Currently, Stanford University uses Microsoft 365 A3 licenses across its various schools and business units. However, these existing licenses lack advanced security features, such as the automatic assignment of Microsoft Information Protection (MIP) labels. This is one of the many security improvements needed to meet the stringent security requirements for handling protected health Information (PHI) as part of the data security and compliance requirements of the ACT program.
As part of this initiative, Stanford University is embarking on several projects to upgrade all university users from Microsoft 365 (M365) A3 licenses to M365 A5 licenses. This upgrade aims to enhance security by integrating essential features and ensuring alignment with Stanford’s IT security standards. Additionally, the new license level will offer increased cloud storage capacity for Microsoft OneDrive and SharePoint Online.
Chief Information Security Officer (CISO) teams from the university, Stanford Health Care, and Stanford Children's Health are participating in working sessions to develop data loss prevention policies, new standard security policies, and new data access control policies. The expressed goal of the security improvements is to create a more collaborative and more secure environment than the current Medicine Box platform.
