Security
Note
This is pre-release content and only applies to the Microsoft Office Customer Preview. It doesn’t represent the current in-market service or guarantee future availability of any SKUs or features. For current service descriptions, see Office 365 for Enterprise Service Descriptions.
This section describes how Microsoft protects customers’ business data and delivers Microsoft Office 365 services securely and reliably. It also describes how Microsoft enhances security for each of the Office 365 services. For more detailed information, visit the Office 365 Trust Center.
Protection is provided at multiple levels, including:
- Physical layers at data centers This includes physical controls, video surveillance, and access control.
- Logical layers This includes data isolation, hosted applications security, infrastructure services, network level, identity and access management, federated identity, and single sign-on.
Physical security
Microsoft ensures that the environment in which the Office 365 customer’s data is stored is physically secured by controlling environment access through multiple security checks. These physical security checks are applied at multiple levels in the Microsoft data centers, and Office 365 services are delivered through carrier-class data centers that ensure consistent delivery according to the services’ service-level agreements (SLAs). These data centers include the following industry-standard features:
- Secure physical access for authorized personnel only Access is restricted by job function so that only essential personnel receive authorization to manage customers’ applications and services. Physical access authorization utilizes multiple authentication and security processes: badge and smartcard, biometric scanners, on-premises security officers, continuous video surveillance, and two-factor authentication for physical access to the data center environment.
- Redundant power supplies Each data center has two separate power feeds, battery backup, and diesel generators (with alternative fuel delivery contracts in place).
- Climate control This ensures that equipment runs at optimal temperature and humidity.
- Natural disaster control This includes seismically braced racks where required and fire prevention and extinguishing systems.
- Physical monitoring This includes motion sensors, 24-hour secured access, video camera surveillance, and security breach alarms.
- Worldwide Microsoft data center locations Office 365 services are deployed in Microsoft data centers that are located around the world, and offer geographically local hosting with global availability.
- Secure network design and operations The networks within the Office 365 data centers are designed to create multiple separate network segments within each data center. This segmentation helps to provide physical separation of critical, back-end servers and storage devices from the public-facing interfaces.
- Exceptional hardware The underlying hardware used in Microsoft data centers is specifically designed to operate as efficiently, effectively, and securely as possible. The hardware helps Microsoft eliminate unnecessary costs, save power and space consumption, and pass on these savings to Office 365 customers.
Logical security
Data is secured in five different layers:
- Data
- Application
- Host
- Network
- Physical
For more information, see the Security in Office 365 White Paper.
Service security
For more information about security for specific services, see the following topics:
Features
Feature |
Office 365 Small Business |
Office 365 Small Business Premium |
Office 365 Midsize Business |
Office 365 Enterprise E1 Office 365 Government G1 |
Office 365 Enterprise E2 Office 365 Education A2 Office 365 Enterprise E3 |
Office 365 Enterprise E3 Office 365 Education A3 Office 365 Government G3 |
Office 365 Enterprise E4 Office 365 Education A4 Office 365 Government G4 |
Office 365 Enterprise K1 Office 365 Government K1 Office 365 Enterprise K2 Office 365 Government K2 |
Physical security of data center |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Logical security |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Yes |
Tell us what you think
If you have comments or questions about this topic, we'd love to hear from you. Just send your feedback to Office 365 Service Description Feedback. Your comments will help us provide the most accurate and concise content.