You’ve probably heard the phrase, “Trust but verify.” While many world leaders have applied this saying to politics – it’s also highly relevant in the world of cloud services.

As an increasing number of organizations consider moving their productivity software into the cloud, safety remains a big concern. People often ask: Can I really depend on my cloud service provider to protect my organization’s information? Will they respect my data privacy rights?

My advice – trust but verify. Trust your cloud service provider to keep your data safe. But before you do, take the time to understand its policies. Does your cloud vendor tell you where you data is stored and who has access? Does it offer the transparency you need about how your data will be used? What practices does it have in place that are independently verified? What guarantees are they willing to put into their contracts? In short, what is it doing to earn your trust?

Today, Microsoft made a number of important announcements about our commitment to security and privacy for Office 365. Office 365 becomes the first and only major cloud based productivity service to contractually commit to a set of stringent European Union wide data protection requirements called the EU Model Clauses. Going above and beyond this, we are including additional requirements from individual EU member states in the Office 365 data processing agreement. Every customer can go here to get this agreement added to their Office 365 contract with Microsoft. We are also announcing that we are offering to sign the Business Associate Agreement (BAA) for any Microsoft Enterprise Agreement customer. The BAA helps to enable our customers to comply with the US Health Insurance Portability and Accountability Act (HIPAA) concerning protected health information.

Microsoft has established four Office 365 trust principles that guide our approach to building world class productivity tools:

• Your Privacy Matters – We respect the privacy of your data

• Leadership in Transparency – You know ‘where’ data resides, ‘who’ can access it and ‘what’ we do with it

• Independently Verified – Compliance with world class industry standards verified by 3rd parties

• Relentless on Security – Excellence in cutting edge security practices

These principles grow out of Microsoft Trustworthy Computing, a long-term, collaborative effort to create and deliver secure, private, and reliable computing experiences for everyone. As a core corporate value, Microsoft is committed to continually improving its security, privacy, reliability, and business practices.

To help customers understand the details behind these principles as they pertain to privacy, transparency, compliance, and security, we’ve created the Office 365 Trust Center. Located on our Office 365 website, the Trust Center offers in-depth information in plain English. You can also access written information, videos, and a host of resources that discuss Microsoft’s policies. 

Take a look at the Office 365 Trust Center, and let us know what you think. We welcome your questions and comments.