Microsoft Aims to Give Customers More Control of Data in Cloud

Microsoft pledges to augment its cloud security with stronger protections and features aimed at giving customers the final say in what happens to their data.

Microsoft cloud security

Today during the RSA Conference in San Francisco, Microsoft announced several new offerings aimed at providing its customers with greater transparency and control over the data they entrust to the Redmond, Wash.-based tech giant's cloud.

"They want transparency on what's happening with their data and their content," Doug Hauger, general manager of Microsoft's National Cloud Programs, told eWEEK. Additionally, based on customer feedback, they are seeking "an element of control over what happens to their content and what their service providers do with it."

In that spirit, the company announced the Office 365 Management Activity API (application programming interface), which the company's customers and partners can use to monitor more than 150 security, compliance and operational signals, with more to come. "The Management Activity API is a RESTful API that provides an unprecedented level of visibility into all user and admin transactions within Office 365," Nagesh Pabbisetty, a partner group program manager on Microsoft's Office 365 Information Protection team, said in a statement.

For now, the Office 365 Management Activity API pulls data from SharePoint Online, Exchange Online and Azure Active Directory, but plans call for it to cover more Office 365 services in the future. The API is currently being used by select partners and independent software vendors (ISVs), including security-as-a-service provider AlertLogic and log management specialist Logentries. Microsoft will release the API as part of a private preview this summer and is encouraging interested parties to sign up for the limited program.

Later this year, the company plans to roll out a new feature called Customer Lockbox for Office 365, which places customers in control over whether to grant or deny a Microsoft engineer access to their Office 365 services when an issue that requires human intervention arises. "Customer lockbox is unique in the industry," said Hauger. "No one else does this."

Also this year, Microsoft plans to implement content-level encryption on Office 365 email to supplement today's existing BitLocker encryption. In 2016, Microsoft will allow customers to require the company to use customer-generated and controlled encryption keys. If customers quit Office 365, they can revoke the keys, rendering their content inaccessible.

Microsoft is also working with leading computer security companies on new Azure virtual appliances that enable customers to secure their cloud applications and services, said Hauger. They include a Web application firewall from Barracuda Networks, secure virtual machines from CloudLink and Trend Micro's Deep Security, an automated security framework.

Pedro Hernandez

Pedro Hernandez

Pedro Hernandez is a contributor to eWEEK and the IT Business Edge Network, the network for technology professionals. Previously, he served as a managing editor for the network of...