Data protection and compliance is a major concern for organizations worldwide. With the introduction of the Service Trust Portal, organizations working to support or protect the privacy rights of individuals in Microsoft’s online environment can now rest easy.
Defining the Service Trust Portal
This is a one-stop shop for security, regulatory compliance, and privacy information related to the Microsoft Cloud. The Service Trust Portal, also referred to simply as STP, is a service feature available within Microsoft Office 365 that provides current and prospective users of the platform with a wealth of insight into how the tech giant manages privacy, compliance, and security.
This platform is the location where Microsoft shares information that organizations need to perform due diligence and evaluate all of Microsoft’s cloud services. Microsoft has launched this service as a way to help improve transparency, enhance understanding, and simplify assessments for its users.
What is contained on the STP
The Microsoft Service Trust Portal (STP) contains quite a bit of useful information aggregated from all across the Microsoft cloud services. It also has tools and other resources that organizations need for all things concerning security, compliance, and privacy.
STP is home to in-depth information regarding Microsoft’s way of managing security and how you can access it as a user. The portal has information about compliance and privacy within the Office 365 environment, with the goal of making it easier for users to understand how Microsoft cloud services safeguard data so they can meet their own regulatory compliance objectives.
These include audit reports from independent third-party service providers. Users can find information regarding the ways in which Microsoft’s online services may be able to help organizations comply with regulations and laws. The following standards are included:
NIST, or the National Institute of Standards and Technology
FedRAMP, or the Federal Risk and Authorization Management Program
ISO, or the International Organization for Standardization
SOC, or the Service Organization Controls
General Data Protection Regulation, abbreviated as GDPR
The regulatory environment is just as dynamic as business risks. With all the compliance-related documents in this platform including audit reports, frequently-asked questions, white papers, and more, you’ll be able to learn everything you care to know.
There are a rich variety of tools on the platform. These include the resources you’ll need for data protection, risk assessment, and compliance management. These resources should simplify your compliance journey.
Microsoft Cloud compliance resources
STP is also loaded with other resources about Microsoft’s security, privacy, and compliance practices. Essentially, these are centralized resources for all of Microsoft’s Cloud services.
Accessing the Service Trust Portal
STP is a free resource available to everybody; both existing Microsoft online services customers and those who are simply evaluating the cloud-based platform.
To access the Microsoft Service Trust Portal or any of the STP materials, you must be logged in to the platform with your Microsoft cloud services account.
Whether you have an Azure Active Directory account or a Microsoft account, log into that account to take advantage of all the tools and resources now available. You will be asked to accept their Non-Disclosure Agreement for Compliance Materials, so click on “Accept” to move forward.
If you are a current Microsoft cloud services registered user, you can access the Service Trust Portal at https://aka.ms/STP with any of the following internet subscriptions available for both trial and paid users:
Microsoft Dynamics 365
New customer sign-up
If you are just considering Microsoft online services for the first time or as a new user, you have the option to create a new account or create a trial account. Either of these should allow you to access the Service Trust Portal.
That said, you can use any of the following sign-up forms to gain access to the Microsoft STP. Ensure that you enable Azure Active Directory at the time of signing up to support your access to the STP.
After you are logged into STP, you can access any of the content available on the platform by navigating to the section containing the item you’re looking for and clicking on it.
To review content on the STP, pick an option from the menu: Audit Reports, Data Protection, Azure Security and Compliance Blueprints, Poland Compliance, Romania Compliance.
Once you locate the item you need, you can click on it and download it locally for your own use. Other resources such as the FAQs are serviceable from within the STP, so you won’t have to constantly download documents to your hard drive.
You’ll be happy to know that Microsoft is regularly adding more tools to STP to empower organizations. So, you’ll want to keep checking back to STP for the latest available information.
Brian Gray, MCP, is the President at Kraft Technology Group, LLC (KTG), an affiliate of KraftCPAs PLLC. Within his role, Brian is responsible for all aspects of service delivery to our clients. Brian has a decade of experience working for managed service providers. He has worked with clients in a variety of industries, including financial services, accounting, legal, healthcare, manufacturing, and retail.