Microsoft Office 365 is a Software as a Service (SaaS) offering that is being adopted on a mass scale by many enterprises because it has a number of business benefits. But, as a cloud application, it magnifies or introduces a number of security risks.
By choosing to use SaaS, you presumably have done your due diligence to make sure the SaaS provider has implemented proper practices to secure the underlying application and platform, responsibilities that can only be addressed by the SaaS vendor. Much of this is non-transparent and very difficult to audit. So it’s critical that the vendor has an excellent security reputation and security certifications to back it up. Microsoft certainly qualifies as such, having the resources to do SaaS security right with its Cloud App Security.
Nonetheless, the burden of monitoring Office 365 security analytics still falls largely on the customer. As a result, customers need to understand the risks that come with Office 365 enterprise deployments, what’s needed to effectively manage them, and how to leverage managed security service providers (like Masergy) in those efforts.