Microsoft Office 365 Announcement Emphasizes SaaS Office Compliance Concerns

Nemertes Impact Analysis:

Microsoft (NASDAQ:MSFT) is beefing up compliancefor its Software as a Service (SaaS) Office 365 to address enterprise compliance concerns. Microsoft has completed an ISO 27001 certification for Office 365. ISO 27001 is an objective, annual security assessment of security practices and procedures. Microsoft is also including Business Associate Agreement (BAA) contract provisions (developed by U.S. Department of Health) to address Health Insurance Portability and Accountability Act (HIPAA) data privacy requirements. In comparison Google (NASDAQ:GOOG) does not yet have ISO 27001 certification but does have Federal Information Security Management Act (FISMA) certification. FISMA and ISO27001 are very similar.

Just over 16% of organizations are using SaaS Office while nearly half of all organizations have no plans, primarily due to security and compliance concerns.

Impacts:

Enterprises: Look for objective assessments of SaaS Office security controls. These include ISO 27001, FISMA and conformance with Cloud Security Alliance (CSA) guidance.

Vendors: All SaaS office vendors including Google, IBM (NYSE:IBM) and privately held Zoho will need to achieve similar compliance certifications and support compliance contractual clauses.

Investors: Boost for Microsoft.

Sign Up To Receive Nemertes Impact Analysis By E-mail

Follow Nemertes Research on Twitter

Become a Nemertes Fan on Facebook