The Office 365 Service Trust Portal (STP) provides resources about business data safety and industry compliance requirements. Users can search the portal for documents that describe Microsoft's security practices for customer business data stored in Office 365.
In a move to more transparency Microsoft wants to help customers to understand how Office 365 stores and manages data and what companies need to do for being compliant with current legislation.
As many businesses begin to move large amounts of personalized and confidential documents and resources into the cloud, the Office 365 Service Trust Portal can be used to manage the whole data-management in a correct way. A post on the Office blog explains the significance and purpose of the portal.
“To continue as a leader in cloud service delivery, we know that transparency is key to gaining your trust. We believe that by being transparent with you on how we protect your data, how we ensure that it is always available, how we maintain compliance with various global standards, and how we adhere to strict privacy commitments, we will continue to have a trust-based partnership with you.
Through the STP you can get direct access to a wide variety of compliance reports and trust resources, including:
- Office 365 SOC 1 / SSAE 16 / ISAE 3402 Independent Audit Reports
- Office 365 SOC 2 / AT 101 Independent Audit Report
- Office 365 ISO 27001 (including 27018 controls) Independent Audit Report
- Various compliance reports, such as Office 365 Information Security Management System (ISMS)
- Various GRC and Trust resources, such as whitepapers, FAQs, security assessment, risk assessment and other reports that will help you perform your own risk assessment”
If you want to learn more, you can visit a startup-guide on the office support-site where Microsoft explains how to register, access and use the Office 365 Service Trust Portal which can be accessed here. If you have a comments or questions on the STP, you can email Microsoft at [email protected].