This podcast conversation covers the different steps in assessing Microsoft Cloud Services. It provides customers with optimized tools and processes to help them get a quality assessment done quickly while focusing on the most important risks. The conversation begins by discussing Solution Security Design, which involves choosing product features that must be enabled to meet internal security and compliance requirements.
It then moves on to Step 6: Risk Action Plans and Service Approval, which involves joining up a business case, risk assessment or summary, compliance assessment or summary, and risk exceptions into a management letter asking for approval to start consuming the cloud service. Step 7 is about notifying financial and privacy supervisors of the new outsourcing arrangement.
Finally, Step 8 is about joining the Microsoft Cloud Financial Services Compliance Program and production deployment. The estimated time to complete this process is two days plus lead time. This podcast conversation discusses the steps to take when assessing risk and deploying Microsoft cloud services. It is recommended to notify financial supervisors after a risk approval has been obtained, and not wait until moments before deployment.
The Regulatory Notification Template is available, and estimated time to complete this process is approximately two months. Additionally, joining the Microsoft Cloud Financial Services Compliance Program (FSCP) is optional but offers insight into risk and performance of cloud services.
Finally, other prerequisites such as technical preparation, data migration activities, upgrading network connectivity and modifying security perimeter can take place in parallel with the risk assessment phase in order to keep deployment time short.
Useful resources for evaluating cloud services include Microsoft Cloud Security Data Management & Transparency, Cloud Encryption & Tenant Isolation in Office 365, Data Resiliency & Retention/Deletion/Destruction in Office 365 as well as Administrative Access Controls in Office 365. This podcast conversation discusses Office 365 auditing and reporting features, as well as how to protect against DDOS attacks in Office 365.
It also covers the Office 365 Customer Security Considerations Workbook, User Guide, Azure Security and Compliance Blueprint, Introduction to Azure Security White Papers, Dynamics 365 Security Overview, Microsoft Cloud Compliance Offerings, Microsoft Cloud Financial Services Compliance Program and Compliance Guidelines per Country. The podcast is hosted by Diana Emerson and provides viewers with how-to videos on their channel.