BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
With just one year left to prepare for compliance with the EU's new General Data Protection Regulation, Microsoft launched new initiatives to help its cloud customers with GDPR compliance.
In addition to tools for tracking the flow of sensitive information and revoking access to that data, Microsoft will offer a data governance tool for Office 365, a Microsoft Tech Community privacy forum for sharing information and discussing GDPR and other privacy topics, and a promise to share best practices from Microsoft privacy experts.
The GDPR protects personal information about EU residents that may be collected, stored and processed by organizations anywhere in the world -- and it includes potential penalties for failures to properly protect that information that can rise as high as 4% of an organization's annual revenue or 20 million euros, whichever is higher. Microsoft has already committed to becoming fully GDPR compliant in all its cloud services.
"Beyond making our cloud services compliant, the Microsoft Cloud provides sophisticated, built-in controls that can help you meet GDPR requirements," wrote Julia White, corporate vice president, Microsoft Azure & Security, in a blog post describing some of the new tools.
One of those tools, Azure Information Protection, allows customers to monitor flows of sensitive data using document tracking. It also gives administrators the ability to revoke on demand access to sensitive data, a key feature for GDPR compliance.
White also touted the use of Microsoft Cloud for discovery, management, protection and reporting on data subject to GDPR. She noted that Microsoft's Office 365 Advanced Data Governance allows customers to manage data through the use of classifications, to automatically label sensitive data, "so that policies for protection, retention or deletion can be applied."
Still to come is "a new dashboard that provides a quantitative assessment to help identify where you are in your journey to GDPR compliance," which White said would be released later this year. Microsoft cloud customers may also find help in dealing with the GDPR at the Microsoft Tech Community Privacy Forum, and White wrote that Microsoft would be "sharing best practices from our own privacy experts."
Microsoft is not alone in its efforts to offer customer support for GDPR compliance; Amazon announced earlier this year that its cloud services would be ready for GDPR regulation enforcement by May 25, 2018, while Google has also announced its cloud services will be in compliance in time.
Microsoft chief privacy officer Brendon Lynch talks about GDPR
Learn how companies should be preparing for the GDPR regulation
Discover how to deal with data under GDPR