Journey to Office 365 – Emails in cloud!!!
It’s been nearly two years since I wrote the blog “Where Cloud is heading“. And since then I am sure all of us have been witnessing some phenomenal technology advancements in cloud. The future looks all set and geared only in “cloud”.
Organizations of all sizes are aggressively marching towards the phase of either “being in cloud” or “getting there in cloud”. The prime drive being to be more agile, efficient, cost effective and responsive to business needs.
Email is the most significant form of communication used by enterprises to function globally in all time-zones. Having said that, email infrastructure management is identified and accepted as one of the business critical application unanimously. More than 80% organizations will vouch for Microsoft Exchange to run their emails.
In this blog, we will be highlighting some aspects that organizations should consider for getting emails in cloud and how Office365 facilitates that.
Technology isn’t just about building applications, but more about the user experience felt. With every version of Exchange, Microsoft has been focusing to work on the areas that were getting highlighted as pain points by subject matter experts and admins. With Exchange 2010 and 2013, the efforts went notches up and the user community has applauded the changes introduced.
Email has often been associated with a huge corporate stress on governance, compliance, risk and archival, indicating the line of security and availability email demands for business. The world looks all set in cloud, so are we ready to get our corporate emails in cloud?
Well with O365, we are ready!! Inspite of the active melodramatic debates around – emails and data “being/not being” safe in cloud, we need to look around why some big G200 organizations are ramping up their emails in cloud too. Working with various enterprise clients, our experience has been so far that every organization has different priorities depending on its size and industry vertical. However, one thing that all want is 100% uptime for their messaging infrastructure. The key fact that emerges out is that we are progressing towards the cloud world where “as-a-service” means speed, agility, transparency, user experience and cost effectiveness. This blog will focus only on email aspect of Office 365.
An Increasing Cloudiness….
Enterprises are getting their email infrastructure transitioned to cloud, but the transition isn’t often easy and can get challenging at different layers with increasing complexity. So before embarking on your journey in getting email infrastructure on cloud, we recommend a comprehensive assessment and readiness. There are various players out there who claim different capabilities but the foremost essential step for an organization is to understand their cloud strategy and expectations from it. It is of utmost significance to think about some key factors listed below:
- Is the provider having an open extensible platform/architecture?
- What are the service level agreement and management criterions?
- Understand what are the “maximum send and receive” limits for the entire organization?
- What is the digital archiving and disaster recovery strategy offered by the provider?
- How will the provider perform maintenance and upgrades?
- What are your operational costs covering software, applications etc?
- How far does it make a financial business sense – both in present and future?
- How securely certified in cloud the provider is?
- How scalable is the providers stack?
- What is the product roadmap?
- The exit plan
Microsoft’s vision has been crystal clear -> best user experience + cloud on your terms
O365 not just enables service orchestration but also end-to-end management, automation, elasticity with agility.
Office 365 from Exchange perspective addresses Exchange Online for email, mobile access, calendar, contacts, anti-virus, and anti-spam.
Some interesting aspects that get addressed to get emails in Cloud…
-
A million dollar question: so “is my data encrypted and where does my data reside?“
This question is a very significant as it helps organizations to visualize the real scenario. Office365 encrypts data using BitLocker Advanced Encryption Standard (AES) encryption on all mailboxes, indexes, logs. Also, client-side, third-party encryption solutions such as Pretty Good Privacy (PGP) is used for mail transfer and storage. Additionally, users are empowered to exercise Rights Management Service (RMS) for specific items they might desire to encrypt with “who can receive, see and access rights”.
So the next part of the question- where does my data reside?- this is a question that calls great level of facts..lets understand them all..
- Office 365 data resides in Microsoft’s DataCenters (DC) tactically present globally.
- The DCs are monitored vigorously with security personnel with multiple security badges, authentications, biometric scanners, video surveillance and two-factor authentication.
- DCs are monitored using motion sensors, breach alarms and video surveillance
- Cool factor: In case of calamities and natural disasters, it has seismically braced racks where required and automated fire prevention and extinguishing systems
- Office 365 data resides in Microsoft’s DataCenters (DC) tactically present globally.
- Data Segregation: with Office365 being used with a huge client base, one can often wonder if there are chances that data can get mixed up or experience performance issues. Office365 is a multi-tenant service which can host multiple tenants individually and securely thru data segregation and isolation. Active Directory segregates customers using “silos” preventing two co-tenants to access each other’ data. Organizations also have the option of leveraging a dedicated hardware for additional cost.
- A rich outlook functionality enables a seamless user experience with many right-click options
- A very robust calendaring and scheduling function: this also has a trendy drop down reminder approach that facilitates user ease with a very refreshing multi calendar approach too. Embedding attachments in appointments is far more sophisticated in Office 365
- Spam Filtering and Malware detection: Office 365 uses multi-engine antimalware scanning to scan incoming, outgoing mails from malware. It associates the incoming/outgoing data with a Spam Confidence Level (SCL) value wherein, low SCL values are ok to get thru and high SCL values are blocked/deleted at gateway, borderline SCL values go to junk folder and get deleted automatically in 30days. To protect malware thru IM, Office 365 uses intelligent instant message filter (IIMF- Microsoft’s IP)
- A major aspect that gets considered for getting corporate emails in cloud is security.
- Security wise:
- FISMA (Federal Information Security Management Act) Certified
- ISO 27001: Built on standards of ISO27001
- HIPAA and EU Model clauses on data governance
- Single sign-on
- Two factor authentication (https://msexchangeguru.com/2013/04/19/dual-factor-auth/)
- Role Based Access Control
- Cloud Security Alliance criterions are full-filled
To sum up, we don’t say nor do we intend to sound trivialized towards significance of security in cloud. With conformance to so many credentials and standards, O365 needs no more backing up on security front.
Towards the end of the article, we are again at the cross roads of the same question- will cloud based email kill on-premise exchange? Ofcourse there will be few disparities between hosted and online Exchange, but Office365 offers close to 85% of hosted Exchange.
Change is good, and when it is with added benefits it gets even better. We don’t say that on-premise exchange will be killed, but emails in cloud will gain prominence soon. If Confidentiality, Integrity and Availability can be taken care, we are indeed ready to get corporate emails in cloud with Office365.
Every company makes decisions based on Strategy, planning and foreseeing future possibilities coupled with opportunities – Microsoft did nothing different. It is subjective as to what “we think” being Exchange professionals. End of the day all that matters is where technology is heading and how effectively we can place our skills and mutually coexist.
Regards,
Anita Raj
Technology Evangelist
Team @MSExchangeGuru
November 26th, 2013 at 2:29 pm
To me cloud? MS or other vendors are creating unnecessary hype for cloud computing. Cloud is not new, it is there since we have internet. Also, Madam you didn’t mentioned you need high end internet for accessing your data, which is not free. Still in many countries, internet is still not stabilized properly and it is really costly. It cost more than a mailbox on a cloud. On slow link, you cloud just dies. Also, with cloud we are losing customization we can do it on a on-premises servers. Again support, is a big problem after moving to cloud, as we don’t see the servers, we don’t know what is going on at the back-end. Hope you can get more clarity on my questions.
November 26th, 2013 at 2:52 pm
NSA PRISM documentation shows Backdoor Access to Public Cloud servers / Office 365.
November 26th, 2013 at 11:08 pm
Nice overview ..interesting
November 27th, 2013 at 2:57 am
Data Governance competence or incompetence has never got to do anything with technology but more with enterprise process and assets. Situations that came to light with NSA, SFO data loss/leak can be cited with varied reasons ranging from an employee tipping the outside world, data being sent accidently/intentionally to unintended recepients to a smartphone/tablet theft.. Irrespective of the medium of source, whether data is in cloud or not, data is susceptible to threat and breaches. What then becomes really evident is the security protocols that enterprises need to think, visualize and build for their organization. Every type of cloud is meant for a specific purpose, thus what needs to be private has to be in private cloud. Having said that, we need to understand one important fact- any cloud provider (atleast someone reputed like Microsoft) will have to abide by the country/government laws of security for being a cloud service provider. Microsoft provides information only when a government body/NSA comes up with a legal paper/warrant for the purpose and reason behind the data request.
An interesting aspect that comes to light, is that this puts more focus on the government desiring the data than a cloud service provider. Microsoft and few key players have requested the government to publish some public reports regarding the intentions behind these, making the scenario crystal clear to all. Ofcourse with the recent PRISM disclosures, there has been a widening gap between customers and cloud service providers. Office 365 gives the total flexibility to organizations to have native security features along with its own security. Office 365(like highlighted in the article above) gives three pronged security for data- at rest, transit and in use.
Additionally, Microsoft has also announced below features (live by 2014 in Office 365) for message encryption
•Information Rights Management, which blocks an encrypted message from being forwarded, copied or printed without authorization
•Transport Layer Security (TLS), which protects the message in the mail server and Secure Socket Layer (SSL), which encrypts the message [during the travel mode]from the mail server to Office 365 servers;
•Bitlocker, used to encrypt the data on the datacenter harddrives
•Secure/Multipurpose Internet Mail Extensions (S/MIME), which will allow users to include client-side encryption keys
Also, the receipient has to sign with Office365 credentials before the encrypted email can be read
With economic realities, businesses will look in cloud to deliver services.
November 27th, 2013 at 7:06 am
@Anita
“Microsoft Closely Collaborated With NSA To Decrypt Messages”
http://www.techweekeurope.co.uk/news/microsoft-nsa-encrypted-messages-skype-121638
And they will share key to decrypt message today, so the new office 365 message encryption feature is useless.
“NSA has backdoor access to databases”
http://news.cnet.com/8301-13578_3-57588143-38/nsa-has-backdoor-access-to-internet-companies-databases/
Anita, you sound like a “Public Cloud sales person” with no understanding of what is going on with Data Security in the Public Cloud / Office 365 today.
November 27th, 2013 at 10:25 am
@ Anita
Microsoft ‘Closely Collaborated’ With NSA To Decrypt Messages
http://www.techweekeurope.co.uk/news/microsoft-nsa-encrypted-messages-skype-121638
So the new Office 365 is also decrypted.
NSA has backdoor access to Microsoft’s databases
http://news.cnet.com/8301-13578_3-57588143-38/nsa-has-backdoor-access-to-internet-companies-databases/
Anita, I think you sounds like a “Public Cloud sales person”.
November 27th, 2013 at 10:27 am
I agree with Lee.
November 27th, 2013 at 11:17 am
I agree to Lee. That’s why my comment removed yesterday, as i pointed out the gaps.
November 27th, 2013 at 11:27 am
Anita, Also you article is great, however we are telling you real world situation. I did a Office 365 migration and tell you it was a nightmare for me. Took nearly a 6 months to complete the move and several Sev1’s. Secondly, do MS really run Exchange in office 365 cloud? Or do they have any other Exchange version designed for office 365.
November 27th, 2013 at 11:27 am
Anita, Also your article is great, however we are telling you real world situation. I did a Office 365 migration and tell you it was a nightmare for me. Took nearly a 6 months to complete the move and several Sev1’s. Secondly, do MS really run Exchange in office 365 cloud? Or do they have any other Exchange version designed for office 365.
November 27th, 2013 at 12:39 pm
I agree 100% with Lee here.
A lot of companies are looking into Private Cloud & Exchange 2013 On-Premises.
November 27th, 2013 at 4:11 pm
I agree with Lee too.
November 27th, 2013 at 9:33 pm
@Anita Raj….
Nice Article and well explained…!! I am not getting into the technicality but understood whats happening “Email in Cloud”..!! Good one….
November 27th, 2013 at 10:44 pm
Lee has a point that cannot be ignored.
Public Cloud / Office 365 has NO Data security, and NSA PRISM revelations is not helping Public Cloud either.
November 28th, 2013 at 1:27 pm
@Anita – great explanation. Awesome blog.
@Lee – all of us are professionals here, please don’t write a personal comment. These are the technical facts highlights. If NSA needs access, they will come to your office and you will give them all access because we all wants to live in safer world.
@Amit – 6months is not a big deal. How many users and data size. I took 2 years in on prem for 24000 mailboxes but huge data, n numbers of VIPs, n number of apps etc..
November 28th, 2013 at 6:56 pm
@Prabhat
Leave security, migration time etc. on another table. See how many admins are losing jobs after companies are moving to cloud. Cloud vendors are making people jobless. Which is the worst feature of this so called cloud computing.
November 28th, 2013 at 10:25 pm
I agree completely with Lee & Amit.
November 29th, 2013 at 2:05 pm
@Amit – http://www.wservernews.com/archives/2013-09-09.htm#EC
A classic article by our MVP which addresses very interesting nuances for cloud, outsourcing and jobs. Equating cloud to loss of jobs , is comparing to say, if we have automation in place, there will no requirement of technical expertise. Automation and cloud are comparable in the sense, they both offer greater benefits with less process turn around time. That in no way means or drives reduced requirement of jobs. What it does offer, is a better opportunity to focus on significant aspects of an enterprise’s strategy, fostering innovation. Cloud does demand a different skillset , which doesn’t in any way mean- legacy skills are gone!!! What cloud demands is a strong foundation of legacy skills along with a broader focus on emerging technologies across compute, storage and network. Individuals will have to go that extra mile to learn and know things beyond their Infrastructure expertise space. Enterprises/Cloud service providers will any day need skilled people to do the job. Its all about equipping us with the right skills to be/get hired.
December 1st, 2013 at 1:13 am
@Amit
If you think machines will manage office 365 then it is not correct. We will manage o365. So we need to add o365 in our skill set which is too easy. The concept is great which is the reason people are liking. Unless higher management likes and satisfies they don’t approve moving from on prem to O365. Cloud is the future and Microsoft is not alone. World is moving towards automation and improvement. If we would have thought about loosing the job then we would have never ride cycle then motorcycle then car and so on. So what happened to the cycle mechanics, they enhanced their skills and became motorcycle and car mechanics same way System Admin will manage o365. Every tenant has to manage their o365 environment as well.
On the other hand, back-end is exchange and a team is managing it which is another option.
Apart from this financial organizations would never like to move to cloud.
So Options are always there.
December 9th, 2013 at 11:44 am
This should answer NSA question.
http://www.reuters.com/article/2013/12/09/idUS341874140620131209
December 20th, 2013 at 4:26 am
[…] would like to firstly thank for the over-whelming response our recent post Journey to Office 365 – Emails in cloud!!! got. We also received some mixed responses based on Prism disclosures. This post is more about […]