world class productivity with compliance built-in
Blending compliance with productivity
Microsoft’s solutions will dramatically help you meet GDPR and other compliance requirements now. Their cloud services and on-premises solutions provide a wealth of features that can help you lifecycle manage personal data in your systems. Although a lot of these capabilities are operationally managed by Microsoft, many need to understood, implemented and managed by customers directly or via managed service partners.
Don’t just use 20% of your investment in Office 365 & Azure, we will show you how
Create, coordinate, protect, and harvest and cleanse your content to gain value from it everywhere in its lifecycle. Capture new documents on the go, manage compliance, and reduce risk.
Make informed decisions quickly. Connect, model, and then explore your data with visual reports that you can collaborate, publish, and share. Power BI integrates with other tools, including Microsoft Excel, so you can get up to speed quickly and work seamlessly with your existing solutions.
Reduce application sprawl
Has your compliance activities highlighted the big list of software you use? Does this complicate compliance and impact user productivity? Now is a great time to investigate new ways of working with tools that are designed to work together.
Simplify with Microsoft 365
Discover the Microsoft 365 Business advantage
An integrated solution, bringing together the best-in-class productivity of Office 365 with advanced security and device management capabilities to help safeguard your business.
Microsoft 365 Business brings together features from across Microsoft’s offerings in a solution designed for small and medium-sized businesses. It’s powered by Office 365 and Windows 10, with device management and security features to help ensure your company’s data is protected.
Versions for business and enterprise
Create your best work with intelligent tools built in to Office. Get work done with enterprise grade email and calendaring. Access your files from anywhere with online file storage. Easily integrate with other commonly used apps and solutions.
Help protect against security threats. Help secure your business data from accidental leaks. Control who has access to your business information. Gain peace of mind that you have tools to help you remain compliant.
Bring together teams and resources, all in one place. Connect with customers, coworkers, and suppliers. Host online meetings to increase collaboration and productivity. Work anywhere from any device.
Video deep dive - see the benefits
Microsoft’s Compliance Solutions are leading the way, with their integrated tool set that leverages platform intelligence and automation to operationalise compliance.
They help you intelligently assess your compliance risks, govern, protect sensitive data and provide lifecycle management to effectively respond to regulatory requirements.
Embracing solutions like Microsoft’s Compliance Manager enables cost effective data lifecycle management – Check out this 2 mins video →
- Data Loss Prevention (DLP) in Office and Office 365 can identify over 80 common sensitive data types including financial, medical, and personally identifiable information. In addition, DLP allows organizations to configure actions to be taken upon identification to protect sensitive information and prevent its accidental disclosure.
- Advanced Data Governance uses intelligence and machine-assisted insights to help you find, classify, set policies on, and take action to manage the lifecycle of the data that is most important to your organisation.
- Office 365 eDiscovery search can be used to find text and metadata in content across your Office 365 assets – SharePoint Online, OneDrive for Business, Skype for Business Online, and Exchange Online. In addition, powered by machine learning technologies, Office 365 Advanced eDiscovery can help you identify documents that are relevant to a particular subject (for example, a compliance investigation) quickly and with better precision than traditional keyword searches or manual reviews of vast quantities of documents.
- Customer Lockbox for Office 365 can help you meet compliance obligations for explicit data access authorisation during service operations. When a Microsoft service engineer needs access to your data, access control is extended to you so that you can grant final approval for access. Actions taken are logged and accessible to you so that they can be audited.
Another core requirement of the GDPR is protecting personal data against security threats. Current Office 365 features that safeguard data and identify when a data breach occurs include:
- Advanced Threat Protection in Exchange Online Protection helps protect your email against new, sophisticated malware attacks in real time. It also allows you to create policies that help prevent your users from accessing malicious attachments or malicious websites linked through email.
- Threat Intelligence helps you proactively uncover and protect against advanced threats in Office 365. Deep insights into threats – provided by Microsoft’s global presence, the Intelligent Security Graph, and input from cyber threat hunters – help you quickly and effectively enable alerts, dynamic policies, and security solutions.
- Advanced Security Management enables you to identify high-risk and abnormal usage, alerting you to potential breaches. In addition, it allows you to set up activity policies to track and respond to high risk actions.
- Office 365 audit logs allow you to monitor and track user and administrator activities across workloads in Office 365, which help with early detection and investigation of security and compliance issues.
For more information please visit our Office 365 Trust Center
Read more on Office 365 and GDPR
Enterprise Mobility + Security features identity-driven security technologies that help you discover, control, and safeguard personal data held by your organization, reveal potential blind spots, and detect when data breaches occur:
- Azure Active Directory (Azure AD) helps you ensure that only authorized users can access your computing environments, data, and applications. It features tools such as Multi-Factor Authentication for highly secure sign-in. Additionally, Azure AD Privileged Identity Management helps you reduce risks associated with administrative access privileges through control, management and reporting of these critical administrative roles.
- Microsoft Azure Information Protection helps ensure that your data is identifiable and secure, a key requirement of the GDPR—regardless of where it’s stored or how it’s shared. You can classify, label, and protect new or existing data, share it securely with people within or outside of your organisation, track usage, and even revoke access remotely. Azure Information Protection also includes rich logging and reporting to monitor the distribution of data, and options to manage and control your encryption keys.
- Microsoft Advanced Threat Analytics helps pinpoint breaches and identifies attackers using innovative behavioural analytics and anomaly detection technologies. Advanced Threat Analytics is deployed on-premises and works with your existing Active Directory deployment. It employs machine learning and the latest user and entity behavioural analytics to help find advanced persistent threats and detect suspicious activities and malicious attacks used by cyber-criminals, to help identify breaches before they cause damage to your business.
For more information please visit our Microsoft Enterprise Mobility + Security site.
Read more on Microsoft EMS and GDPR
Microsoft designed Azure with industry-leading security measures and privacy policies to safeguard your data in the cloud, including the categories of personal data identified by the GDPR. Azure can help you on your journey to reducing risks and achieving compliance with the GDPR.
Identifying what data you have and controlling who has access to it is a critical requirement of the GDPR. Azure enables you to manage user identities and credentials and control access to your data in several ways:
- Azure Active Directory (Azure AD) helps you ensure that only authorised users can access your computing environments, data, and applications. It features tools such as Muti-Factor Authentication for highly secure sign-in. Additionally, Azure AD Privileged Identity Management helps you reduce risks associated with administrative privileges through access control, management, and reporting.
- Azure Information Protection helps ensure that your data is identifiable and secure, a key requirement of the GDPR—regardless of where it’s stored or how it’s shared. You can classify, label and protect new or existing data, share it securely with people within or outside your organisation, track usage and even revoke access remotely. Azure Information Protection also includes rich logging and reporting capabilities to monitor the distribution of data, and options to manage and control your encryption keys.
Protecting personal data in your systems and reporting on and reviewing for compliance are key requirements of the GDPR. The following Azure services and tools will help you meet these GDPR obligations:
- Azure Security Centre provides you with visibility and control over the security of your Azure resources. It continuously monitors your resources, provides helpful security recommendations, and helps you prevent, detect and respond to threats. Azure Security Centres embedded advanced analytics help you identify attacks that might otherwise go undetected.
- Data Encryption in Azure Storage secures your data at rest and in transit. You can, for example, automatically encrypt your data when it is written to Azure Storage using Storage Service Encryption. Additionally, you can use Azure Disk Encryption to encrypt operating systems and data disks used by virtual machines. Data is protected in transit between an application and Azure so that it remains secure at all times.
- Azure Key Vault enables you to safeguard your cryptographic keys, certificates, and passwords that help protect your data. Key Vault uses hardware security modules (HSMs) and is designed so that you maintain control of your keys and therefore your data, including ensuring that Microsoft cannot see or extract your keys. You can monitor and audit use of your stored keys with Azure logging and import your logs into Azure HDInsight or your SIEM for additional analysis and threat detection.
- Log Analytics: Azure provides configurable security auditing and logging options that can help you identify and repair gaps in your security policies to prevent breaches. Additionally, Log Analytics helps you collect and analyze data generated by resources in either your cloud or on-premises environments. It provides real-time insights using integrated search and custom dashboards to readily analyze millions of records across all workloads and servers regardless of their physical location.
For more information, please visit our overview of Azure Security Services and Technologies
Read more on Azure and GDPR
Microsoft designed SQL Server and Azure SQL Database with industry-leading security measures and privacy policies to safeguard your data in the database, including the categories of personal data identified by the GDPR. Built-in SQL security capabilities can help you on your journey to reducing risks and achieving compliance with the GDPR.
For more information, please visit our Security Center for SQL Server Database Engine and Azure SQL Database
Read more on SQL Server and GDPR
Useful resource links
Operationalise Compliant working
Compliance and productivity Services from Subject Matter Experts in cloud enabled compliance and productivity
Privacy and data lifecycle management services
With our Privacy and Data Protection Managed Services we will help you protect your sensitive business data, help you meet compliance requirements. We assess your risk, manage policies to encrypt, restrict access to sensitive data, provide reporting whilst lowering your costs.
Your Risk – To help mitigate your risk we:
- assess the different types of data you generate and store
- help you create a data-classification policy
- establish the sensitivity of each type of data
- make recommendations on how to best protect it
- configure a rich compliance framework to match your needs
- control access policies around data encryption and key management
- monitor your technology platform for any issue
Check out the video to see some of methods we use.
Get you Compliant
As Subject Matter Experts in GDPR compliance and Microsoft cloud centric working we will ease your journey towards compliance, productivity and simplify ongoing operational management.
Embeded Managed Services
A whole new layer of IT data management is going to be needed in the post GDPR new world. We can show you how to leverage Microsoft's new capabilities.
Off the shelf Solutions
We can provide off the shelf solutions for many business and compliance scenarios. We provide quick-start solutions for GDPR, Quality & Risk, CRM & Projects as well as custom solution build services, training and support to you maximise the value of Office 365.
GDPR Specialist Accelerators
We provide a portfolio of focused solutions for specific GDPR challenges including sales, implementation and support services. These include consent, training, encryption, application testing and more..