Not Another Office 365 Top 10 List: How Data is Stored in Office 365
Why Choose Microsoft Office 365?
There are thousands of blog articles written about Office 365 each year. Here are just a few: Top 10 Reasons to Migrate to Office 365, Top 10 Reasons to Not Migrate to Office 365, Top 10 Migration Strategies for Office 365, Top 10 Office 365 Myths Debunked, and 15 Cool Features You Should Be Using in Office 365. Not to mention endless technical and how-to articles. There is no shortage of opinions in support of or against utilizing Office 365, everyone seems to have one.
While researching the topic of this blog article, I read many of these arguments that organizations view when deciding if Office 365 is right for them. When focusing on the reasons to migrate to Office 365, the articles list the reasons with a short explanation of each reason. No matter the reason, the explanation is usually a quick blurb with a justification for moving to Office 365. There is usually very little information to back up the justifications.
Are Blurbs Enough?
For example, when discussing storing data in Office 365:
If our data moves to the cloud, our business will no longer have control over our technology:
When you move to the cloud, your business actually gains control over your technology by reducing time and money spent maintaining hardware and upgrading software. Now you and your team can focus on strategically implementing technology for your business rather than being a repair service. You will reduce expenditures to your capital budget by no longer relying on servers to store email and workloads. Instead, you can expect a predictable budget and focus on supporting your business in a much more agile fashion, with the ability to respond to needs quickly.
Wow, that is a lot in a tiny blurb. If you started out with a less than stellar email system which was needing repaired constantly, or your business does not require any other servers, you are in great shape.
Office 365 is more than just Word, Excel, etc.
It is (depending on your license) actually a hosted Exchange (email) server. Now, one of the most powerful email systems that used to be only for Fortune 500 corporations, can be accessed by even the smallest of small businesses. Enterprise-level features and reliability for pennies per day!
True on every level, but pennies per day? No other quantification?
A little clarification would be great when explaining to your boss why you should move to Office 365. They no doubt are going to ask you to explain the pennies per day, or other explanations in these tiny blurbs.
Hopefully, the rest of this article can be of specific help. Sorry for the Reason – blurb format.
Where is customer (your organization) data when in Office 365?
Office 365 data is stored in Microsoft Data Centers around the globe. The Microsoft global infrastructure is made up of Regions, Geographies, and Availability Zones.
- Regions – a set of data centers deployed within a latency-defined perimeter and connected through a dedicated regional low-latency network. With more global regions than any other cloud provider, Microsoft gives customers the flexibility to access data where they need to.
- Geographies – a discrete market, typically containing two or more regions that preserves data residency and compliance boundaries. Geographies allow customers with specific compliance needs to keep their data close. They are fault-tolerant to withstand region failure through the networking infrastructure.
- Availability Zones – physically separate locations within each region. Each zone is made up of one or more data centers equipped with independent power, cooling, and networking. Allos customers high availability and low-latency replication.
Microsoft has 54 regions worldwide and is available in 140 countries. The addresses of the data centers are not disclosed to help keep them secure.
How is the data stored?
The data is stored in the local Geographic location to the organization by default. There are two locations in each Availability Zone, so there are always two up to date copies at any one time. The customer can request to have the data moved to a different location, if required. In the event of a failure, the data is brought up to Production automatically, and another copied made within the Availability Zone. Microsoft makes it an available option (for Exchange Online and Microsoft OneDrive) to store the data in multiple Geographies, called Multi-Geo Replication. This would provide for four copies of the data, two in an Availability Zone in two Geographies.
Office 365 uses service-side technologies that encrypt the data at rest and in transit. For data at rest, Office 365 uses volume-level and file-level encryption. For data in transit, Microsoft uses multiple encryption technologies for communications between data centers and between clients and servers, such as Transport Layer Security (TLS) and Internet Protocol Security (IPsec). Office 365 also has an option for customer-managed security features.
Who Can Access customer data?
The Office 365 data belongs to the customer. They have complete control over it. Microsoft provides extensive privacy controls and visibility into where the data resides and who can get access to it. Microsoft takes strong measure to help protect the customer data from inappropriate access or use by unauthorized persons. This includes restricting access by Microsoft personnel and subcontractors, and carefully defining requirements for responding to government requests for customer data. However, you can access your own customer data at any time for any reason.
And, without further ado, a top 10 list from Microsoft themselves:
Top 10 Security and Privacy Features of Office 365
- Restrict physical data center access to authorized personnel and have implemented multiple layers of physical security, such as biometric readers, motion sensors, 24-hour secured access, video camera surveillance, and security breach alarms.
- Enable encryption of data both at rest and via the network as it is transmitted between a data center and a user.
- Do not mine or access your data for advertising purposes.
- Use customer data only to provide the service; we don’t otherwise look in your mailbox without your permission.
- Regularly back up your data.
- Will not delete all the data in your account at the end of your service term until you have had time to take advantage of the data portability that we offer.
- Host your customer data in-region.
- Enforce “hard” passwords to increase security of your data.
- Allow you to turn off and on privacy impacting features to meet your needs.
- Contractually commit to the promises made here with the data processing terms in your volume licensing agreement.
Links for follow-up: