shutterstock_184473665.jpg

Summit 7 Team Blogs

Office 365 DFARS Frequently Asked Questions (and Answers) - Part 3

There are a lot of questions surrounding the upcoming DFARS requirements for DoD Contractors. What does it mean for your business? What happens if you're not compliant in time? To help guide you through the process, here are some questions and answers that you may need to know.  You can check out FAQ #1 here, or FAQ #2 here.

DFARS_FAQ_13.png13. Do I fully have to move to O365 or can I still use my current on-premises and do a hybrid scenario?

It is certainly possible to maintain a hybrid environment with Office 365; however, it can make the DFARS compliance process more difficult.

 

 

DFARS_FAQ_14.png

14. Are there any real-time dashboards that show my environment and how it’s monitoring security policies and incidences?

Yes, you can look at real time activity within the Security and Compliance center as part of the Advanced Security Management feature.

 

DFARS_FAQ_15.png15. How does O365 protect against Brute Force attacks and Denial of Service attacks?

Microsoft provides multi-layered protection against brute force and DoS attacks.  Below is a whitepaper specifically on how Microsoft provides protection against DoS:  https://www.microsoft.com/en-us/download/confirmation.aspx?id=52667

 

 

DFARS_FAQ_16.png16. Can O365 detect a breach and shut down access automatically?

Yes, Office 365 can have activity policies that allow you to shut down user access immediately once specific and defined parameters are met. However, this requires the Advanced Security Management and associated license(s).



DFARS_FAQ_17.png17. We don’t give company owned phones to people, how can we control them accessing information on their mobile devices?

Office 365 has multiple versions of Mobile Device Management (Office 365 MDM and/or Azure Intune) available within the platform.  By leveraging these capabilities, you can control what and how they access information with their personal devices. 

Intune is required to manage applications and content on BYOD devices. It would take a combination of Microsoft’s Mobile Device Management (MDM), Mobile Content Management (MCM) and Mobile Application Management (MAM) for a full solution, all of which are included in the Azure Intune product stack. In a nutshell, we must ensure device security, limit corporate content to trusted device applications, and ensure corporate content doesn’t bleed into other applications and compromise security.



DFARS_FAQ_19.png18. Does O365 encrypt emails being sent via Outlook?

When properly configured, Office 365 based users can send and receive encrypted email.

 

 

This FAQ is part of a series. Be sure to subscribe and get notified when there's a new post, or check back soon for the next post in the series!

New Call-to-action

 

SHARE THIS STORY | |
About Scott Edwards

Scott Edwards is an accomplished computer engineer and organizational leader with experience in business, project management, systems engineering, training and security. Scott’s technical experience was honed at NASA as a Senior Computer Engineer and the Chief Engineer and Engineering Manager for the NASA Datacenter.

Scott received his Bachelor of Science from the United States Military Academy and his Master of Science in Computer Science with an emphasis in Information Assurance at James Madison University. Scott proudly served as an Officer in the US Army Signal Corps with both the 2-227th Aviation Battalion in Bosnia-Herzegovina and the 1-6 Air Defense Artillery Battalion in Fort Bliss, Texas.

Currently, Scott is the President and Managing Partner of Summit 7 Systems. Summit 7 Systems is Service Disabled Veteran Owned Small Business (SDVOSB) and a Microsoft Gold Cloud Productivity Partner that specializes in Office 365 security solutions.