Microsoft ups the ante in Office 365 security and compliance

Mark Coppock

Security, privacy, and compliance are key drivers in the technology industry, and Microsoft has been investing significant time and energy in making improvements in all three. As a core element of Microsoft’s cloud-first, mobile-first strategy, Office 365 is the latest to get a security and compliance makeover.
Microsoft spends some time talking security over at the Office blog, and the Office team is announcing two new security capabilities, Customer Lockbox and Advanced eDiscovery, that will be available December 1, 2015. The key components of Office 365’s focus on security and compliance are Advanced Threat Detection along with the two new offerings, and all of which integrate with Equivio, the eDiscovery software provider that Microsoft acquired earlier in 2015.
Citing over $30 billion spent by the biggest U.S. banks alone on legal costs, which is heavily influenced by the need to perform secure and accurate eDiscovery, Microsoft is particularly excited about the new Office 365 Advance eDiscovery:

That’s why we’re pleased to bring Advanced eDiscovery to Office 365. Office 365 Advanced eDiscovery integrates Equivio machine learning, predictive coding and text analytics capabilities, to reduce the costs and challenges that come along with sorting through large quantities of data for eDiscovery purposes. In today’s data environment, the eDiscovery process for any given case could involve sorting through millions of emails, text messages, instant messages and documents to find the small number of files that are most relevant. Office 365 Advanced eDiscovery reduces the volume of data by eliminating duplicate files, reconstructing email threads and identifying key themes and data relationships. Finally, it enables users to train the system to intelligently explore and analyze large, unstructured data sets and quickly zero in on what is relevant.

At the same time, Microsoft recognizes that seeing into how their cloud data is being managed is important to customers, and so they’re releasing Customer Lockbox, which is essentially the ability to control all access to their data and grant explicit rights to Microsoft engineers on an as-needed basis:

That’s why we’re launching Customer Lockbox, which offers customers full control over access to their data in Office 365 by giving them ultimate approval rights in the very rare instances when a Microsoft engineer must request access to the service, such as when troubleshooting a customer issue with mailbox or document contents. Today, all access control activities in the Office 365 service are logged and audited, and use of Customer Lockbox ensures that a Microsoft engineer cannot access a customer’s content to conduct a service operation without the customer’s explicit approval.


Both Customer Lockbox and Advanced eDiscovery will be available starting December 1 as add-on service purchases for Office 365 customers, while Advanced Threat Protection has been available for awhile. A new Office 365 E5 plan will provide all three security and compliance options, and will also be available on December 1. Find out more details at trust.office365.com.