SlideShare ist ein Scribd-Unternehmen logo

Ms o365 privacy in the public cloud - 12-12-11 final standard

K
Kate Wakefield

Microsoft documentation "Privacy in the Public Cloud: The Office 365 Approach"

Technologie
1 von 13
Downloaden Sie, um offline zu lesen
Privacy in the Public Cloud: The Office 365 Approach December 2011
© 2011 Microsoft Corporation. All rights reserved. This document is provided “as is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.
Contents Introduction........................................................................................................................................1 Privacy at Microsoft.............................................................................................................................2 The Office 365 Privacy Opportunity......................................................................................................3 Responsibility .................................................................................................................................3 Transparency..................................................................................................................................7 Choice............................................................................................................................................9 Conclusion........................................................................................................................................10
1 Privacy in the Public Cloud: The Office 365 Approach 1 Introduction Since our 2010 whitepaper “Privacy in the Cloud,” awareness and adoption of cloud computing have continued to increase. Global enterprises and entrepreneurs alike are turning to the cloud to accelerate innovation, launch new businesses, and cut costs. Government agencies, public service providers, and educational institutions are migrating to the cloud to better serve constituents and reduce IT spending, particularly in response to shrinking budgets. But not all the news has been positive. Hacking attacks, theft, and misuse of data managed by online service providers have raised questions about the privacy and security of cloud computing. For some large enterprises with highly sensitive data, such incidents have increased the appeal of private cloud solutions. Indeed, a “one-size-fits-all” approach may not be appropriate for governments or large organizations with many different classes of data, and private or hybrid cloud solutions that allow customers to keep selected data on premises can make good sense for those with specialized data protection requirements. Microsoft offers a full menu of private cloud solutions, and we recently published a whitepaper titled “Microsoft Private Cloud: A comparative look at Functionality, Benefits, and Economics.” But private clouds dedicate significant computing resources to just one or a handful of customers, so they can be cost-prohibitive for many businesses and public-sector agencies that are anxious to reap the benefits of cloud computing. Consequently, we expect public cloud services—which use advanced, multi-tenant data centers1 to provide highly scalable and affordable computing services to thousands of customers simultaneously—to be the most popular cloud computing model for the foreseeable future.2 Still, the growth of public cloud services is not inevitable. Microsoft understands that unless we are responsive to customers’ and regulators’ questions about data protection in public clouds, we will not earn the trust that is necessary for our cloud services to satisfy our customers’ needs. This is why data protection figures prominently in Office 365, Microsoft’s newest cloud-based productivity service. 1 “Microsoft Expands Cloud Computing Capabilities & Services in Europe.” Microsoft press release, Sept. 2009. 2 “The Economics of the Cloud.” Microsoft whitepaper, Nov. 2010.
2 Privacy in the Public Cloud: The Office 365 Approach 2 Reflecting Microsoft’s approach to privacy by design, Office 365 was built from the ground up with strong data protection in mind. In the following pages, we will discuss Microsoft’s philosophical and practical approach to safeguarding information in the cloud, and we will describe several of the tangible benefits that have resulted for Office 365 customers. Privacy at Microsoft As part of our long-term commitment to Trustworthy Computing, Microsoft strives to earn and strengthen trust by building robust privacy and data protections into our products and services. We work to responsibly manage and protect the data we store, be transparent about our privacy practices, and offer meaningful privacy choices. These three tenets—responsibility, transparency, and choice—are the foundation of Microsoft’s approach to privacy. Our privacy principles and our internal privacy standards guide the collection and use of customer and partner information at Microsoft and give our employees a clear framework to help ensure that we manage data responsibly. To put our principles and standards into practice, we have invested heavily to build a comprehensive privacy governance program. Microsoft employs more than 40 full-time privacy professionals, with several hundred other employees helping to ensure that privacy policies, procedures, and technologies are applied across our products and services. When it comes to cloud computing, Microsoft has been addressing privacy issues associated with online services since the launch of the MSN network in 1994. Today, we manage a cloud-based infrastructure that supports more than 200 online services and websites that attract more than 600 million unique users worldwide each month. We recognize that cloud services often raise unique security and privacy questions for business, education, and government customers, so we have adapted our policies and governance programs to address customer concerns, facilitate regulatory compliance, and build greater trust in cloud computing. For example, we contractually commit to specific data handling processes as part of our agreements for popular cloud services such as Microsoft Exchange Online, SharePoint Online, and Lync Online. We also provide customers with flexible management tools that help protect sensitive data and support compliance with government privacy and security guidelines. Such transparent policies and strong tools are essential for our customers as they deal with the privacy and security questions that arise from their use of cloud services.
3 Privacy in the Public Cloud: The Office 365 Approach 3 The Office 365 Privacy Opportunity Microsoft helped usher in the era of enterprise cloud computing in 2008 when Bill Gates announced that the company would offer online versions of its popular Exchange Server and SharePoint Server software for businesses of all sizes. The services, which in 2009 became part of the Microsoft Business Productivity Online Suite (BPOS), gave thousands of global businesses their first taste of cloud computing by providing access to email, calendaring, and shared workspaces over the Internet. But because this first generation of “software-as-a-service” cloud offerings had its roots in traditional server software, it was not fully optimized to take advantage of Microsoft’s global network of technologically advanced data centers. So, even as BPOS was launching, Microsoft was laying the groundwork for its successor: Office 365. The multi-year development effort, which culminated in the global launch of Office 365 in June 2011, yielded an online business service purposely built to optimize the flexibility, responsiveness, and efficiency of the cloud. Office 365 was also built with an emphasis on strong data protection. Reflecting Microsoft’s approach to privacy by design, a team of privacy professionals was dedicated to the product early in the development cycle and worked in close partnership with engineers, business planners, and marketers. Consequently, privacy has been an integral part of Office 365 from the beginning, not an afterthought. In addition, employees distributed throughout the organization are accountable for managing the service’s privacy and security risks. The result is an enterprise cloud service with robust data protections that reflect Microsoft’s core privacy tenets of responsibility, transparency, and choice. Responsibility We understand that managing customer information is a responsibility that includes important security and privacy obligations. This is particularly true for cloud-based services such as Office 365. We have a broad network of people and processes that implement our privacy standards and provide privacy guidance and training. If a privacy incident occurs, we have rigorous procedures to address the problem, diagnose the cause, and update customers in a timely manner. A few highlights of our approach to privacy governance in Office 365 are outlined below. Standing the Test of Time Criteria for determining appropriate levels of privacy and security in the cloud are changing rapidly. What matters most today may be a low priority tomorrow. As a result, when evaluating a cloud provider, Microsoft Office 365 delivers the power of cloud productivity to businesses of all sizes, helping them to save time and money and free up valued resources. Office 365 supplements the familiar Office desktop suite—which includes such popular programs as Microsoft Word, Excel, and Outlook—with cloud-based versions of these programs as well as our next- generation communications and collaboration services: Exchange Online, SharePoint Online, and Lync Online.
4 Privacy in the Public Cloud: The Office 365 Approach 4 organizations would be wise to consider the depth and breadth of the provider’s governance model and its ability to quickly adapt to changing privacy priorities. With Office 365, we have employed a variety of risk management mechanisms to appropriately manage regulatory change, organizational change, personnel change, and technological change. Before any of the services that are part of Office 365 launch to the public, subject-matter experts conduct privacy, security, and business continuity risk assessments on each service and work closely with the service owners to remediate any identified risks. After launch, we use a process of continuous monitoring that we call the Trustworthy Services Lifecycle to ensure that our data protection systems are functioning properly. We test required functionality annually, semi- annually, quarterly, monthly, or at the time of each new release, depending on the level of risk associated with the particular privacy or security control. We conduct regular risk assessments to refresh the control framework and, if necessary, to reset priorities if new aspects of the service emerge as high-risk. This multi-layered and continuous approach to monitoring the Office 365 data protection environment helps us quickly diagnose and remedy problems that occur and helps our customers respond quickly to shifting regulatory or industry requirements. Enabling Regulatory Compliance Just as Microsoft has a responsibility to process our enterprise customers’ information in a trustworthy manner, many of our customers have a responsibility to comply with national, regional, and industry-specific requirements governing the collection and use of individuals’ data. As a provider of global cloud services, we must run our services with common operational practices and features that span multiple customers and jurisdictions. To fulfill our privacy responsibility to our customers as well as help our diverse customer base fulfill its regulatory obligations, we set the bar high and then build our services to meet that bar using common privacy and security controls. While it is ultimately up to our customers to determine whether our services satisfy their specific regulatory needs, we are committed to providing detailed information about our cloud services to help them in their assessments. One tool we have developed to facilitate customers’ assessments of Office 365 is the Office 365 Trust Center, an online repository of detailed information about Office 365 privacy and security practices. For example, on the Regulatory Compliance page of the Trust Center, we explain how we believe Office 365 helps facilitate compliance with a range of major statutes, from European Union data protection laws to the U.S. Gramm- Leach-Bliley Act, which includes provisions on the protection of consumers’ financial information. Another resource we offer to help customers evaluate Office 365 is detailed information about the well- recognized certifications that the service has attained. On the Security, Audits, and Certifications page of the Trust Center, customers can locate information about the certifications held by both Office 365 and the Microsoft data centers that host the service. By making this information readily available, we empower
5 Privacy in the Public Cloud: The Office 365 Approach 5 customers to validate that what we say about our security and privacy practices has been affirmed by an accredited third party. One compliance framework in particular— the highly regarded ISO/IEC 27001 standard for information security management systems—forms the foundation of our security and privacy approach with Office 365 and its supporting infrastructure. ISO/IEC 27001 is one of the most widely recognized certifications for a cloud service, and thus one of the most valued by our customers. In addition to having our independent auditor, the British Standards Institute (BSI), verify the compliance of Office 365 with ISO/IEC 27001, we have asked BSI to review more than 20 additional privacy controls that we built into the service to better align it with comprehensive European data protection regulations. We have taken this unique approach to help our European customers understand the protections we have put in place to help them satisfy the specific expectations of both European citizens and European regulators. The full results of BSI’s findings are included in its ISO/IEC 27001 audit report on Office 365, a summary of which is available to Office 365 customers upon request. Support for EU Model Clauses In another effort to accommodate the data protection demands of European entities, Office 365 offers the opportunity for customers with European users to sign data processing agreements with the standard contractual clauses published by the European Commission. European law prohibits companies from transferring personal data from the EU except under specific conditions. One way to transfer such data is to procure cloud services from companies that abide by the U.S.-EU Safe Harbor Framework. However, EU companies may want the more stringent protections of a detailed data processing agreement and the standard contractual clauses published by the European Commission, which are known as the EU Model Clauses. Microsoft’s willingness to sign these agreements means that Microsoft contractually guarantees that Office 365 will follow the stringent privacy and security standards detailed in the Model Clauses. Using Customer Data Only for the Customers’ Purposes Responsible cloud providers must have strong internal policies in place that clearly delineate what the provider and its partners can and cannot do with customer information.
6 Privacy in the Public Cloud: The Office 365 Approach 6 In Office 365, we use our customers’ data only for what they pay us for—to maintain and provide Office 365 services. As part of providing a quality service, we will troubleshoot in order to prevent, identify, or repair problems and to improve features that protect our customers. But Office 365 does not build advertising products out of our customers’ data. We also don’t scan our customers’ email or documents for the purpose of building analytics, data mining, advertising, or improving the service without our customers’ permission. In addition, Office 365 allows customers to keep their data separate from Microsoft’s consumer services. Controlling Access to Customer Data Office 365 applies strict controls over who will be granted access to key customer data. Microsoft and vendor support personnel are required to have a legitimate business justification to request access to Office 365 customers’ core data, and the request must be approved by the person’s manager prior to gaining access. In addition, access levels are reviewed on a periodic basis to ensure that only Microsoft employees or support personnel who have an appropriate business justification have access to the systems. Further, all Office 365 support personnel are accountable for their handling of customer data. Accountability is enforced through a set of system controls, including the use of unique user names, data access controls, and auditing. Unlike generic user names such as “Guest” or “Administrator,” unique names connect the use of customer data to specific individuals. For a detailed breakdown of how we handle specific classes of data stored and generated by users of Office 365, see the Data Use Limits page of the Office 365 Trust Center (which is discussed in more detail below). Securing Customer Information and Office 365 Systems According to a popular maxim in IT circles, “You can have security without privacy, but you can’t have privacy without security.” This statement certainly applies to public cloud computing, where customers rely on online service providers such as Microsoft not only to securely store their data but also to keep it safe from loss, theft, or misuse by third parties, other customers, or even the provider’s employees. We understand that robust physical and logical security is a prerequisite for any successful privacy program, and we protect Office 365 using a comprehensive security regimen that is monitored 24/7 and updated regularly. Unlike on-premises software that lives behind a corporate firewall and can be accessed only over a virtual private network, Office 365 is designed specifically for secure access over the Internet. Office 365 provides anti-spam and anti-malware technologies that are automatically updated to protect against the latest threats. The security features and services associated with Office 365 are built in, reducing customers’ time and cost associated with securing their IT systems. At the same time, Office 365 enables customers to easily control permissions, policies, and features through online administration and management consoles to meet their specific security needs. For most customers, Office 365 is a multi-tenant, public cloud service. That means one customer’s data may be stored on the same hardware as several other customers’ data. This is one reason Office 365 can provide the cost and scalability benefits it does. Microsoft goes to great lengths to ensure that the multi-tenant architecture
7 Privacy in the Public Cloud: The Office 365 Approach 7 of Office 365 supports enterprise privacy and security requirements, and we logically segregate data storage and processing for different customers through specialized technology engineered specifically for the purpose. Our data centers are designed, built, and managed using a “defense-in-depth” strategy at both the physical and logical layers, and our services are engineered to be secure using Microsoft’s Security Development Lifecycle. All Office 365 data centers have biometric access controls, and most require palm prints to gain entry. In addition, physical access to most data centers is controlled by two-tier authentication that includes both proxy card access readers and hand geometry biometric readers. For more on security in Office 365 and the Microsoft data centers that host it, please see the “Security in Office 365” whitepaper and our Global Foundation Services website. Transparency Although many organizations cite privacy and security concerns as major obstacles to their adoption of cloud services, information on the privacy and security practices of many cloud providers is either difficult to find or indecipherable to all but the most astute IT professionals. To help our customers find answers to their privacy and security questions about Office 365, we strive to be as transparent as possible about our data protection policies and procedures. The Office 365 Trust Center The centerpiece of our transparency effort with Office 365 is the Office 365 Trust Center, which launched in conjunction with the cloud service in June 2011 and was updated in December 2011. The aim of the Trust Center is to tell customers, in plain language, exactly how we handle and use data gathered in their interactions with Office 365. The site details commitments we make to Office 365 customers in six key privacy areas: Data Use Limits; Administrative Access; Geographic Boundaries; Third Parties; Security, Audits, and Certifications; and Regulatory Compliance. The Trust Center also includes links to tools that customers can use to stay current with changes to Office 365 security and privacy practices, to help ensure ongoing regulatory compliance, and to obtain more detailed information about the specific privacy and security practices of the individual services that comprise Office 365 (such as Exchange Online, SharePoint Online, and Lync Online).
8 Privacy in the Public Cloud: The Office 365 Approach 8 Just as Office 365 will be a continuously evolving and improving service, the Trust Center will be a living resource that customers can use to stay abreast of the most current and accurate information available about privacy and security practices in Office 365. Geographic Boundaries One of the most common questions asked of cloud providers is also one of the simplest: “Where is my data?” With Office 365, we provide a thorough summary of our data location strategy on the Geographic Boundaries page of the Trust Center. This page describes where Microsoft stores and accesses customer data in the course of providing the Office 365 service. Microsoft has a regionalized data center strategy. The specific details of where data is located or accessed from depend on the customer’s ship-to address, which the customer provides when purchasing the service. The three regions are the Americas, Asia, and Europe. The Geographic Boundaries page also outlines the steps we take to ensure that information is not lost if the power fails in one data center. All such data is backed up in one or more data centers in another country or region. Third Parties Another frequent topic of concern is third-party access to cloud data. Many customers worry that beyond the cloud service provider they purchase services from directly, an unseen web of subcontractors, vendors, and other third parties may be improperly accessing, reviewing, and using their information. Microsoft readily acknowledges that it relies on partners and subcontractors to ensure that Office 365 performs optimally for all of our customers, no matter where they are. But we think our customers should be able to know not only what kinds of privacy and security minimums we expect of such third parties, but also who the third parties are. This is why we publish such information on the Third Parties page of the Trust Center. The page links to a current list of Office 365 subcontractors and provides information on how Microsoft works to help ensure that subcontractors comply with our privacy requirements. Subcontractors that work in facilities or on equipment controlled by Microsoft must follow our privacy standards, and all other subcontractors must follow privacy standards equivalent to our own. Comparing Cloud Provider Controls and Policies To help potential customers evaluate different cloud service providers, the not-for-profit Cloud Security Alliance (CSA) developed a set of security and privacy criteria called the Cloud Controls Matrix that customers can use to compare and contrast different providers’ data protection controls and information about their policies across 13 domains. To help enable such comparisons of Office 365, Microsoft developed a 50-page whitepaper that details how Office 365 fulfills the security, privacy, compliance, and risk management requirements defined in the Cloud Controls Matrix.
9 Privacy in the Public Cloud: The Office 365 Approach 9 The paper is available on the Office 365 website and is also available for download in the CSA’s searchable Security, Trust & Assurance Registry, which allows potential cloud customers to quickly access information on a variety of cloud providers. Choice We believe that customers want clear opportunities to choose whether their information will be collected, shared, or made public. This includes the flexibility to limit or eliminate information sharing or to set different levels of access. For business, government, and education customers, choice means having tools to maintain and control access to the information stored in their cloud accounts. Microsoft has developed a number of tools for administrators within customer organizations to control access to Office 365. Administrative Access In formulating our strategy for administrative access to data managed by Office 365, we worked with three priorities in mind:  We always give customers access to their customer data.  Access to customer data is strictly limited, and sample audits are performed by both Microsoft and third parties to verify that access is only for appropriate business purposes.  We recognize the extra importance of our customers’ core data, such as the body of Exchange Online emails and SharePoint Online team site content. If anyone—whether Microsoft personnel, partner personnel, or a customer’s own administrator—accesses core data on the service, we can provide a report on that access upon request. With Office 365, customers have complete access to their own environment, including user mail boxes, SharePoint websites, and document stores. The customer maintains control over security policies and user accounts. This degree of control enables administrators to effectively enforce their organization’s privacy and security policies. Policies and users can be managed using a web-based management console or remote PowerShell for automation of routine tasks. Identity Management Office 365 provides two options for user identification: Microsoft Office 365 user IDs and federated IDs. In the first case, administrators create Office 365 user IDs for each of their organization’s individual users of Office 365. Users sign in to all of their Office 365 services using a single login and password. A single sign-in application helps users easily create and use strong passwords that help keep their information safe. Alternatively, customers can choose federated identification, which uses on-premises Active Directory Federation Services (a service of Microsoft Windows Server 2008) to authenticate users on Office 365 using their existing corporate ID and password. In this scenario, identities are administered only on premises. This enables organizations to use two-factor authentication (such as smart cards or biometrics in addition to passwords) for maximum security.
10 Privacy in the Public Cloud: The Office 365 Approach 10 Microsoft Partners Lastly, Microsoft provides customers and their administrators with a number of ways to initiate, maintain, or terminate relationships with Microsoft partners who are part of the Office 365 ecosystem. We recognize that one compelling aspect of Office 365 is the number of partners that can provide additional services that our customers may want. For instance, some customers may hire a Microsoft support partner to administer their Office 365 services for them. To assist in maintaining security and privacy while taking advantage of our network of partners, we provide tools that enable Office 365 customers to monitor and quickly disable partners’ access to their information at any time, without having to disable the underlying Office 365 account. Conclusion Many public and private organizations around the world are already enjoying the efficiency, flexibility, and cost savings that cloud computing can provide. Yet some are waiting to move to the cloud until they have greater trust that their information will remain private and secure. Because Microsoft recognizes that privacy and security are major concerns for cloud customers, we developed our latest cloud-based productivity service, Office 365, from the ground up with strong data protection in mind. Additional information on Office 365 can be found at www.Office365.com, and additional information on Microsoft’s approach to privacy is available at www.microsoft.com/privacy. Additional Information “Privacy in the Cloud,” Microsoft whitepaper “The Economics of the Cloud,” Microsoft whitepaper “Security in Office 365,” Microsoft whitepaper Office 365 FAQ website Office 365 Trust Center website Microsoft Global Foundation Services website

Empfohlen

365 Degrees: Looking at Office 365, SharePoint, and Dynamics 365 by Steve Reid
365 Degrees: Looking at Office 365, SharePoint, and Dynamics 365 by Steve Reid365 Degrees: Looking at Office 365, SharePoint, and Dynamics 365 by Steve Reid
365 Degrees: Looking at Office 365, SharePoint, and Dynamics 365 by Steve ReidKTL Solutions
 
Security Beyond the Firewall
Security Beyond the FirewallSecurity Beyond the Firewall
Security Beyond the FirewallKTL Solutions
 
Cloud computing presentation
Cloud computing presentationCloud computing presentation
Cloud computing presentationLayani Malsha
 
Osterman Research: The need for third party security, compliance and other ca...
Osterman Research: The need for third party security, compliance and other ca...Osterman Research: The need for third party security, compliance and other ca...
Osterman Research: The need for third party security, compliance and other ca...proutley
 
The Need for Third-Party Security, Compliance and Other Capabilities in Micro...
The Need for Third-Party Security, Compliance and Other Capabilities in Micro...The Need for Third-Party Security, Compliance and Other Capabilities in Micro...
The Need for Third-Party Security, Compliance and Other Capabilities in Micro...Osterman Research, Inc.
 
Guide to Office 365
Guide to Office 365Guide to Office 365
Guide to Office 365Legal Services National Technology Assistance Project (LSNTAP)
 
Office 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techOffice 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techDWP Information Architects Inc.
 
Microsoft Office 365 and new Office 2016 for SMB
Microsoft Office 365 and new Office 2016 for SMBMicrosoft Office 365 and new Office 2016 for SMB
Microsoft Office 365 and new Office 2016 for SMBDavid J Rosenthal
 

Empfohlen

365 Degrees: Looking at Office 365, SharePoint, and Dynamics 365 by Steve Reid
365 Degrees: Looking at Office 365, SharePoint, and Dynamics 365 by Steve Reid365 Degrees: Looking at Office 365, SharePoint, and Dynamics 365 by Steve Reid
365 Degrees: Looking at Office 365, SharePoint, and Dynamics 365 by Steve ReidKTL Solutions
 
Security Beyond the Firewall
Security Beyond the FirewallSecurity Beyond the Firewall
Security Beyond the FirewallKTL Solutions
 
Cloud computing presentation
Cloud computing presentationCloud computing presentation
Cloud computing presentationLayani Malsha
 
Osterman Research: The need for third party security, compliance and other ca...
Osterman Research: The need for third party security, compliance and other ca...Osterman Research: The need for third party security, compliance and other ca...
Osterman Research: The need for third party security, compliance and other ca...proutley
 
The Need for Third-Party Security, Compliance and Other Capabilities in Micro...
The Need for Third-Party Security, Compliance and Other Capabilities in Micro...The Need for Third-Party Security, Compliance and Other Capabilities in Micro...
The Need for Third-Party Security, Compliance and Other Capabilities in Micro...Osterman Research, Inc.
 
Guide to Office 365
Guide to Office 365Guide to Office 365
Guide to Office 365Legal Services National Technology Assistance Project (LSNTAP)
 
Office 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techOffice 365: Why 98% of the Fortune 100 have adopted this tech
Office 365: Why 98% of the Fortune 100 have adopted this techDWP Information Architects Inc.
 
Microsoft Office 365 and new Office 2016 for SMB
Microsoft Office 365 and new Office 2016 for SMBMicrosoft Office 365 and new Office 2016 for SMB
Microsoft Office 365 and new Office 2016 for SMBDavid J Rosenthal
 
Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...
Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...
Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...Dana Gardner
 
Virtual & Remote Practice: Reach from the Beach & Manage from the Mountains
Virtual & Remote Practice: Reach from the Beach & Manage from the MountainsVirtual & Remote Practice: Reach from the Beach & Manage from the Mountains
Virtual & Remote Practice: Reach from the Beach & Manage from the MountainsGarrett P. Laborde
 
Collaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementCollaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementMaurene Caplan Grey
 
IBM Watson Workspace and Work Services strategy and roadmap
IBM Watson Workspace and Work Services strategy and roadmapIBM Watson Workspace and Work Services strategy and roadmap
IBM Watson Workspace and Work Services strategy and roadmapLetsConnect
 
Microsoft access 2010 guide by mushfiqmukit
Microsoft access 2010 guide by mushfiqmukitMicrosoft access 2010 guide by mushfiqmukit
Microsoft access 2010 guide by mushfiqmukitMohammad Mushfiqul Haque Mukit
 
B18 bmis
B18 bmisB18 bmis
B18 bmisGaurav Singh
 
Information Governance and ediscovery in office 365 ediscovery deep dive
Information Governance and ediscovery in office 365 ediscovery deep diveInformation Governance and ediscovery in office 365 ediscovery deep dive
Information Governance and ediscovery in office 365 ediscovery deep divebilgore
 
Cloud Computing for the SME
Cloud Computing for the SMECloud Computing for the SME
Cloud Computing for the SMEhyther
 
Common Service and Common Data Model by Henry McCallum
Common Service and Common Data Model by Henry McCallumCommon Service and Common Data Model by Henry McCallum
Common Service and Common Data Model by Henry McCallumKTL Solutions
 
Oliver wyman case_study
Oliver wyman case_studyOliver wyman case_study
Oliver wyman case_studyBill Leo, ITCPM, EMT
 
Microsoft Azure And The Competitive Cloud Industry - TechFuse
Microsoft Azure And The Competitive Cloud Industry - TechFuseMicrosoft Azure And The Competitive Cloud Industry - TechFuse
Microsoft Azure And The Competitive Cloud Industry - TechFuseRichard Harbridge
 
Collaboration 2.0
Collaboration 2.0Collaboration 2.0
Collaboration 2.0IBM
 
Microsoft (Strategy & Solutions)
Microsoft (Strategy & Solutions)Microsoft (Strategy & Solutions)
Microsoft (Strategy & Solutions)Vinayak Hegde
 
Dit yvol4iss04
Dit yvol4iss04Dit yvol4iss04
Dit yvol4iss04Rick Lemieux
 
Data governance for now
Data governance for nowData governance for now
Data governance for nowMichael Burgess
 
Front Copy and Letter to Shareholders
Front Copy and Letter to ShareholdersFront Copy and Letter to Shareholders
Front Copy and Letter to Shareholdersearnirgsreports
 
The Data & Analytics Journey – Why it’s more attainable for your company than...
The Data & Analytics Journey – Why it’s more attainable for your company than...The Data & Analytics Journey – Why it’s more attainable for your company than...
The Data & Analytics Journey – Why it’s more attainable for your company than...LetsConnect
 
Open-Xchange
Open-XchangeOpen-Xchange
Open-Xchangewebhostingguy
 
Role and Challenges in Cloud Computing and Ecommerce in SME’s
Role and Challenges in Cloud Computing and Ecommerce in SME’sRole and Challenges in Cloud Computing and Ecommerce in SME’s
Role and Challenges in Cloud Computing and Ecommerce in SME’sRHIMRJ Journal
 
tibbr Security Overview
tibbr Security Overviewtibbr Security Overview
tibbr Security Overviewtibbr
 
CRM privacy whitepaper final
CRM privacy whitepaper finalCRM privacy whitepaper final
CRM privacy whitepaper finalZero2Ten
 
Privacy in the Public Cloud: Microsoft Dynamics CRM Online
Privacy in the Public Cloud: Microsoft Dynamics CRM OnlinePrivacy in the Public Cloud: Microsoft Dynamics CRM Online
Privacy in the Public Cloud: Microsoft Dynamics CRM OnlineNerea
 

Weitere ähnliche Inhalte

Was ist angesagt?

Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...
Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...
Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...Dana Gardner
 
Virtual & Remote Practice: Reach from the Beach & Manage from the Mountains
Virtual & Remote Practice: Reach from the Beach & Manage from the MountainsVirtual & Remote Practice: Reach from the Beach & Manage from the Mountains
Virtual & Remote Practice: Reach from the Beach & Manage from the MountainsGarrett P. Laborde
 
Collaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementCollaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementMaurene Caplan Grey
 
IBM Watson Workspace and Work Services strategy and roadmap
IBM Watson Workspace and Work Services strategy and roadmapIBM Watson Workspace and Work Services strategy and roadmap
IBM Watson Workspace and Work Services strategy and roadmapLetsConnect
 
Information Governance and ediscovery in office 365 ediscovery deep dive
Information Governance and ediscovery in office 365 ediscovery deep diveInformation Governance and ediscovery in office 365 ediscovery deep dive
Information Governance and ediscovery in office 365 ediscovery deep divebilgore
 
Cloud Computing for the SME
Cloud Computing for the SMECloud Computing for the SME
Cloud Computing for the SMEhyther
 
Common Service and Common Data Model by Henry McCallum
Common Service and Common Data Model by Henry McCallumCommon Service and Common Data Model by Henry McCallum
Common Service and Common Data Model by Henry McCallumKTL Solutions
 
Microsoft Azure And The Competitive Cloud Industry - TechFuse
Microsoft Azure And The Competitive Cloud Industry - TechFuseMicrosoft Azure And The Competitive Cloud Industry - TechFuse
Microsoft Azure And The Competitive Cloud Industry - TechFuseRichard Harbridge
 
Collaboration 2.0
Collaboration 2.0Collaboration 2.0
Collaboration 2.0IBM
 
Microsoft (Strategy & Solutions)
Microsoft (Strategy & Solutions)Microsoft (Strategy & Solutions)
Microsoft (Strategy & Solutions)Vinayak Hegde
 
Front Copy and Letter to Shareholders
Front Copy and Letter to ShareholdersFront Copy and Letter to Shareholders
Front Copy and Letter to Shareholdersearnirgsreports
 
The Data & Analytics Journey – Why it’s more attainable for your company than...
The Data & Analytics Journey – Why it’s more attainable for your company than...The Data & Analytics Journey – Why it’s more attainable for your company than...
The Data & Analytics Journey – Why it’s more attainable for your company than...LetsConnect
 
Role and Challenges in Cloud Computing and Ecommerce in SME’s
Role and Challenges in Cloud Computing and Ecommerce in SME’sRole and Challenges in Cloud Computing and Ecommerce in SME’s
Role and Challenges in Cloud Computing and Ecommerce in SME’sRHIMRJ Journal
 
tibbr Security Overview
tibbr Security Overviewtibbr Security Overview
tibbr Security Overviewtibbr
 

Was ist angesagt? (20)

Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...
Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...
Microsoft SharePoint at a Crossroad — Biggest Opportunities and Challenges fo...
 
Virtual & Remote Practice: Reach from the Beach & Manage from the Mountains
Virtual & Remote Practice: Reach from the Beach & Manage from the MountainsVirtual & Remote Practice: Reach from the Beach & Manage from the Mountains
Virtual & Remote Practice: Reach from the Beach & Manage from the Mountains
 
Collaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records ManagementCollaboration: New Challenges for Electronic Records Management
Collaboration: New Challenges for Electronic Records Management
 
IBM Watson Workspace and Work Services strategy and roadmap
IBM Watson Workspace and Work Services strategy and roadmapIBM Watson Workspace and Work Services strategy and roadmap
IBM Watson Workspace and Work Services strategy and roadmap
 
Microsoft access 2010 guide by mushfiqmukit
Microsoft access 2010 guide by mushfiqmukitMicrosoft access 2010 guide by mushfiqmukit
Microsoft access 2010 guide by mushfiqmukit
 
B18 bmis
B18 bmisB18 bmis
B18 bmis
 
Information Governance and ediscovery in office 365 ediscovery deep dive
Information Governance and ediscovery in office 365 ediscovery deep diveInformation Governance and ediscovery in office 365 ediscovery deep dive
Information Governance and ediscovery in office 365 ediscovery deep dive
 
Cloud Computing for the SME
Cloud Computing for the SMECloud Computing for the SME
Cloud Computing for the SME
 
Common Service and Common Data Model by Henry McCallum
Common Service and Common Data Model by Henry McCallumCommon Service and Common Data Model by Henry McCallum
Common Service and Common Data Model by Henry McCallum
 
Oliver wyman case_study
Oliver wyman case_studyOliver wyman case_study
Oliver wyman case_study
 
Microsoft Azure And The Competitive Cloud Industry - TechFuse
Microsoft Azure And The Competitive Cloud Industry - TechFuseMicrosoft Azure And The Competitive Cloud Industry - TechFuse
Microsoft Azure And The Competitive Cloud Industry - TechFuse
 
Collaboration 2.0
Collaboration 2.0Collaboration 2.0
Collaboration 2.0
 
Microsoft (Strategy & Solutions)
Microsoft (Strategy & Solutions)Microsoft (Strategy & Solutions)
Microsoft (Strategy & Solutions)
 
Dit yvol4iss04
Dit yvol4iss04Dit yvol4iss04
Dit yvol4iss04
 
Data governance for now
Data governance for nowData governance for now
Data governance for now
 
Front Copy and Letter to Shareholders
Front Copy and Letter to ShareholdersFront Copy and Letter to Shareholders
Front Copy and Letter to Shareholders
 
The Data & Analytics Journey – Why it’s more attainable for your company than...
The Data & Analytics Journey – Why it’s more attainable for your company than...The Data & Analytics Journey – Why it’s more attainable for your company than...
The Data & Analytics Journey – Why it’s more attainable for your company than...
 
Open-Xchange
Open-XchangeOpen-Xchange
Open-Xchange
 
Role and Challenges in Cloud Computing and Ecommerce in SME’s
Role and Challenges in Cloud Computing and Ecommerce in SME’sRole and Challenges in Cloud Computing and Ecommerce in SME’s
Role and Challenges in Cloud Computing and Ecommerce in SME’s
 
tibbr Security Overview
tibbr Security Overviewtibbr Security Overview
tibbr Security Overview
 

Ähnlich wie Ms o365 privacy in the public cloud - 12-12-11 final standard

CRM privacy whitepaper final
CRM privacy whitepaper finalCRM privacy whitepaper final
CRM privacy whitepaper finalZero2Ten
 
Privacy in the Public Cloud: Microsoft Dynamics CRM Online
Privacy in the Public Cloud: Microsoft Dynamics CRM OnlinePrivacy in the Public Cloud: Microsoft Dynamics CRM Online
Privacy in the Public Cloud: Microsoft Dynamics CRM OnlineNerea
 
Rio Info 2015 - Painel Oportunidades para o Brasil na era da Computação em Nu...
Rio Info 2015 - Painel Oportunidades para o Brasil na era da Computação em Nu...Rio Info 2015 - Painel Oportunidades para o Brasil na era da Computação em Nu...
Rio Info 2015 - Painel Oportunidades para o Brasil na era da Computação em Nu...Rio Info
 
Modernize to the Microsoft Cloud
Modernize to the Microsoft CloudModernize to the Microsoft Cloud
Modernize to the Microsoft CloudEvan Ilias
 
Azure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 complianceAzure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 complianceErlinkencana
 
Office 365 Proposal Bangladesh - Biman
Office 365 Proposal Bangladesh - BimanOffice 365 Proposal Bangladesh - Biman
Office 365 Proposal Bangladesh - BimanMJ Ferdous
 
Ways In Which Office 365 Can Help You To Grow Your Business in 2022.pdf
Ways In Which Office 365 Can Help You To Grow Your Business in 2022.pdfWays In Which Office 365 Can Help You To Grow Your Business in 2022.pdf
Ways In Which Office 365 Can Help You To Grow Your Business in 2022.pdfCerebrum Infotech
 
Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?ITpreneurs
 
Understanding the Microsoft Cloud
Understanding the Microsoft CloudUnderstanding the Microsoft Cloud
Understanding the Microsoft CloudDavid J Rosenthal
 
SharePoint Saturday Denver 2015 - What is Office365 and Why Should I Care?
SharePoint Saturday Denver 2015 - What is Office365 and Why Should I Care?SharePoint Saturday Denver 2015 - What is Office365 and Why Should I Care?
SharePoint Saturday Denver 2015 - What is Office365 and Why Should I Care?Ryan Schouten
 
Chapter 3 cloud computing and intro parrallel computing
Chapter 3 cloud computing and intro parrallel computingChapter 3 cloud computing and intro parrallel computing
Chapter 3 cloud computing and intro parrallel computingPraveen M Jigajinni
 
The Cloud Connection
The Cloud ConnectionThe Cloud Connection
The Cloud Connectiongregerb
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computingvishnu varunan
 
Enterprise Challenges - Cloud
Enterprise Challenges - Cloud Enterprise Challenges - Cloud
Enterprise Challenges - Cloud Office
 
What You Need to Know About the Cloud
What You Need to Know About the CloudWhat You Need to Know About the Cloud
What You Need to Know About the CloudChris Roche
 
Office 365 Project Online - Comprehensive Guide
Office 365 Project Online - Comprehensive GuideOffice 365 Project Online - Comprehensive Guide
Office 365 Project Online - Comprehensive GuideDavid J Rosenthal
 
What is Cloud Computing? A Complete Guide
What is Cloud Computing? A Complete GuideWhat is Cloud Computing? A Complete Guide
What is Cloud Computing? A Complete GuideMarianne Harness
 
What is Cloud Computing? A Complete Guide
What is Cloud Computing? A Complete GuideWhat is Cloud Computing? A Complete Guide
What is Cloud Computing? A Complete GuideAlaina Carter
 

Ähnlich wie Ms o365 privacy in the public cloud - 12-12-11 final standard (20)

CRM privacy whitepaper final
CRM privacy whitepaper finalCRM privacy whitepaper final
CRM privacy whitepaper final
 
Privacy in the Public Cloud: Microsoft Dynamics CRM Online
Privacy in the Public Cloud: Microsoft Dynamics CRM OnlinePrivacy in the Public Cloud: Microsoft Dynamics CRM Online
Privacy in the Public Cloud: Microsoft Dynamics CRM Online
 
Rio Info 2015 - Painel Oportunidades para o Brasil na era da Computação em Nu...
Rio Info 2015 - Painel Oportunidades para o Brasil na era da Computação em Nu...Rio Info 2015 - Painel Oportunidades para o Brasil na era da Computação em Nu...
Rio Info 2015 - Painel Oportunidades para o Brasil na era da Computação em Nu...
 
Modernize to the Microsoft Cloud
Modernize to the Microsoft CloudModernize to the Microsoft Cloud
Modernize to the Microsoft Cloud
 
Azure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 complianceAzure 13 effective security controls for iso 27001 compliance
Azure 13 effective security controls for iso 27001 compliance
 
Office 365 Proposal Bangladesh - Biman
Office 365 Proposal Bangladesh - BimanOffice 365 Proposal Bangladesh - Biman
Office 365 Proposal Bangladesh - Biman
 
Ways In Which Office 365 Can Help You To Grow Your Business in 2022.pdf
Ways In Which Office 365 Can Help You To Grow Your Business in 2022.pdfWays In Which Office 365 Can Help You To Grow Your Business in 2022.pdf
Ways In Which Office 365 Can Help You To Grow Your Business in 2022.pdf
 
Redington Value Journal - August 2017
Redington Value Journal - August 2017Redington Value Journal - August 2017
Redington Value Journal - August 2017
 
Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?Cloud Computing & ITSM - For Better of for Worse?
Cloud Computing & ITSM - For Better of for Worse?
 
Bos365 April 2015
Bos365 April 2015Bos365 April 2015
Bos365 April 2015
 
Understanding the Microsoft Cloud
Understanding the Microsoft CloudUnderstanding the Microsoft Cloud
Understanding the Microsoft Cloud
 
SharePoint Saturday Denver 2015 - What is Office365 and Why Should I Care?
SharePoint Saturday Denver 2015 - What is Office365 and Why Should I Care?SharePoint Saturday Denver 2015 - What is Office365 and Why Should I Care?
SharePoint Saturday Denver 2015 - What is Office365 and Why Should I Care?
 
Chapter 3 cloud computing and intro parrallel computing
Chapter 3 cloud computing and intro parrallel computingChapter 3 cloud computing and intro parrallel computing
Chapter 3 cloud computing and intro parrallel computing
 
The Cloud Connection
The Cloud ConnectionThe Cloud Connection
The Cloud Connection
 
Introduction to cloud computing
Introduction to cloud computingIntroduction to cloud computing
Introduction to cloud computing
 
Enterprise Challenges - Cloud
Enterprise Challenges - Cloud Enterprise Challenges - Cloud
Enterprise Challenges - Cloud
 
What You Need to Know About the Cloud
What You Need to Know About the CloudWhat You Need to Know About the Cloud
What You Need to Know About the Cloud
 
Office 365 Project Online - Comprehensive Guide
Office 365 Project Online - Comprehensive GuideOffice 365 Project Online - Comprehensive Guide
Office 365 Project Online - Comprehensive Guide
 
What is Cloud Computing? A Complete Guide
What is Cloud Computing? A Complete GuideWhat is Cloud Computing? A Complete Guide
What is Cloud Computing? A Complete Guide
 
What is Cloud Computing? A Complete Guide
What is Cloud Computing? A Complete GuideWhat is Cloud Computing? A Complete Guide
What is Cloud Computing? A Complete Guide
 

Kürzlich hochgeladen

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Kürzlich hochgeladen (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Ms o365 privacy in the public cloud - 12-12-11 final standard

  • 1. Privacy in the Public Cloud: The Office 365 Approach December 2011
  • 2. © 2011 Microsoft Corporation. All rights reserved. This document is provided “as is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes.
  • 3. Contents Introduction........................................................................................................................................1 Privacy at Microsoft.............................................................................................................................2 The Office 365 Privacy Opportunity......................................................................................................3 Responsibility .................................................................................................................................3 Transparency..................................................................................................................................7 Choice............................................................................................................................................9 Conclusion........................................................................................................................................10
  • 4. 1 Privacy in the Public Cloud: The Office 365 Approach 1 Introduction Since our 2010 whitepaper “Privacy in the Cloud,” awareness and adoption of cloud computing have continued to increase. Global enterprises and entrepreneurs alike are turning to the cloud to accelerate innovation, launch new businesses, and cut costs. Government agencies, public service providers, and educational institutions are migrating to the cloud to better serve constituents and reduce IT spending, particularly in response to shrinking budgets. But not all the news has been positive. Hacking attacks, theft, and misuse of data managed by online service providers have raised questions about the privacy and security of cloud computing. For some large enterprises with highly sensitive data, such incidents have increased the appeal of private cloud solutions. Indeed, a “one-size-fits-all” approach may not be appropriate for governments or large organizations with many different classes of data, and private or hybrid cloud solutions that allow customers to keep selected data on premises can make good sense for those with specialized data protection requirements. Microsoft offers a full menu of private cloud solutions, and we recently published a whitepaper titled “Microsoft Private Cloud: A comparative look at Functionality, Benefits, and Economics.” But private clouds dedicate significant computing resources to just one or a handful of customers, so they can be cost-prohibitive for many businesses and public-sector agencies that are anxious to reap the benefits of cloud computing. Consequently, we expect public cloud services—which use advanced, multi-tenant data centers1 to provide highly scalable and affordable computing services to thousands of customers simultaneously—to be the most popular cloud computing model for the foreseeable future.2 Still, the growth of public cloud services is not inevitable. Microsoft understands that unless we are responsive to customers’ and regulators’ questions about data protection in public clouds, we will not earn the trust that is necessary for our cloud services to satisfy our customers’ needs. This is why data protection figures prominently in Office 365, Microsoft’s newest cloud-based productivity service. 1 “Microsoft Expands Cloud Computing Capabilities & Services in Europe.” Microsoft press release, Sept. 2009. 2 “The Economics of the Cloud.” Microsoft whitepaper, Nov. 2010.
  • 5. 2 Privacy in the Public Cloud: The Office 365 Approach 2 Reflecting Microsoft’s approach to privacy by design, Office 365 was built from the ground up with strong data protection in mind. In the following pages, we will discuss Microsoft’s philosophical and practical approach to safeguarding information in the cloud, and we will describe several of the tangible benefits that have resulted for Office 365 customers. Privacy at Microsoft As part of our long-term commitment to Trustworthy Computing, Microsoft strives to earn and strengthen trust by building robust privacy and data protections into our products and services. We work to responsibly manage and protect the data we store, be transparent about our privacy practices, and offer meaningful privacy choices. These three tenets—responsibility, transparency, and choice—are the foundation of Microsoft’s approach to privacy. Our privacy principles and our internal privacy standards guide the collection and use of customer and partner information at Microsoft and give our employees a clear framework to help ensure that we manage data responsibly. To put our principles and standards into practice, we have invested heavily to build a comprehensive privacy governance program. Microsoft employs more than 40 full-time privacy professionals, with several hundred other employees helping to ensure that privacy policies, procedures, and technologies are applied across our products and services. When it comes to cloud computing, Microsoft has been addressing privacy issues associated with online services since the launch of the MSN network in 1994. Today, we manage a cloud-based infrastructure that supports more than 200 online services and websites that attract more than 600 million unique users worldwide each month. We recognize that cloud services often raise unique security and privacy questions for business, education, and government customers, so we have adapted our policies and governance programs to address customer concerns, facilitate regulatory compliance, and build greater trust in cloud computing. For example, we contractually commit to specific data handling processes as part of our agreements for popular cloud services such as Microsoft Exchange Online, SharePoint Online, and Lync Online. We also provide customers with flexible management tools that help protect sensitive data and support compliance with government privacy and security guidelines. Such transparent policies and strong tools are essential for our customers as they deal with the privacy and security questions that arise from their use of cloud services.
  • 6. 3 Privacy in the Public Cloud: The Office 365 Approach 3 The Office 365 Privacy Opportunity Microsoft helped usher in the era of enterprise cloud computing in 2008 when Bill Gates announced that the company would offer online versions of its popular Exchange Server and SharePoint Server software for businesses of all sizes. The services, which in 2009 became part of the Microsoft Business Productivity Online Suite (BPOS), gave thousands of global businesses their first taste of cloud computing by providing access to email, calendaring, and shared workspaces over the Internet. But because this first generation of “software-as-a-service” cloud offerings had its roots in traditional server software, it was not fully optimized to take advantage of Microsoft’s global network of technologically advanced data centers. So, even as BPOS was launching, Microsoft was laying the groundwork for its successor: Office 365. The multi-year development effort, which culminated in the global launch of Office 365 in June 2011, yielded an online business service purposely built to optimize the flexibility, responsiveness, and efficiency of the cloud. Office 365 was also built with an emphasis on strong data protection. Reflecting Microsoft’s approach to privacy by design, a team of privacy professionals was dedicated to the product early in the development cycle and worked in close partnership with engineers, business planners, and marketers. Consequently, privacy has been an integral part of Office 365 from the beginning, not an afterthought. In addition, employees distributed throughout the organization are accountable for managing the service’s privacy and security risks. The result is an enterprise cloud service with robust data protections that reflect Microsoft’s core privacy tenets of responsibility, transparency, and choice. Responsibility We understand that managing customer information is a responsibility that includes important security and privacy obligations. This is particularly true for cloud-based services such as Office 365. We have a broad network of people and processes that implement our privacy standards and provide privacy guidance and training. If a privacy incident occurs, we have rigorous procedures to address the problem, diagnose the cause, and update customers in a timely manner. A few highlights of our approach to privacy governance in Office 365 are outlined below. Standing the Test of Time Criteria for determining appropriate levels of privacy and security in the cloud are changing rapidly. What matters most today may be a low priority tomorrow. As a result, when evaluating a cloud provider, Microsoft Office 365 delivers the power of cloud productivity to businesses of all sizes, helping them to save time and money and free up valued resources. Office 365 supplements the familiar Office desktop suite—which includes such popular programs as Microsoft Word, Excel, and Outlook—with cloud-based versions of these programs as well as our next- generation communications and collaboration services: Exchange Online, SharePoint Online, and Lync Online.
  • 7. 4 Privacy in the Public Cloud: The Office 365 Approach 4 organizations would be wise to consider the depth and breadth of the provider’s governance model and its ability to quickly adapt to changing privacy priorities. With Office 365, we have employed a variety of risk management mechanisms to appropriately manage regulatory change, organizational change, personnel change, and technological change. Before any of the services that are part of Office 365 launch to the public, subject-matter experts conduct privacy, security, and business continuity risk assessments on each service and work closely with the service owners to remediate any identified risks. After launch, we use a process of continuous monitoring that we call the Trustworthy Services Lifecycle to ensure that our data protection systems are functioning properly. We test required functionality annually, semi- annually, quarterly, monthly, or at the time of each new release, depending on the level of risk associated with the particular privacy or security control. We conduct regular risk assessments to refresh the control framework and, if necessary, to reset priorities if new aspects of the service emerge as high-risk. This multi-layered and continuous approach to monitoring the Office 365 data protection environment helps us quickly diagnose and remedy problems that occur and helps our customers respond quickly to shifting regulatory or industry requirements. Enabling Regulatory Compliance Just as Microsoft has a responsibility to process our enterprise customers’ information in a trustworthy manner, many of our customers have a responsibility to comply with national, regional, and industry-specific requirements governing the collection and use of individuals’ data. As a provider of global cloud services, we must run our services with common operational practices and features that span multiple customers and jurisdictions. To fulfill our privacy responsibility to our customers as well as help our diverse customer base fulfill its regulatory obligations, we set the bar high and then build our services to meet that bar using common privacy and security controls. While it is ultimately up to our customers to determine whether our services satisfy their specific regulatory needs, we are committed to providing detailed information about our cloud services to help them in their assessments. One tool we have developed to facilitate customers’ assessments of Office 365 is the Office 365 Trust Center, an online repository of detailed information about Office 365 privacy and security practices. For example, on the Regulatory Compliance page of the Trust Center, we explain how we believe Office 365 helps facilitate compliance with a range of major statutes, from European Union data protection laws to the U.S. Gramm- Leach-Bliley Act, which includes provisions on the protection of consumers’ financial information. Another resource we offer to help customers evaluate Office 365 is detailed information about the well- recognized certifications that the service has attained. On the Security, Audits, and Certifications page of the Trust Center, customers can locate information about the certifications held by both Office 365 and the Microsoft data centers that host the service. By making this information readily available, we empower
  • 8. 5 Privacy in the Public Cloud: The Office 365 Approach 5 customers to validate that what we say about our security and privacy practices has been affirmed by an accredited third party. One compliance framework in particular— the highly regarded ISO/IEC 27001 standard for information security management systems—forms the foundation of our security and privacy approach with Office 365 and its supporting infrastructure. ISO/IEC 27001 is one of the most widely recognized certifications for a cloud service, and thus one of the most valued by our customers. In addition to having our independent auditor, the British Standards Institute (BSI), verify the compliance of Office 365 with ISO/IEC 27001, we have asked BSI to review more than 20 additional privacy controls that we built into the service to better align it with comprehensive European data protection regulations. We have taken this unique approach to help our European customers understand the protections we have put in place to help them satisfy the specific expectations of both European citizens and European regulators. The full results of BSI’s findings are included in its ISO/IEC 27001 audit report on Office 365, a summary of which is available to Office 365 customers upon request. Support for EU Model Clauses In another effort to accommodate the data protection demands of European entities, Office 365 offers the opportunity for customers with European users to sign data processing agreements with the standard contractual clauses published by the European Commission. European law prohibits companies from transferring personal data from the EU except under specific conditions. One way to transfer such data is to procure cloud services from companies that abide by the U.S.-EU Safe Harbor Framework. However, EU companies may want the more stringent protections of a detailed data processing agreement and the standard contractual clauses published by the European Commission, which are known as the EU Model Clauses. Microsoft’s willingness to sign these agreements means that Microsoft contractually guarantees that Office 365 will follow the stringent privacy and security standards detailed in the Model Clauses. Using Customer Data Only for the Customers’ Purposes Responsible cloud providers must have strong internal policies in place that clearly delineate what the provider and its partners can and cannot do with customer information.
  • 9. 6 Privacy in the Public Cloud: The Office 365 Approach 6 In Office 365, we use our customers’ data only for what they pay us for—to maintain and provide Office 365 services. As part of providing a quality service, we will troubleshoot in order to prevent, identify, or repair problems and to improve features that protect our customers. But Office 365 does not build advertising products out of our customers’ data. We also don’t scan our customers’ email or documents for the purpose of building analytics, data mining, advertising, or improving the service without our customers’ permission. In addition, Office 365 allows customers to keep their data separate from Microsoft’s consumer services. Controlling Access to Customer Data Office 365 applies strict controls over who will be granted access to key customer data. Microsoft and vendor support personnel are required to have a legitimate business justification to request access to Office 365 customers’ core data, and the request must be approved by the person’s manager prior to gaining access. In addition, access levels are reviewed on a periodic basis to ensure that only Microsoft employees or support personnel who have an appropriate business justification have access to the systems. Further, all Office 365 support personnel are accountable for their handling of customer data. Accountability is enforced through a set of system controls, including the use of unique user names, data access controls, and auditing. Unlike generic user names such as “Guest” or “Administrator,” unique names connect the use of customer data to specific individuals. For a detailed breakdown of how we handle specific classes of data stored and generated by users of Office 365, see the Data Use Limits page of the Office 365 Trust Center (which is discussed in more detail below). Securing Customer Information and Office 365 Systems According to a popular maxim in IT circles, “You can have security without privacy, but you can’t have privacy without security.” This statement certainly applies to public cloud computing, where customers rely on online service providers such as Microsoft not only to securely store their data but also to keep it safe from loss, theft, or misuse by third parties, other customers, or even the provider’s employees. We understand that robust physical and logical security is a prerequisite for any successful privacy program, and we protect Office 365 using a comprehensive security regimen that is monitored 24/7 and updated regularly. Unlike on-premises software that lives behind a corporate firewall and can be accessed only over a virtual private network, Office 365 is designed specifically for secure access over the Internet. Office 365 provides anti-spam and anti-malware technologies that are automatically updated to protect against the latest threats. The security features and services associated with Office 365 are built in, reducing customers’ time and cost associated with securing their IT systems. At the same time, Office 365 enables customers to easily control permissions, policies, and features through online administration and management consoles to meet their specific security needs. For most customers, Office 365 is a multi-tenant, public cloud service. That means one customer’s data may be stored on the same hardware as several other customers’ data. This is one reason Office 365 can provide the cost and scalability benefits it does. Microsoft goes to great lengths to ensure that the multi-tenant architecture
  • 10. 7 Privacy in the Public Cloud: The Office 365 Approach 7 of Office 365 supports enterprise privacy and security requirements, and we logically segregate data storage and processing for different customers through specialized technology engineered specifically for the purpose. Our data centers are designed, built, and managed using a “defense-in-depth” strategy at both the physical and logical layers, and our services are engineered to be secure using Microsoft’s Security Development Lifecycle. All Office 365 data centers have biometric access controls, and most require palm prints to gain entry. In addition, physical access to most data centers is controlled by two-tier authentication that includes both proxy card access readers and hand geometry biometric readers. For more on security in Office 365 and the Microsoft data centers that host it, please see the “Security in Office 365” whitepaper and our Global Foundation Services website. Transparency Although many organizations cite privacy and security concerns as major obstacles to their adoption of cloud services, information on the privacy and security practices of many cloud providers is either difficult to find or indecipherable to all but the most astute IT professionals. To help our customers find answers to their privacy and security questions about Office 365, we strive to be as transparent as possible about our data protection policies and procedures. The Office 365 Trust Center The centerpiece of our transparency effort with Office 365 is the Office 365 Trust Center, which launched in conjunction with the cloud service in June 2011 and was updated in December 2011. The aim of the Trust Center is to tell customers, in plain language, exactly how we handle and use data gathered in their interactions with Office 365. The site details commitments we make to Office 365 customers in six key privacy areas: Data Use Limits; Administrative Access; Geographic Boundaries; Third Parties; Security, Audits, and Certifications; and Regulatory Compliance. The Trust Center also includes links to tools that customers can use to stay current with changes to Office 365 security and privacy practices, to help ensure ongoing regulatory compliance, and to obtain more detailed information about the specific privacy and security practices of the individual services that comprise Office 365 (such as Exchange Online, SharePoint Online, and Lync Online).
  • 11. 8 Privacy in the Public Cloud: The Office 365 Approach 8 Just as Office 365 will be a continuously evolving and improving service, the Trust Center will be a living resource that customers can use to stay abreast of the most current and accurate information available about privacy and security practices in Office 365. Geographic Boundaries One of the most common questions asked of cloud providers is also one of the simplest: “Where is my data?” With Office 365, we provide a thorough summary of our data location strategy on the Geographic Boundaries page of the Trust Center. This page describes where Microsoft stores and accesses customer data in the course of providing the Office 365 service. Microsoft has a regionalized data center strategy. The specific details of where data is located or accessed from depend on the customer’s ship-to address, which the customer provides when purchasing the service. The three regions are the Americas, Asia, and Europe. The Geographic Boundaries page also outlines the steps we take to ensure that information is not lost if the power fails in one data center. All such data is backed up in one or more data centers in another country or region. Third Parties Another frequent topic of concern is third-party access to cloud data. Many customers worry that beyond the cloud service provider they purchase services from directly, an unseen web of subcontractors, vendors, and other third parties may be improperly accessing, reviewing, and using their information. Microsoft readily acknowledges that it relies on partners and subcontractors to ensure that Office 365 performs optimally for all of our customers, no matter where they are. But we think our customers should be able to know not only what kinds of privacy and security minimums we expect of such third parties, but also who the third parties are. This is why we publish such information on the Third Parties page of the Trust Center. The page links to a current list of Office 365 subcontractors and provides information on how Microsoft works to help ensure that subcontractors comply with our privacy requirements. Subcontractors that work in facilities or on equipment controlled by Microsoft must follow our privacy standards, and all other subcontractors must follow privacy standards equivalent to our own. Comparing Cloud Provider Controls and Policies To help potential customers evaluate different cloud service providers, the not-for-profit Cloud Security Alliance (CSA) developed a set of security and privacy criteria called the Cloud Controls Matrix that customers can use to compare and contrast different providers’ data protection controls and information about their policies across 13 domains. To help enable such comparisons of Office 365, Microsoft developed a 50-page whitepaper that details how Office 365 fulfills the security, privacy, compliance, and risk management requirements defined in the Cloud Controls Matrix.
  • 12. 9 Privacy in the Public Cloud: The Office 365 Approach 9 The paper is available on the Office 365 website and is also available for download in the CSA’s searchable Security, Trust & Assurance Registry, which allows potential cloud customers to quickly access information on a variety of cloud providers. Choice We believe that customers want clear opportunities to choose whether their information will be collected, shared, or made public. This includes the flexibility to limit or eliminate information sharing or to set different levels of access. For business, government, and education customers, choice means having tools to maintain and control access to the information stored in their cloud accounts. Microsoft has developed a number of tools for administrators within customer organizations to control access to Office 365. Administrative Access In formulating our strategy for administrative access to data managed by Office 365, we worked with three priorities in mind:  We always give customers access to their customer data.  Access to customer data is strictly limited, and sample audits are performed by both Microsoft and third parties to verify that access is only for appropriate business purposes.  We recognize the extra importance of our customers’ core data, such as the body of Exchange Online emails and SharePoint Online team site content. If anyone—whether Microsoft personnel, partner personnel, or a customer’s own administrator—accesses core data on the service, we can provide a report on that access upon request. With Office 365, customers have complete access to their own environment, including user mail boxes, SharePoint websites, and document stores. The customer maintains control over security policies and user accounts. This degree of control enables administrators to effectively enforce their organization’s privacy and security policies. Policies and users can be managed using a web-based management console or remote PowerShell for automation of routine tasks. Identity Management Office 365 provides two options for user identification: Microsoft Office 365 user IDs and federated IDs. In the first case, administrators create Office 365 user IDs for each of their organization’s individual users of Office 365. Users sign in to all of their Office 365 services using a single login and password. A single sign-in application helps users easily create and use strong passwords that help keep their information safe. Alternatively, customers can choose federated identification, which uses on-premises Active Directory Federation Services (a service of Microsoft Windows Server 2008) to authenticate users on Office 365 using their existing corporate ID and password. In this scenario, identities are administered only on premises. This enables organizations to use two-factor authentication (such as smart cards or biometrics in addition to passwords) for maximum security.
  • 13. 10 Privacy in the Public Cloud: The Office 365 Approach 10 Microsoft Partners Lastly, Microsoft provides customers and their administrators with a number of ways to initiate, maintain, or terminate relationships with Microsoft partners who are part of the Office 365 ecosystem. We recognize that one compelling aspect of Office 365 is the number of partners that can provide additional services that our customers may want. For instance, some customers may hire a Microsoft support partner to administer their Office 365 services for them. To assist in maintaining security and privacy while taking advantage of our network of partners, we provide tools that enable Office 365 customers to monitor and quickly disable partners’ access to their information at any time, without having to disable the underlying Office 365 account. Conclusion Many public and private organizations around the world are already enjoying the efficiency, flexibility, and cost savings that cloud computing can provide. Yet some are waiting to move to the cloud until they have greater trust that their information will remain private and secure. Because Microsoft recognizes that privacy and security are major concerns for cloud customers, we developed our latest cloud-based productivity service, Office 365, from the ground up with strong data protection in mind. Additional information on Office 365 can be found at www.Office365.com, and additional information on Microsoft’s approach to privacy is available at www.microsoft.com/privacy. Additional Information “Privacy in the Cloud,” Microsoft whitepaper “The Economics of the Cloud,” Microsoft whitepaper “Security in Office 365,” Microsoft whitepaper Office 365 FAQ website Office 365 Trust Center website Microsoft Global Foundation Services website