Follow me on Twitter @AntonioMaio2

Monday, September 26, 2016

Microsoft Ignite 2016 - Must See Sessions for Office 365 & SharePoint Security

Welcome to Microsoft Ignite 2016 in Atlanta Georgia!  
This year's conference will once again be full of great content and great speakers about the Microsoft solutions that we all work with.  Myself, I tend to be interested in more technical content about SharePoint Server, SharePoint Online and the Office 365 service.  It looks like the session line up won't disappoint!

As my work tends to focus on security, information protection, information governance and identity management, my conference session schedule tends to focus on technical sessions related to these topics.  Here are my MUST SEE session picks for this week.

Wednesday, September 7, 2016

New Office 365 Data Centers in the UK (and elsewhere) Helping to Meet Data Residency Needs

When it comes to the security of your information, "where" it is stored matters... to many.

"Where" in this case, refers to the country in which the data actually sits.  Concerns about storage location or country is often referred to as Data Sovereignty or Data Residency (https://en.wikipedia.org/wiki/Data_residency).  To some, data sovereignty is a very important privacy concept when they consider the security of their data - people will talk about retaining ownership of data, not allowing foreign governments to have access to data through legal or judicial processes and keeping data secure from prying eyes by service providers, police services or governments agencies (ex. NSA).  Often, these concerns refer to the U.S. Patriot Act as a source of the issue with many believing that the U.S. Patriot Act gives US government agencies wide sweeping abilities to access anyone's data stored on US soil, or managed by any US firm.

More often than not though, what executives and data owners in organizations outside the US are concerned about is a perception problem: the perception of storing data in another country some how being less secure, or the perception that a foreign government agency can access your organization's data.  Sometimes the concern is about an organization storing data in a foreign country getting into the media... and the media story thus creating a perception problem for the organization.  In reality, the U.S. Patriot Act expired on June 1, 2015.  It was replaced by the U.S. Freedom Act on June 2, 2015, which has similar provisions to the U.S. Patriot Act, but imposes new limits on data collection activities by U.S government agencies.  As well, there are already international legal procedures in place, which predate the U.S. Patriot act, which allow one country to request data from another country about an organization when legal wrong doing is suspected... and the country being requested will usually comply.  All that said, there are some countries (Ex. Germany with the German Data Protection Act), or states/provinces within countries (Ex. Nova Scotia and British Columbia in Canada), which do have such laws in place and they typically refer very specifically to the storage and privacy of the personal data for individuals (PII or personally identifiable information).  Some companies also have policies in place which mandate that the organization's data must be stored and housed within the organization's country boundaries.

As a result, whether its a concern of perception or a legitimate law or policy, Microsoft continues to make it easier for organizations to meet their data residency needs.

Today, Microsoft announced that new Office 365 data centers are now available the United Kingdom - you can visit the official announcement here.  Multiple data centers are now available in the UK to help organizations meet in-region data residency, fail over and disaster recovery requirements. This will to help address the legal, regulatory and compliance needs of Microsoft clients in the banking, government, public sector and healthcare industries.

In June 2016, we saw new data centers launch in Canada for Office 365 and Azure (in Toronto and Quebec City).  As well, June brought us new data centers in Germany hosting Microsoft Azure, with Office 365 coming later this month (in Frankfurt and Magdeburg).  Although, as a standard security policy, Microsoft does not disclose the exact location of their data centers, we can see which countries and cities the data centers are located within:

  • You can view the Microsoft Office 365 data centers that are currently available here: Office 365 Data Center Map.
  • You can view the Microsoft Azure data center regions that are currently available here: Azure Regions Map.
These new data centers are a huge investment and continue to reaffirm Microsoft's commitment to provide the most secure cloud services in the industry.