How Microsoft safeguards Office 365 data

Redmond has moved to allay customer fears around cloud data storage in the wake of the NSA revelations, notes Chris Gonsalves

Selling cloud based versions of business software has never been easy, particularly when it comes to addressing the thorny issue of administrator access. If my productivity applications and associated data are hosted and stored from afar, who can look at my documents, my spreadsheets, my email?

Solution providers were just starting to get their arms around answering such questions when former NSA contractor Edward Snowden complicated things with leaks that showed persistent and invasive access of data by government intelligence agencies.

It isn't so much that data in the cloud is any more at risk than information sitting in a local datacentre or some other on-premises equipment. There's good evidence that cloud hosts do a better job of access control than most in-house IT departments.

The problem has been explaining that to an increasingly skittish client base at a time when developing cloud deployments has become imperative for end users and the partners that serve them.

So it was refreshing this week to see Microsoft invest some effort in explaining exactly how it keeps client data in its Office 365 services away from unauthorised prying eyes, through the prudent application of rights management and user-based access control.

Microsoft calls its Office 365 protection schema "lockbox", which is as good a name as any, we suppose, for what should be table stakes in the world of cloud applications and storage assets that involve critical business data.

Microsoft's corporate VP in the Office server and services unit, Perry Clarke, and OSS director of programme management Vivek Sharma teamed up for a video posted to the Microsoft Office blog this week that details the safeguards at work in Office 365.

"The idea that somehow your data may be more accessible in Office 365 as a cloud service by the people administering and running the service, and therefore more vulnerable, is a common fear," said Sharma. "How is it that we maintain the service and do not expose your data to engineers during troubleshooting activities?"

Microsoft accomplishes this "lockbox" concept, the pair say, by implementing a stringent time-based workflow that allows only pre-assigned two-factor-authenticated administrators to request escalation.

All actions related to customer data access go through a formal escalation and approval process that is supervised, logged, and audited.

Administrators can only request permission for actions based on their predefined set of privileges through role-based access control and even then are only allowed in during a specified time window.

"Ultimately, if the service is working properly nobody has access to your data," Clarke claimed. "There is zero standing access to your data, unlike in on-premises environments, where an administrator may have long-standing permissions and access."

Sharma added that the logs and audits of administrator activities, which are performed by both computer algorithms and human beings, are quick to show if an admin attempts to gain more access than is necessary to complete their maintenance task.

"It's pretty easy for us to see the outliers," he said. "No one has meaningful access to data without escalation of privileges and we limit what the tools used to troubleshoot the service can do."

The systems ascribed aren't groundbreaking or particularly surprising. But they are important for a couple of reasons.

According to a survey by the Cloud Security Alliance, released late last year, they are comforting in a time when cloud concerns in general - and the fears stirred by Snowden in particular -- are having broad repercussions and pushing potential customers to rethink their cloud plans amid security and privacy concerns.

The survey suggested a growing reluctance to engage cloud services providers. That reluctance is acute among organisations outside the US that have become increasingly doubtful of the integrity of datacentre assets housed in the US since the NSA revelations.

The survey found that 56 per cent of respondents from businesses based outside the US were less likely to use US-based cloud providers as a result of the Snowden affair. Some 10 per cent said they'd already cancelled a project with a US-based cloud provider.

The Office 365 "lockbox" description is also important as a tool to help providers answer the concerns of clients and respond to questions customers haven't yet asked.

The Microsoft video does the cloud services community a service by voicing the fears partners that deal with daily and showing how these issues can be explained.

You don't even need to be selling Office 365 to appreciate a tool like that in your marketing arsenal.

Chris Gonsalves is vice president of editorial at Channelnomics

For more US focused channel coverage see www.channelnomics.com