Microsoft announces Customer Lockbox for Office 365
During this week’s RSA conference in San Francisco Microsoft has announced a new feature for Office 365 called ‘Customer Lockbox’. This new feature is designed to provide unprecedented control over a customer’s content stored on Microsoft’s platform.
Customer Lockbox administers access control through multiple levels of approval within Microsoft. It logs and audits all Office 365 control actions and provides access with limited and time-bound authorisation.
Essentially this enables the owner of the Office 365 account to scrutinize any request for access to their data including support from Microsoft themselves. By default requests have a lifetime of 12 hours, after this time the engineer will be unable to access customer content and will have to submit another request for access.
Customer Lockbox will be available by the end of the 2015 for Exchange online and Q1 2016 for SharePoint Online. The new feature will not be enabled by default but those who do opt-in will increase the separation of server administration from the data stored in Office 365 resulting in an added layer of security.