With just a couple of days to go until the implementation of the EU General Data Protection Regulation (GDPR), it’s worth considering how the new regulation works in conjunction with Microsoft 365.
On the one hand, the Office productivity suite is used by the vast majority of businesses, and, as we’ve blogged before, most organisations should be considering a shift to Office 365 as part of their general cloud migration strategy. With this in mind, it’s vital for Microsoft 365 to be a central part of GDPR preparations and activities. The data generated by your Microsoft activities, and the applications you run, all need to managed in a GDPR compliant fashion.
On the other hand, some new features in Microsoft 365 have actually been designed to make your road to GDPR compliance easier. Essentially, the firm has made its Compliance Manager tool generally available as ‘an additional value for Azure, Dynamics, and Office 365 Business and Enterprise subscribers in public clouds’, whilst also launching two additional updates: Compliance Score and Azure Informtion Protection.
What do these updates mean?
Compliance Manager is a tool that enables organisations to meet complicated compliance requirements. It’s not specifically designed for the GDPR; rather, it can be used to meet any number of regulatory frameworks, so it’s also useful if you operate in an industry or undertake activities with broader compliance requirements. It provides a bridge between data protection capabilities and regulatory requirements, so you can understand what actions you need to undertake to achieve specific certifications or meet specific regulatory requirements. The platform provides you with a recommended action or action for each certification or regulatory control, seamlessly. You can create multiple assessments for each standard and regulation, enabling the assignment, tracking and recording of all compliance activities. In turn, this fosters greater collaboration between teams and easier audit management.
Compliance Score, a feature which is included as part of Compliance Manager, is designed to facilitate ongoing risk assessments across your Microsoft Cloud services, with each separate control item given a risk-based score reference. This capability categorises actions according to whether they are managed by Microsoft or whether they are managed by you, so get clear, top-level visibility into how Microsoft’s tools help you meet compliance demands, and what additional actions you need to take.
Azure Information Projection scanner is designed specifically for the protection of documents, allowing you to discover, classify label and protect them both on premise and in hybrid environments. In this way, documents can be protected even as they travel through multiple locations – the protection travels with them.
Overall, this suite of tools provides powerful new layers of insight into how Microsoft actively works to ensure that its technologies work within relevant compliance frameworks – while also enabling you to clearly see what responsibilities you need to take on yourself.
Microsoft and compliance: a long-term roadmap
Microsoft’s position – which we share – is that GDPR is much more than just a new regulatory requirement. Rather, it offers a long-term opportunity to develop a clear framework of trust and transparency for your business operations, as well as to drive greater employee collaboration and productivity. The road ahead may be complex, but Microsoft is setting in place clear roadmaps to help you along the way.
Let our experts creat a customer solution to meet your business needs.
+1 (718) 766 7960
+44 (0) 203 328 5000