Data Security with Microsoft Applications

Microsoft cloud offerings, including Azure/Entra and Office 365, are fully certified to meet the highest security standards established by the United States government. This includes compliance with the Federal Risk and Authorization Management Program (FedRAMP) and NIST 800-171. 

This certification does not mean that SharePoint, OneDrive, or Teams folders are always appropriate for all data storage applications. Work with your department's Technology Support Center (TSC) staff before using Microsoft for storage or transmission of sensitive University information. Your support staff will be best equipped to ensure the appropriate storage environment configurations and establish procedures for properly handling data in that environment.

Sensitive Information includes (but is not limited to) Personally Identifiable Information (PII), Protected Health Information (PHI), and other Category 1 data. Please reference KU’s Data Governance Policies and Procedures for additional information.