Microsoft 365 App Certification

Learn365, Perform365, and Engage365 are Microsoft 365 Certified Apps that reach the highest level of security and compliance required by Microsoft. In this article, we will describe the Microsoft 365 App Certification and elaborate on what the certification means for Zensai customers and partners.

 

In this article

 

The Microsoft 365 App Certification

With the Microsoft 365 App Certification, Microsoft confirms that an app solution is compliant and live up to the criteria described in the Microsoft 365 Certification Submission Guide. This means that users of Microsoft certified apps can be confident that their internal data and sensitive information is secured and protected. 

The certification is provided after a complete and yearly review across four security domains by a team of qualified certification analysts:

 

Application Security

This area especially includes a GraphAPI Permission Validation to validate that the app does not request overly permissive permissions and that all permissions are properly justified.

 

Operational Security

This domain ensures that the app’s supporting infrastructure and deployment processes are aligned with security best practices. This includes controls of Malware Protection, Vulnerability Scanning, Patch Management, Event Logging & Monitoring, Change Control, and Risk Management.

 

Data Handling Security and Privacy

This domain requires that data in transit, data in rest, data retention and disposal, and data access management happens in accordance with GDPR, Microsoft's TLS Profile configuration requirements, and Encryption Profile Configuration Requirements.

 

Optional External Compliance Frameworks

Lastly, the validity of external security compliance frameworks are checked, if these has been provided as part of the certification process. This includes ISMS/ IEC - IS0/IEC 27001 specification, PCI DSS, and SOC 2.

 

Protection of privacy and data 

Zensai is dedicated to upholding the highest standards of organizational security and compliance.

The Microsoft 365 App Certification demonstrates that Zensai conforms to the strict guidelines put forth by Microsoft assuring Zensai customers and partners that data and privacy are under control and protected when integrating Zensai apps into their Microsoft 365 platform.

 

“By earning the Microsoft 365 App Certification, Microsoft is assuring customers that Learn365, Perform365, and Engage365 follow secure practices for data handling and app security.”

Leana Gerrad, Microsoft 365 Core PM at Microsoft

 

Microsoft_Certified_App_PNG.png

Apps with the Microsoft 365 Certification logo represents that this app has achieved Microsoft 365 Certification. In addition to app security, this program reviews the practices and procedures the app publisher employs. While customer data is under control of the app publisher, you can rest assured that Microsoft has validated that the app will handle it in a safe and secure manner.

 

Was this article helpful?
3 out of 3 found this helpful