Service security policies are designed to safely store and access business data on the cloud, which can be linked to the existing on-premises security system to ensure cloud security.
As all business documents are uploaded to the Microsoft 365 cloud, Microsoft 365 security policies restrict access based on compliance with the Microsoft 365 user's device to prevent data leakage.
- Mobile devices including personal ones installed with the security software of the company or work PCs are not restricted in accessing Microsoft 365.
- Business emails and schedules can be accessed via MS Outlook only.
- Mobile devices are allowed to view and edit Microsoft 365 documents, but they cannot download and store them.
- Personal computers or mobile devices can only view Microsoft 365 documents on their web browsers (editing allowed for PCs).
- Upon logging in to Microsoft 365, an additional authentication key (MFA) is required other than the email address and password, so that a leaked email address and password cannot be used to access Microsoft 365. Also, there are additional security policies in place along with on-premises policies and Microsoft 365 service policies to preemptively prevent data leakage.
- Personal Microsoft 365 service access is restricted from work PCs.
- Files uploaded to cloud service are monitored.