As more enterprises adopt Microsoft Office 365, new questions are arising about the security and compliance of corporate data. In moving to the cloud, enterprises outsource server management, upgrades, and datacenter operations to Microsoft. However, they only partially outsource their security responsibilities. Operating under a shared responsibility model, Microsoft takes responsibility for intrusions into the Office 365 platform. However, Office 365 customers are still responsible for actions users take that can expose corporate data to loss or create compliance violations.