With the European Union’s new General Data Protection Regulation (GDPR) taking effect on May 2018, many companies are now working on complying with it. Gartner believes that less than 50% of all organizations will be able to fully comply before its takes effect. However, using the cloud can help dramatically increase compliance rate and Microsoft has worked with countless experts to help make its solutions simple and user friendly.
With roughly 160 GDPR requirements, which include how to collect, store, use personal information and even a mandate for a 72-hour notification for personal data breaches, it’s clear that using cloud technologies can help the speed of compliance in many organizations. With this in mind, Microsoft has worked on their Trusted Cloud Principles, in which security, privacy, compliance and transparency are included, to help provide a unique journey to GDPR compliance. Microsoft announced on February of this year that their cloud services would comply with the GDPR by next year May, which include Office 365, Dynamic 365, Azure (including Azure data services), Enterprise Mobility + Security, and Windows 10.
Cloud for compliance
Besides being compliant, Microsoft Cloud provides built-in sophisticated controls that can help you comply with the GDPR requirements. Azure Information Protection is an example of one of the capabilities in the arsenal of Microsoft. Azure Information Protection provides document tracking and revocation capabilities, this gives you the ability to monitor the flow of sensitive data and revoke access to it at any time.
Microsoft Cloud can also be used to discover, manage, protect and report on GDPR-related data. With powerful intelligence capabilities on Microsoft Cloud, using features such as Office 365 Advanced Data Governance can intelligently manage your organization’s data with classifications, which can label sensitive data so that you can apply policies for either protection, retention or deletion.
Microsoft also plans on releasing a new dashboard as well to help provide a quantitative assessment to help identify where you are in your journey to GDPR compliance.