In May 2018, the EU will fully implement the General Data Protection Regulation (GDPR), one of the most significant changes to EU privacy law in two decades. In Ireland, the Data Protection Commissioner (DPC) has already taken noticeable steps in assisting businesses to prepare for the GDPR, by launching a GDPR-specific website www.GDPRandYou.ie and introductory document “The GDPR and You”.
Considering that the GDPR can enforce fines of up to 4% of the annual turnover depending on the organisation’s standing, data breaches no longer pose merely a subjective threat to how data is shared, stored, and consumed.There are numerous blogs, articles, webinars and podcasts which address the subject, but in this post, we will explore how Microsoft Office 365 can help you prepare your organization for the new GDPR.
An essential step to meeting the GDPR obligations is discovering and controlling what personal data you hold and where it resides. Office 365 offers a number of core features for controlling the data that you store within all components.
- Data Loss Prevention (DLP) is a built-in feature of Office 365 which can identify over 80 common sensitive data types, from financial data to personally identifiable information. In addition, DLP allows organisations to configure actions to be taken upon identification to protect sensitive information and prevent against inadvertent disclosure.
- eDiscovery allows you to quickly identify relevant data across your Office 365 assets e.g. SharePoint Online, OneDrive for Business, Skype for Business etc. In addition, Office 365 Advanced eDiscovery intelligently uses machine learning, predictive coding, and text analytics to reduce the costs and challenges of sorting through large quantities of unstructured data.
- Customer Lockbox is a tool helps you meet compliance obligations for explicit data access authorisation in the event that a Microsoft engineer may need access to your content to resolve an issue. Actions taken are logged and accessible to you so that they can be audited.
- Advanced Data Governance Services help you achieve organizational compliance by leveraging machine assisted insights to help you find, classify, set policies on and take action on the data that is most important to your organization.
When an organisation entrusts their data to Microsoft Office 365, they remain the sole owner, they retain the rights, title and interest in the data. Office 365 helps to safeguard the organisation and provides features and services to meet some of the core data protection GDPR policies:
- Advanced Threat Protection helps protect your email against new, sophisticated malware attacks in real time. Policies help prevent malicious attachments landing with your users and the scanning engine can detect high-risk links contained in e-mail.
- Threat Protection lets you proactively uncover and protect against advanced threats by analyzing billions of data signals across Office consumer and commercial services. Threat Intelligence also provides deep insights from cyber threat hunters to create a comprehensive view of malware trends around the world.
- Advanced Security Management (ASM) enables you to set up anomaly detection policies, so you can be alerted to potential breaches of your network. Advanced Security Management also leverages behavioral analytics as part of its anomaly detection to assess potentially risky user behavior.
- Office 365 Audit Logs provide comprehensive logging and reporting about what activity your users are undertaking, allowing you to detect and investigate security and compliance issues.
The Microsoft Office 365 ecosystem provides essential services that should be considered when preparing for the new GDPR. As a Microsoft Partner, we can use our deep knowledge of the product and our years of practical experience to show organisations some of the features and services of Office 365 that can be effectively implemented to accelerate GDPR compliance.
If you haven’t already, now is the time to start preparing for the new GDPR. For more information on how Microsoft Office 365 can assist you in this preparation, contact our team of experts by email: firstname.lastname@example.org or by phone: 061-503009