Microsoft Office 365 is a suite of services that includes Customer Lockbox and Privileged Access Management. Both tools to assist customers in meeting their compliance obligations and maximizing data security and privacy. These tools are currently only available for customers with Office 365 Enterprise and Advanced Compliance SKUs.
Privileged accounts are being compromised more rapidly every day and sensitive data can be exposed in shorter and shorter periods of time. Therefore, organizations must establish multiple regulations, procedures, and compliance obligations that must be followed before access is provided by anyone. Microsoft Office 365 understands this and has built-in Privileged Access Management to meet these higher levels of security. Lockbox and Privileged Access Management provide granular task-based access control within an approval workflow so organizations can gather privileged access as well as monitor and control sensitive tasks.
Multiple Layers of Protection
Microsoft 365 Customer Lockbox and Privileged Access can assist organizations to meet their compliance obligations through a built-in set of tools offering multiple layers of protection to:
1. access their compliance posture
2. protect sensitive data
3. respond to requests
4. maintain business continuity
5. efficiently reduces costs
This is accomplished by ensuring there is a regulated process flow to handle incoming requests. Virtually all Microsoft operations are fully automated unless during very rare circumstances requiring human involvement that is necessary to troubleshoot and correct a problem. If this intervention is needed, an approval request is generated, and then the approval group is notified by email. The request can either be approved or denied and even blocked. If the request is approved, the task is processed and checked against the privileged access policy and then logged in the Office 365 Security and Compliance Center.
Customer Lockbox Controls
Customer Lockbox allows users to control how Microsoft support engineers access data and features special procedures for explicit data access authorization. This keeps your information secure while the problem is being fixed. Customer Lockbox works with Exchange Online, SharePoint Online and OneDrive For Business.
There are multiple levels of approvals from the Lockbox system before access is granted, so your information remains secure. The request must be very specific and include role, data location details, the specific reason for the access and the duration of the access. There is also an expiration time on all requests, so the content access is removed after the engineer has fixed the problem. The majority of problems do not require Customer Lockbox access, but it is available and very secure. The Customer Lockbox feature can be turned off in the Admin Center.
Refer to this informational video to learn more about how Customer Lockbox And Privileged Access Management In Office 365 can help you keep your information secure.