In the company’s most recent quarterly earnings call, Microsoft announced that its commercial cloud revenue grew 88 percent to an annual run rate of $8 billion. That revenue figure also includes Azure and Microsoft Dynamics, but the key performer in Q4 2015 was Microsoft Office 365. The cloud productivity suite includes browser versions of the company’s signature Word, Excel and PowerPoint applications along with collaboration and file-sharing applications OneDrive, SharePoint Online and Yammer as well as Exchange Online, the cloud version of its popular email platform.
Microsoft added three million Office 365 subscribers last quarter, bringing the total to 15.2 million users. An analysis by Skyhigh Networks found that 87.3 percent of Fortune 500 companies have at least 100 active Office 365 users. The high penetration rate in large enterprises bodes well for the future of Microsoft’s cloud offerings. There is also huge potential for growth. Just 6.8 percent of users at these companies have been migrated to Office 365. That leaves the rest using legacy on-premises versions of Exchange and SharePoint.
Considering that Office 365 customers pay up to 80 percent more compared with on-premises users, if Microsoft can expand its footprint within large enterprises, the growth potential for Office 365 could be enormous.
Even today, the average enterprise uploads 1.37 TB of data to Office 365 each month. While this is a significant amount of data, what’s even more striking is that 17.4 percent of documents uploaded to OneDrive and SharePoint Online contain sensitive data – defined as personally identifiable information (e.g., Social Security numbers, phone numbers, home addresses, etc.), protected health information (e.g., patient diagnoses, medical treatments, etc.), payment data (e.g., credit card numbers, debit card numbers, bank accounts, etc.), or confidential data (financial records, business plans, source code, trading algorithms, etc.).
The fact that enterprises trust the security of Office 365 to store their business-critical data is a positive sign as Microsoft works to migrate its massive installed base from on-premises applications to the cloud. According to a study by Vanson Bourne, business customers look to cloud platforms like Microsoft Office 365 to reduce their IT cost, gain access to flexible capacity, improve collaboration between employees and with business partners, provide better access to collaboration tools on mobile devices and get access to innovative software that’s always up to date.
That same study found companies leveraging cloud services experienced a 20.7 percent average improvement in time to market, 15.1 percent reduction in IT spending and an 18.8 percent improvement in employee productivity. The reason customers pay more for cloud software is that the hardware and maintenance is taken care of by the vendor and they no longer need to manage their own data center, resulting in an overall reduction in IT cost.
Crucially, these companies also experienced a 19.6 percent increase in their revenue growth by using cloud services. That is perhaps the most important reason a company chooses to adopt cloud services today. They’re looking for a competitive advantage over rivals, and the ability to do more using cloud-based software gives them an edge.
The move to the cloud is not without risk. As companies store more sensitive data in the cloud, the same productivity tools that make it easy to share data with others also increase the risk that sensitive data could inadvertently be shared outside the company. For instance, 1.8 percent of documents in OneDrive and SharePoint Online contain payment data. Obviously, if those credit card numbers or other banking information were leaked publicly or shared with the wrong person, it could create a compliance issue (or potential lawsuit) for the organization.
Another 2.2 percent of documents contain protected health information that is regulated by HIPAA. Again, the unintended sharing of this data can create problems. St. Elizabeth’s Medical Center was recently fined $218,400 for its use of a cloud-based file-sharing service to store health information. Specifically, the fine resulted from the organization’s failure to “implement sufficient security measures” for protected health information and its failure to “timely identify and respond to a known security incident.” Given the scale of medical information in the cloud, experts recommend organizations take advantage of DLP features to prevent data loss.
Another potential risk: the average company has 143 files on OneDrive that contain the word “password” in the filename. Not surprisingly, most security experts would recommend against storing passwords in an unencrypted Excel file called “passwords.xslx” stored in a cloud service that makes it easy to share the file with other people. However, many people are unaware of the potential risk. These and other high-risk behaviors pose potential obstacles to companies looking to take advantage of the productivity-enhancing benefits of secure cloud platforms like Office 365.
Microsoft’s Office 365 revenue opportunity is enormous. The opportunity for businesses to lower cost and achieve higher growth by leveraging Microsoft’s cloud suite is similar in scale. However, businesses will need to balance access to productivity tools with the risks of storing sensitive data in the cloud.
Harold Byun is VP of product management at Skyhigh Networks. Prior to Skyhigh, he worked at MobileIron, where he focused on mobile application delivery and security. Prior to MobileIron, he led the product management group at Zenprise (acquired by Citrix), where he launched their mobile DLP product and cloud offering to market. He also worked with the Vontu/Symantec DLP group and is the co-inventor on a patent filed for security risk visualization and scoring.