Survey reveals that while usage is high, companies still not leveraging Office 365 for sensitive data
A provider of dynamic, context-aware network, application and content security solutions, today revealed the results of a Microsoft® Office 365 and SharePoint survey conducted with TechValidate. The survey addressed how organizations are utilizing Office 365 and SharePoint, what applications they are using from the platform, where they have limitations, and how organizations perceive the security of Office 365 for controlling sensitive data.
Key findings show that a majority of respondents are utilizing Office 365 for its ability to universally connect employees, but that there are still lingering concerns about the solution’s security, especially when it comes to highly sensitive information. Half of the respondents affirmed that the only types of information currently stored in Office 365 are public/non-sensitive documentation or project documents.
OFFICE 365 HOLDS SWAY
- 48% of organizations surveyed currently use Office 365, and an additional 15% plan to use it within the next year; 6% in the next two years and 10% in the next 5 years; 21% noted they had no plans to use it.
- When looking at SharePoint usage, 39% are using SharePoint 2013, 29% are still using SharePoint 2010; SharePoint Online adoption is growing at 16%.
- Of the capabilities within Office 365, the most commonly used are Exchange and Office (44% each), followed by SharePoint Online (40%), OneDrive (39%), and Lync (36%).
- More than half cite universal access for employees (44%) and third party (11%) as the principle driver for Office 365 use.
- The second most common reason for using Office 365 was functionality (29%), followed by economics at (26%).
- The survey revealed that the cloud environment is here to stay, as 70% of respondents reported that up to 50% of document collaboration is already done in the cloud. With 100% saying they plan to go to the cloud within the next 5 years.
- For those companies who have a hybrid approach, meaning they have both Office 365 and on-premises farms, 59% of respondents were not sure how long they would maintain an on-premises farm and 17% plan to maintain one permanently.
ORGANIZATIONS ACTIVELY ADDRESSING SECURITY, BUT CONCERNS REMAIN
- A majority of organizations (54%) believe there is enough built-in security to store confidential documents in Office 365.
- Of those planning on maintaining an on-premises installation permanently, integrations with other on-premises data (61%) and third party security concerns (45%) ranked as a primary driver.
- That said, 34% said they are not planning to store confidential information in Office 365.
- The top three most common document types companies currently store include public/non-sensitive documentation (59%), project documents (51%) and corporate projects (39%).
- Respondents felt uncomfortable or extremely uncomfortable storing the following sensitive data: financial documents (48%), HR documents (41%), Intellectual Property/IP (46%), military or intelligence data (61%), regulated data such as PCI, PII, and PHI (40%).
- When asked how companies that store or plan to store sensitive data in Office 365 plan to secure it, the top four solutions cited were permissions (79%), access control (74%), active directory (71%), encryption (51%), and classification (27%).
“Office 365 is here to stay,” said Chris McNulty, CTO and Microsoft SharePoint MVP, for Cryptzone. “As companies migrate to the cloud, the focus needs to be on uniformly securing all environments, on-premises or cloud. Then organizations can truly take advantage of the advanced capabilities, features and sharing components of Office 365 and SharePoint Online. While Office 365 provides unmatched productivity and cost-effectiveness, many are still concerned about its security. Organizations should consider taking a layered approach to security, to help them increase their comfort level and confidence in working in the cloud.”
The full survey report is available here.
About Techvalidate
TechValidate is a trusted third-party research organization that directly interfaces with business and technology end users to collect and validate information about their deployments. More information is available at www.techvalidate.com [6].
About Cryptzone
Cryptzone secures the enterprise with dynamic, context-aware security solutions that protect critical services, applications and content from internal and external threats. For over a decade, enterprises have turned to Cryptzone to galvanize their Cloud and network security with responsive protection and access intelligence. More than 750 public sector and enterprise customers, including some of the leading names in technology, manufacturing and consumer products trust Cryptzone to keep their data and applications secure. For more information, go to www.cryptzone.com
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.