Microsoft’s release yesterday of Office 365, a suite of cloud-based services for small and mid-sized businesses (SMBs) and enterprises, has been getting a lot of attention in the press. One egregiously poor decision by Microsoft, though, has not been talked about quite as much. Ed Bott over at ZDNet, though, picked up on it:
If you sign up for one of the Office 365 Enterprise plans, all your users can connect to SharePoint using secure (HTTPS) connections. If you have a Professional (small business) plan, you don’t get that capability. For a small business that deals with sensitive documents, that’s a potentially dangerous configuration.
Let me be very clear about this: baseline security is not an option, and it shouldn’t be sold as a value-added feature. Microsoft claims “Office 365 comes with the robust security and reliability you need to run your business, all for $6 per user per month.” Offering SharePoint, which provides businesses with document sharing and other intranet capabilities, without protecting the confidentiality of data transmissions to and from the server, is not “robust security.”
One has to wonder what other security trade offs Microsoft made with Office 365 that are not yet evident. Until Microsoft demonstrates that it really stands behind its “robust security” claims, SMBs would be well advised to avoid this new offering.