It’s easy to see why Office 365 is an attractive solution for small and medium-sized businesses already familiar with the Office interface. More and more companies are making the move to the cloud, but many have yet to complete their transition and still rely at least in part on on-site SharePoint systems. When you’re ready to migrate, the move from SharePoint to Office 365 presents numerous security challenges to prepare for – not least because breaches are far more likely to be caused by localized issues than insufficient protection on Microsoft’s part. Here’s what you need to do to ensure you’ve got security covered when you make the leap to migrating from SharePoint to Office 365.
Identify your company’s sensitive data…
It’s so easy to create sites within SharePoint that businesses often have far more than they realize, covering just about every aspect of their operations. And it’s natural, of course, for at least some of the files housed within those sites to contain sensitive commercial or personal data. The key is ensuring that sensitive information is adequately identified and protected. Do this by conducting a security audit before you undertake your migration.
Your audit should identify the types of data stored in the various parts of your SharePoint network, including which specific information needs extra safeguarding. Be sure to consider everything from trade secrets and contract details to the personal information of your clients.
…and then restrict access to it
Once you’ve worked out where your most precious data lies, you can check who currently has access to it and whether their access is appropriate. After all, it’s not necessary for everyone to be able to get at all the data your company owns; it’s far better to operate on a need-to-know basis, with a reasonable level of flexibility.
Ensure that each of your employees has access only to the data that’s necessary for them to perform their duties. When you make the switch to Office 365, you’ll find that it allows you to conveniently set these different levels of permissions, including for external partners with whom you collaborate.
Trust nobody and suspect everybody
We say that lightheartedly, of course – it would be counterproductive to become so security-paranoid as to suspect everyone is attempting foul play with your company’s data. Nonetheless, it’s wise to consider everyone in your organization when it comes to auditing data access permissions – and that includes system administrators who might be assumed to have master access to every element of your network infrastructure.
A rogue administrator is the stuff of nightmares, since their elevated position gives them much greater leeway to siphon off valuable data without being noticed – or even to allow others to conduct questionable business and bypass the usual built-in security precautions. Overcoming the danger of an all-too-powerful administrator admittedly becomes easier if you have more than one on staff, but even in smaller businesses you can mediate some of the risk by regularly checking on your administrator’s usage and ensuring that their top-level system permissions remain justifiable.
Use machine learning to foresee security breaches
Every action performed by your staff within Office 365 is automatically logged, and with relative ease you can pull reports that allow you to analyze these. But the sheer number of events taking place within Office 365 in the course of your business’s normal operations means that even attempting to identify questionable behavior will be akin to the proverbial needle and haystack. That’s not to say it’s unwise to be on the lookout for anomalies in normal usage – the export of unexplainably large volumes of data, for instance, could suggest that a member of your team is leaking intelligence to a competitor, or that they’re about to jump ship and take your trade secrets with them.
Thankfully, it’s possible to leverage the developing power of machine learning to identify potential breaches before they happen – without the need to wade through unmanageable swathes of perfectly normal data. Graph API is incorporated into Office 365, and allows for the integration of machine learning tools into your security environment to achieve just that. The same tools can also help you avoid being caught out by hackers, by identifying system login attempts from locations that are out of the ordinary; you should bolster this protection by religiously removing inactive accounts and those of departing employees.