Enterprise Adoption of Office 365 SaaS is High, But Security Concerns Linger

MAY 5th, 2015 — Enterprise adoption of Microsoft’s software as a service (SaaS) office suite Office 365 is high, as evidenced by recent earnings statements, but security concerns linger, according to a new survey and white paper from IT security solutions vendor Cryptzone.

The  survey was conducted by Cryptzone in collaboration with third-party research organization TechValidate, who questioned 107 IT professionals in order to address how enterprise organizations are utilizing Office 365 and SharePoint, which applications they are using from the platform, where those applications have limitations, and how organizations perceive the security of Office 365 for controlling sensitive data, according to an official statement from Cryptzone.

The survey’s results, outlined in Cryptzone’s new white paper, show that most organizations use Office 365 and SharePoint for their collaborative nature, and ability to connect employees on a wide variety of projects. 44 percent of survey respondents cite universal access for employees as the principal driver for Office 365 use.

Concerns about security and privacy— valid or not—are the biggest barrier holding back adoption of cloud computing and Office 365 is no exception to that rule. According to Cryptzone’s white paper, 34% of respondents are not planning to store confidential information in Office 365. Survey respondents felt uncomfortable or extremely uncomfortable storing the following sensitive data in Office 365: financial documents (48%), HR documents (41%), Intellectual Property/IP (46%), military or intelligence data (61%), regulated data such as PCI, PII, and PHI (40%).

“Office 365 is here to stay,” said Chris McNulty, CTO and Microsoft SharePoint MVP, for Cryptzone in a prepared statement.  “As companies migrate to the cloud, the focus needs to be on uniformly securing all environments, on-premises or  cloud.”

Today, at Microsoft’s first annual Ignite conference in Chicago, Cryptzone announced support for Microsoft Azure across its suite of cyber security solutions, including AppGate Secure Access and HiSoftware Security Sheriff for Office 365.

“While Office 365 provides unmatched productivity and cost-effectiveness, many are still concerned about its security. Organizations should consider taking a layered approach to security, to help them increase their comfort level and confidence in working in the cloud,” said McNulty.

Check out key findings and infographics from Cryptzone’s survey below, or download the white paper in full here.

Key Findings 

Office 365 Holds Sway 

• 48% of organizations surveyed currently use Office 365. An additional 15% plan to use it within the next year; 6% in the next two years and 10% in the next 5 years; 21% noted they had no plans to use it.
• Of the capabilities within Office 365, the most commonly used are Exchange and Office (44% each), followed by SharePoint Online (40%), OneDrive (39%), and Lync (36%).
• 44% of respondents cite universal access for employees as the principal driver for Office 365 use.
• The second most common reason for using Office 365 was functionality (29%), followed by economics at 26%.
• 70% of respondents reported that up to 50% of document collaboration is already done in the cloud. 100% of respondents said that they plan to go to the cloud within the next 5 years.

Organizations Are Addressing Security, But Concerns Remain

• A majority of organizations (54%) believe there is enough built-in security to store confidential documents in Office 365.
• Of those planning on maintaining an on-premises installation permanently, integrations with other on-premises data (61%) and third party security concerns (45%) were primary drivers.
• 34% of respondents said that they are not planning to store confidential information in Office 365.
• Respondents felt uncomfortable or extremely uncomfortable storing the following sensitive data: financial documents (48%), HR documents (41%), Intellectual Property/IP (46%), military or intelligence data (61%), regulated data such as PCI, PII, and PHI (40%).
• When asked how companies that store or plan to store sensitive data in Office 365 plan to secure it, the top four solutions cited were permissions (79%), access control (74%), active directory (71%), encryption (51%), and classification (27%).