Gimmal Blog

Read the latest thought leadership and industry news from the experts at Gimmal!

All Posts

Data Encryption & SharePoint Online

Raise your hand if you haven't been impacted by a data breach in the last year. If your hand is up, data privacy and encryption is something you probably wish you didn't have to care about. If your hand is down you are probably one of the information technology or security folks that may be mad at me before you finish reading this post about data encryption and SharePoint Online.

Data privacy has become a hot topic for Information Governance recently due to the consistent attacks being done on networks around the globe. One of the key technologies behind protecting the privacy of our information is data encryption, and this becomes an important topic when making decisions to migrate your data to SharePoint Online with Office 365 or keeping your documents on premise.

RecordLion is very pro-cloud, in fact all our systems are cloud based (Office 365, DropBox, Hatchbuck, QuickBooks, Toggle, Visual Studio, Adobe and more). We trust each of these organizations and believe while they are targets for attacks, they are doing more than we ever could to keep our data safe.

When is Data Encrypted?

When referring to the usage of SharePoint Online (and OneDrive for Business), data encryption can be applied at three different times: when you are using the data outside the control of the storage system, when it is at rest, and when the data is in transit (between you and the data center). If you create a practice of editing documents on the server, a really good feature of both SharePoint and OneDrive, you can narrow down encryption to later two, at rest and in transit.

This video from Microsoft shows how data is encrypted in SharePoint Online and OneDrive for Business at rest and when it's in transit to or from the data center originally posted on the Microsoft Office Blog.

What about my IT team?

Implementing SharePoint (mostly on premise) for the past 10 years, I rarely run across an information technology or security team that believes (or maybe just admits) that the Microsoft cloud could possibly be more secure when it comes to the protection of their (and their customers) information. While it may be entirely true that the odds of having a breach may be lower for your organization, likely because you're not a target, it doesn't seem feasible to me that most organizations could have possibly spent the time and resources to prepare as much as Microsoft (or Box, Google, Huddle, etc.)

By Chris Caplinger

Related Posts

Why Should Records Management be Important to You

Why should an organization care about records management? When users throughout all departments are creating new records without a thought to how they are cataloged or tagged, the sprawl of records can become a real threat. Unstructured data can lead to compliance issues for highly regulated industries. When proper records management isn’t a top priority, content that should have been disposed of for security purposes is left vulnerable for anyone to find and distribute.  

Creating Compliance in Chaos: A Consultant's Story

Records and Information Management (RIM) is constantly changing and evolving as record managers begin to realize the benefits of automation in their daily operations. In my 6 years of consulting, I have seen everything from heavily manual business processes to automated document management solutions.  Even as time goes by, information professionals continue to face the long-standing hardship of trying to get end users to comply with either internal or external regulations when it comes to records management.  Lately, there has been an apparent shift from ridged business centric solutions to end user centric solutions. 

Gimmal at ARMA International InfoCon 2019

Once a year, members in the records management community come together for ARMA’s annual conference to discuss the latest advancements and best practices for modern information managers.  ARMA, the global authority of information management and governance, hosted this year’s conference, ARMA InfoCon, in Nashville, TN. While attendees were not in the typical “record” industry that Nashville is known for, the location called for a great mix of music and information management knowledge.