With GDPR (General Data Protection Regulation) looming, many organisations are busy trying to assess the impact on their business, the path to compliance and in many cases, the investment required – particularly in the context of IT and data. Given the complexities of GDPR and to some extent, the uncertainties in the context of IT, many businesses are weighing up the path to compliance and the cost. Whilst many see Cloud as having a bad rep, paradoxically – the use of Cloud services can actually aide compliance and reduce the burden on your business.
Microsoft’s Office 365 solution is a perfect fit for many businesses and may actually help your organisation meet your GDPR requirements.
A key part of GDPR is understanding what personal data you hold and where it resides. Office 365 can assist with that process:
- Data Loss Prevention (DLP) is a built in feature of Office 365, allowing you to configure actions that trigger when sensitive or personal information is detected, helping to block deliberate and accidental disclosure. DLP can recognise 80 common sensitive data-types covering financial services, healthcare and PII (personal identifiable information). DLP in Office 365 can be used alongside a wider range of DLP solutions.
- eDiscovery search allows you to search meta-data and other textual information contained within e-mail and Sharepoint, helping you to identify documents or content that may be subject to a compliance investigation or similar request.
- Customer Lockbox allows you to set explicit data access rules that allow you to remain in control in the event you require tech support or assistance from Microsoft. All actions are logged and audited.
- Advanced Data Governance uses machine learning and similar technologies to help your business discover, find, classify and configure policies on data, throughout the whole data life-cycle.
After discovery and classification, protection is fundamental to GDPR. Office 365 has several mechanisms that can safeguard and secure your data:
- Advanced Threat Protection scans for viruses, malware and other threats. Policies help prevent malicious attachments landing with your users and the scanning engine can detect high-risk links contained in e-mail.
- Advanced Security Management spots trends such as high-risk or abnormal usage. This visibility can alert you to potential breaches.
- Audit Logs provide comprehensive logging and reporting about what activity your users are undertaking, allowing you to detect and investigate security and compliance issues.
- Threat Intelligence provides deep insights, leveraging Microsoft’s extensive reach and business scale, allowing them learn about new and emerging threats before they can impact your business.
Find out more about Office 365
If your business has GDPR obligations and you are wondering how to gain compliance, Office 365 should be a consideration. Not only is Office 365 an excellent enterprise solution, it can also solve many of the GDPR headaches IT departments are facing. If you would like advice or a partner to work with you on your GDPR initiatives, please get in touch firstname.lastname@example.org or 01624 640400