Organizational Security & Compliance Practices in Office 365


Office 365 Security and Compliance Report: Perception vs Reality

A new research report, conducted by Spanning along with CollabTalk, reveals the major pain points for organizations when managing security and compliance governance for Microsoft Office 365. Alarmingly, although many survey respondents expressed confidence about their Office 365 security practices, very few are addressing glaring gaps that could leave their organizations at risk.

According to the survey, more than 30 percent of respondents indicated that the overall state of governance readiness within their organizations is “poor.” For compliance, incorrect data classification and actions (17 percent) and content stored in legacy systems (15 percent) created the biggest headaches for IT professionals. When it came to security, Shadow IT (15 percent), lack of security training (15 percent) and lack of breach monitoring solutions (13 percent) were revealed to be the most worrisome activities, potentially leaving open doors for enterprise data loss.

This research report spotlights the real-world issues facing most organizations as well as the need for more education into what security functionality is part of Office 365, and where gaps can be found.

“…most organizations…do not conduct proper [security] planning, and most do not utilize (or are even aware of) all of the features that are available and whether these unused capabilities would help them meet [security] requirements.”

“The biggest issue with a company’s security and compliance strategy is the lack of expertise. This space is moving fast. You need to be up to date on what’s possible, what works well, what doesn’t and what you should prioritize. Many customers just don’t have the right people focused on this, or don’t support them by modernizing technology faster and more effectively.”

The research, led by Christian Buckley of CollabTalk, was conducted in partnership with the Marriott School of Business at Brigham Young University. IT professionals, CXOs, and compliance officers around the globe were surveyed and interviewed, resulting in more than 270 responses across 19 industries. The companies represented range from <50 employees to 10,000+, running environments that range from legacy hardware to cloud and hybrid. 11 Microsoft Office 365 MVPs were invited to comment on the survey findings, and MVPs noted significant gaps between the respondents’ perception — that their approach to Office 365 security was adequate — and the reality that those surveyed have missed addressing some risks.

Download Organizational Security & Compliance Practices in Office 365 to start your organization on a path to greater Office 365 security, where you can identify, then remediate, your risks.

View The Full Report