Accelerate GDPR compliance with the Microsoft Cloud Henrik Mnsted - - PowerPoint PPT Presentation

accelerate gdpr compliance with the microsoft cloud
SMART_READER_LITE
LIVE PREVIEW

Accelerate GDPR compliance with the Microsoft Cloud Henrik Mnsted - - PowerPoint PPT Presentation

Oct 18, 2022 684 likes •900 views

Accelerate GDPR compliance with the Microsoft Cloud Henrik Mnsted Cloud Solutions Architect Microsoft Denmark This presentation is intended to provide an overview of GDPR and is not a definitive statement of the law. 1. Data Privacy and

slide-1
SLIDE 1

Accelerate GDPR compliance with the Microsoft Cloud

Henrik Mønsted Cloud Solutions Architect Microsoft Denmark

This presentation is intended to provide an overview of GDPR and is not a definitive statement of the law.

slide-2
SLIDE 2
  • 1. Data Privacy and regulations like the GDPR
  • What does it mean for you?
  • Breaking it down into some clear requirements
  • Proposing a step-by-step process
  • 2. How Microsoft technologies can help
  • Making use of built-in capabilities to meet the requirements
  • Introducing the newest innovations that can help!
slide-3
SLIDE 3

Providing clarity and consistency for the protection of personal data

Enhanced personal privacy rights Increased duty for protecting data Mandatory breach reporting Significant penalties for non-compliance

The General Data Protection Regulation (GDPR) imposes new

rules on organizations in the European Union (EU) and those that offer goods and services to people in the EU, or that collect and analyze data tied to EU residents, no matter where they are located.

Microsoft believes the GDPR is an important step forward for clarifying and enabling individual privacy rights

slide-4
SLIDE 4

Personal privacy

What are the key changes with the GDPR?

Controls and notifications Transparent policies IT and training

Organizations will need to:

  • Train privacy personnel

& employees

  • Audit and update data

policies

  • Employ a Data Protection

Officer (if required)

  • Create & manage

compliant vendor contracts Organizations will need to:

  • Protect personal data

using appropriate security

  • Notify authorities within

72 hours of breaches

  • Obtain appropriate

consents for processing data

  • Keep records detailing

data processing Individuals have the right to:

  • Access their personal

data

  • Correct errors in their

personal data

  • Erase their personal data
  • Object to processing of

their personal data

  • Export personal data

Organizations are required to:

  • Provide clear notice of

data collection

  • Outline processing

purposes and use cases

  • Define data retention

and deletion policies

slide-5
SLIDE 5

Our commitment to you

T

  • simplify your path to compliance, we are committing to

GDPR compliance across our cloud services when enforcement begins on May 25, 2018. We will share our experience in complying with complex regulations such as the GDPR. T

  • gether with our partners, we are prepared to help you

meet your policy, people, process, and technology goals on your journey to GDPR.

slide-6
SLIDE 6

Leverage guidance from experts Simplify your privacy journey

GDPR Compliance GDPR Compliance GDPR Compliance

Uncover risk & take action

slide-7
SLIDE 7

How do I get started?

Identify what personal data you have and where it resides

Discover 1

Govern how personal data is used and accessed

Manage 2

Establish security controls to prevent, detect, and respond to vulnerabilities & data breaches

Protect 3

Keep required documentation, manage data requests and breach notifications

Report 4

slide-8
SLIDE 8
slide-9
SLIDE 9

Discover:

In-scope:

  • Inventory:
  • Microsoft Azure

Microsoft Azure Data Catalog

Enterprise Mobility + Security (EMS)

Microsoft Cloud App Security

Dynamics 365

Audit Data & User Activity Reporting & Analytics

Office & Office 365

Data Loss Prevention Advanced Data Governance Office 365 eDiscovery

SQL Server and Azure SQL Database

SQL Query Language

Windows & Windows Server

Windows Search

Example solutions

1

slide-10
SLIDE 10
slide-11
SLIDE 11
slide-12
SLIDE 12

2

Example solutions

Manage:

Data governance:

  • Data classification:
  • Microsoft Azure

Azure Active Directory Azure Information Protection Azure Role-Based Access Control (RBAC)

Enterprise Mobility + Security (EMS)

Azure Information Protection

Dynamics 365

Security Concepts

Office & Office 365

Advanced Data Governance Journaling (Exchange Online)

Windows & Windows Server

Microsoft Data Classification Toolkit

slide-13
SLIDE 13

Classification and labelling Encryption and rights management Intuitive, one-click process Detailed tracking and reporting

slide-14
SLIDE 14

Built-in Azure, no setup required Automatically discover and monitor security of Azure resources Gain insights for hybrid resources Easily onboard resources running in other clouds and on-premises

slide-15
SLIDE 15

4

Example solutions

Record-keeping:

  • Reporting tools:
  • Microsoft Trust Center

Service Trust Portal

Microsoft Azure

Azure Auditing & Logging Azure Data Lake Azure Monitor

Enterprise Mobility + Security (EMS)

Azure Information Protection

Dynamics 365

Reporting & Analytics

Office & Office 365

Service Assurance Office 365 Audit Logs Customer Lockbox

Windows & Windows Server

Windows Defender Advanced Threat Protection

Report:

slide-16
SLIDE 16

The Service Trust Platform (STP) is a companion feature to the Microsoft Trust Center, and allows you to:

  • Access audit reports across Microsoft cloud services
  • n a single page.
  • Access compliance guides to help you understand

how can you use Microsoft cloud service features to manage compliance with various regulations.

  • Access trust documents to help you understand how

Microsoft cloud services help protect your data. servicetrust.microsoft.com

slide-17
SLIDE 17

Compliance manager

Manage your compliance from one place

  • Real-time risk assessment

An intelligent score shows your compliance posture against evolving regulations

  • Actionable insights

Recommended actions to improve your data protection capabilities

  • Simplified compliance

Streamlined workflow and audit-ready reports

slide-18
SLIDE 18

Enabling GDPR compliance in Health

Azure Data Catalog/Azure App Catalog

will help discover patient and health data across your applications, tools and databases.

Microsoft Azure provides a secure

and robust platform to store patient and health data. Utilize pseudonymizing and encryption capabilities to increase security and reduce exposure to risk.

Windows 10 prevents unauthorized apps

from accessing health and patient data, and health professionals from leaking data with copy and paste protection.

 Compliance Manager helps assess and

track data protection and compliance posture and get actionable insights to

  • improve. With an intelligent score, customers

can better understand their compliance posture against regulatory standards.

Discover Manage Protect Report

Service Trust Platform

provides access to audit reports and compliance guides to help you understand how can you use Microsoft cloud service features to manage compliance

Existing compliance approaches and attestations already in

alignment with the GDPR provide a good foundation to start from.

Identity and Access Management and Conditional Access can help

manage access to data across platforms, whether in the cloud, on premise or in a hybrid environment.

slide-19
SLIDE 19

GDPR @Microsoft

  • https://www.microsoft.com/GDPR
  • https://www.gdprbenchmark.com/

SQL and GDPR Guide

slide-20
SLIDE 20

BRK3241 Secure your data in Azure SQL Database and SQL Data Warehouse BRK3087 Azure SQL Database: The world's first intelligent cloud database service BRK22 K2230 30 Wh What' t's new with Azu zure SQL L Database tabase: : Focu cus s on your busines iness, s, not on the databas tabase THR2024 Practica ctical tips s and conside sidera ration tions s by indust stry y experts ts on how w to become

  • me GDPR

PR complia pliant nt

slide-21
SLIDE 21