your data out of the service to protect it. Micorsoft's Office 365 offers pervasive protection, which means the control levers are built into the service.
Data Loss Prevention (DLP)
Data Loss Prevention (DLP) in Office 365 allows you to set granular policies that govern your data and define specific actions taken when information is shared.
To minimize disruption for you, as an end user, Microsoft ensures that the protection they offer is not counterproductive. They base off a people-centric approach to make sure that everything happens in the background. For example, as you are authoring a document that contains sensitive information we warn you if the action places your data at risk through policy tips. These will be based on policies that you set.
In addition, they protect your data independent of where it resides, while additionally ensuring device protection. At the foundation is robust identity and access management that governs who has access to your data and sets permissions that may be revoked at any time from the user. With mobile devices, you can even selectively remove corporate data from any managed device.
Advanced Threat Protection (ATP)
Another example of how the service proactively protects you from incoming threats from external sources is Advanced Threat Protection (ATP). For example, as you are reading your email, the service may be activated to isolate suspicious attachments and block malicious links across your devices to protect you from phishing attacks. All suspicious content goes through a real-time behavioral malware analysis that uses machine learning techniques to evaluate the content for suspicious activity.
This service-level protection is an example of intelligent protection where we track vulnerabilities at scale through machine learning and mitigating them. This allows you to access our service logs so that you can integrate it with your in-house or third-party security monitoring systems. In the future, with the intelligence available in the Microsoft Cloud, their potential to aggregate security signals so that you can gain a 360-degree view on the se curity of your data even outside of the Microsoft Cloud, including data stored on-premises, in other Cloud services and on devices.