Office 365 – Oh we just use it for non-secure collaboration
Really? I think this is a naïve approach. Seriously. I cannot begin to tell you how many Office 365 organizations are going blithely along thinking everything in their Office 365 environment is safe and secure, and not managed with the same due diligence as internal content. But, you see, they just use it for ‘non-secure’ collaboration. I’m not sure what that means.
Information governance in the cloud is no different than on-premise. I find it hard to believe that a user somewhere will never inadvertently transfer or share confidential information to unauthorized users. I also find it hard to believe that there are records that won’t be declared. What about collaboration that may contain business information that is not being subject to the laws of the country? What if content is being stored in diverse repositories and is actually a compliance issue with individual country guidelines and regulations? What about multi-national content asset protection? What about…what about…what about?
We have seen what the Snowden’s of the world can accomplish without much effort. Even if Office 365 is being used only for collaboration, some form of information governance has to be applied. Thinking of collaboration with internal colleagues, partners, and external stakeholders, the net for non-compliance issues in Office 365 just keeps expanding.
What do you think?