Security causes for concern from Microsoft Office 365 users surveyed were shadow IT, referenced by 16pc of the sample, and lack of security training for all employees (also 16pc). These were closely followed by ‘lack of security policies and controls’ (14pc) and ‘no monitoring solution specifically looking for data and security breaches’ (13pc).
In terms of compliance challenges, the most widely-cited by the sample was ‘end-users don’t classify data correctly and/or take required actions’ (referenced by 38pc). This was followed by ‘content stored in legacy content systems’ which was highlighted by 35pc and ‘content spread across multiple workloads’ (34pc). More than one in ten (11pc) ranked Bring Your Own Device (BYOD) policies and procedures among their biggest challenges in this area.
Survey respondents were also asked whether they believed the current security and compliance features in Microsoft Office 365 were sufficient for their organisational requirements. Some 14pc believe that the current security protection is not sufficient while more than a fifth (22pc) believe Office 365’s compliance capabilities are not sufficient.
In general, the researchers believe these concerns can be attributed to the education gap around Office 365 security and compliance, rather than issues with the software itself.
Matthew McDermott, Spanning’s principal technical marketing engineer and a 13-time Microsoft Office Apps and Services MVP, said: “The gap presented in this research is not from a lack of features, vision or direction from Microsoft; the gap comes from within organisations. Companies must invest in personnel and tools to ensure compliance and secure systems. It’s not enough, with today’s threat landscape, to be reactive. You need to be proactive in your approach to keeping your assets and customer data safe and secure.”
About the research
Sponsored in part by Spanning,which offers backup and recovery for SaaS applications; and conducted with the Marriott School of Business at Brigham Young University and CollabTalk, more than 270 IT people across 19 industries were surveyed, with IT from legacy hardware to cloud and hybrid.
To view the full survey report visit https://spanning.com/resources/reports/organizational-security-compliance-practices-office-365/.
