Call us today to see how we can help you be at your best.
To prepare for GDPR, organizations and IT need to use this five-step process in evaluating their roadmap to make their Microsoft environment compliant with the revised privacy rights.
It’s important to know your organization’s obligations under GDPR as it relates to collecting, processing, and storing data, including the legislation’s many special categories. For Canadian organizations, knowing the slight differences between Canada’s Privacy Laws and GDPR’s requirements can reduce the burden of completely reorganizing your organization’s data compliance structure.
Perform a data discovery of your current infrastructure and what is currently protected. Assess your readiness with this GDPR Assessment
Know where your organization lapses in security and infrastructure development? Perform data discovery on the following platforms. Classify who has access to different types of data, who shares the data and what applications process that data.
The following is taken from Microsoft’s Beginning your General Data Protection Regulation Journey
As Azure is an open and flexible cloud platform, it includes a service to help make data sources easily discoverable and identifiable. The Microsoft Azure Data Catalog is a fully managed cloud service that serves as a system of registration and system of discovery for your organization’s data sources. In other words, Azure Data Catalog is all about helping you discover, understand, and use data sources to get more value from your existing data. Once a data source has been registered with Azure Data Catalog, its metadata is indexed by the service so that you can easily search to discover the data you need.
Dynamics 365 provides several visibility and auditing capabilities that can be used through the Reporting & Analytics dashboards of Dynamics 365 to identify personal data:
There are several specific Office 365 solutions that can help you identify or manage access to personal data:
The SQL language can be used to query databases and to customize tools or services that may help enable this requirement. Search is fully supported through queries, although full trace logging should be done at the application level. The Script task provides code to perform custom functions, such as complex data queries that are not available in the built-in tasks and transformations that SQL Server Integration Services provides. The Script task can also combine functions in one script instead of using multiple tasks and transformations. This product suite also includes powerful business intelligence functionality providing end-user access to data insights.
To find data within Windows, you can utilize Windows Search to trace and locate personal data on your local machine and any connected devices that you have adequate permissions to access. To enhance the capabilities of Windows Search to locate the target data, you can configure Indexing Options in the Control Panel to customize the capabilities of Windows Search (for example, indexing file contents).
Assess the risks to all private data, and review policies and procedures. Apply security measures to production data containing core assets, and then extend those measures to back-ups and other repositories.
Engage with company policy makers, legal and executives now to ensure there’s a plan in motion. For organizations over 250 users, there must be a professionally qualified officer to review and help educate employees company-wide on:
Look into Microsoft 365 as a conclusive platform on which to build a profitable set of security and productivity solutions to simplify the task of identifying, classifying, and governing personal data. Learn more about Microsoft 365 and Softlanding’s Managed Services offering.
Currently using Office 365? Get scored on how well you rank based off your regular activities and security settings. Take the test here.
Sign up today to receive our monthly newsletter with tips, Microsoft funding availabilites, upcoming events and industry news.
Take advantage of this hands-on event that will guide you through Microsoft’s security tools and how to protect your business interests.
Sign-up to our monthly newsletter for valuable insights, workshops/events and funding available for your next project!