Microsoft announced a number of new information protection capabilities and updates to its Microsoft 365, in response to GDPR which will come into effect after 25th May.
The GDPR (General Data Protection Regulation) is aimed at protecting and empowering the data privacy of all the citizens of Europe, as well as reshaping the way organizations in Europe approach data privacy. The organizations found to be non-compliant after May 25th may face heavy fines.
It is the responsibility of an organization to meet all regulatory requirements when the data is on-premises. However, when the data is moved to cloud, it becomes the responsibility of Cloud Service Provider as well.
The updates in Microsoft 365 include general availability of Compliance Manager for Azure, Dynamics 365, and Office 365 Business and Enterprise subscribers. Compliance Manager, available for Preview since November 2017, enables organizations to perform on-going risk assessments, and makes it transparent to customers how Microsoft protects their data.
Compliance Manager includes Compliance Score feature, which allows organizations to gain visibility into compliance stature of organization with a risk-based score reference. It is available for Office 365 users.
Microsoft also announced general availability of Azure Information Protection scanner, which enables users to automatically discover, classify, label, and protect documents in on-premises repositories like File servers and on-premises SharePoint servers.
The new intelligent compliance solutions in Microsoft 365 will help organizations to protect sensitive data, support data protection in apps and across all cloud services. Organizations can use it to scan hybrid and on-premises repositories by periodically configuring it.
Additionally, Microsoft is previewing Consistent labeling schema experience, which will be used to eliminate the need to create labels in two different places across information protection solutions in Microsoft 365.
Microsoft said that its new solutions will be helpful in efficiently managing compliance risks and leverage the cloud to identify, protect and monitor sensitive data to support GDPR compliance.