M365 provides an information protection strategy to help with the GDPR

The EU General Data Protection Regulation (GDPR) is the most important change in data privacy regulation in 20 years - after four years of preparation and debate the GDPR was finally approved by the EU Parliament in 2016. The GDPR is increasingly seen as a long-term opportunity to establish greater trust with customers and further unlock employee collaboration and productivity in many businesses. The enforcement date will be 25 May 2018, that is why Microsoft 365 updates and capabilities are designed to provide an information protection strategy to help their customers with GDPR compliance.

Microsoft 365 brings together Office 365, Windows 10, and Enterprise Mobility + Security—offering a rich set of integrated solutions that help you assess and manage your compliance risk by leveraging Artificial Intelligence (AI) to protect your most important data and streamline your processes with a sophisticated and holistic solution set.


Updates in Microsoft 365 (currently rolling out):
  • Compliance Manager general availability for Azure, Dynamics 365, and Office 365 Business and Enterprise customers in public clouds.

  • Compliance Score availability for Office 365.

  • Azure Information Protection scanner general availability.


Capabilities in Microsoft 365:
  • Protect sensitive data in apps and across cloud services.

  • Support data protection across platforms.

  • Provide a consistent labeling schema experience (in preview).

Assess and manage compliance risks with Compliance Manager

Because achieving organizational compliance can be very challenging, it can be helpful for organizations to periodically perform risk assessments to understand their compliance posture. Compliance Manager is a cross–Microsoft Cloud services solution designed to help organizations meet complex compliance obligations like the GDPR. The Compliance Manager is now generally available for Azure, Dynamics 365, and Office 365 Business and Enterprise customers in public clouds.


Perform risk assessments with Compliance Score

Compliance Score—a Compliance Manager feature—enables you to perform ongoing risk assessments on Microsoft Cloud services with a risk-based score reference, giving you visibility into your compliance performance. Each control is assigned a risk weight based on the level of risk involved due to control failure, and as you implement and assess controls, you will see your score change. Compliance Score is currently available for Office 365 and will be rolling out to other Microsoft Cloud services soon.


Protect sensitive data on-premises

Azure Information Protection scanner addresses hybrid and on-premises scenarios by allowing you to configure policies to automatically discover, classify, label, and protect documents in your on-premises repositories such as File servers and on-premises SharePoint servers. The scanner can be configured to periodically scan on-premises repositories based on company policies. Azure Information Protection scanner is now generally available.


Protect sensitive data in apps and across cloud services

Since data travels through many locations—across devices, apps, cloud services, and on-premises—it is important to build the protection into the file so this protection persistently stays with the data itself. Azure Information Protection provides persistent data protection by classifying, labeling, and protecting sensitive files and emails.

Microsoft Cloud App Security (MCAS) can read files labeled by Azure Information Protection and set policies based on the file labels. For example, a file labeled as Confidential, with an associated policy of “do not forward or copy,” cannot leave your network via file sharing apps like Box.net or Dropbox. In addition, the service scans and classifies sensitive files in cloud apps and automatically applies AIP labels for protection—including encryption.


Support for data protection across platforms

As part of Microsoft’s information protection vision, their goal is to cover all major device platforms. Microsoft is now previewing the ability to label and protect sensitive data natively, with no plugins required, in Office applications running on Mac devices. This enables Mac users to easily classify, label, and protect Word, PowerPoint, and Excel documents in a similar manner that customers are used to with the Azure Information Protection client on Windows. Considering that a significant amount of sensitive information is in PDF format, Microsoft is in the process of working with Adobe to have the same consistent labeling and protection of PDFs available in Adobe Reader.


Consistent labeling schema experience now in preview

Microsoft is previewing a consistent labeling schema that will be used across information protection solutions in Microsoft 365. To start, this means that the same default labels will be used across both Office 365 and Azure Information Protection—eliminating the need to create labels in two different places.

The consistent labeling model also helps ensure that sensitive labels—regardless of where they were created—are recognized and understood across Microsoft 365, including Azure Information Protection, Office 365 Advanced Data Governance, Office 365 Data Loss Prevention, and Microsoft Cloud App Security.
 

Detect and classify personal data relevant to GDPR

The ability to automatically classify personal data is a critical part of helping you achieve your GDPR goals. Today, there are over 80 out-of-the-box sensitive information types that can be used to detect and classify your data.  Soon Microsoft will provide a GDPR sensitive information type template to help detect and classify personal data relevant to GDPR. The upcoming GDPR sensitive information type template will help consolidate the sensitive data types into a single template—as well as add several new personal data types to detect (such as addresses, telephone numbers, and medical information).

For sensitive emails, Microsoft 365 enables users to collaborate on protected messages with anyone inside or outside the organization via Office 365 Message Encryption. To provide more flexibility over controlling and protecting personal information shared in sensitive emails, Microsoft rolled out the new encrypt-only policy in Office 365 Message Encryption in February.

You can find further information here.

Stay Up-to-date

For regular updates and articles from COMPAREX, click below to follow us:

 Follow us on LinkedIn

Interested in more than Microsoft?

Find here all press releases and blog articles of the COMPAREX Group:

 COMPAREX Newsroom

 Request Information