News

Microsoft Adds GDPR Improvements to Office 365, Azure

With the European Union's General Data Protection Regulation (GDPR) requirements set to become law on May 25, Microsoft is working to get its cloud services and customers compliant.

The company last week announced some tooling enhancements to help organizations using Azure and Office 365 services meet GDPR requirements. The improvements are aimed at ensuring that both Microsoft's services and the organizations using them will be GDPR-compliant by the law's enforcement date.

The GDPR is a data privacy law that stipulates how the data of EU residents should be handled by organizations. Individuals can request information about stored data, and ask that it be modified or deleted by the organization. The organization, in GDPR lingo, is known as a "data controller." The law even applies to organizations located outside the EU. There are stiff fines for data privacy violators, up to €20 million or 4 percent of an organization's annual revenue turnover, whichever is greater.

Some of the Microsoft tools supporting GDPR compliance include:

Last week, Microsoft announced that it released a preview of a new Data Subject Access Request interface in the Security and Compliance Center via a new tab addition, as well as in the Azure Portal.

The Data Subject Access Request interface is also available in the Service Trust Portal, according to an announcement by the Microsoft 365 team. The Service Trust Portal also has new "Breach Notification" documentation. The portal will be getting a "Data Protection Impacts Assessments" section in coming weeks, according to this Microsoft Tech Community post.

A Data Subject Access Request gets carried out by an organization when a person makes a request, such as to provide the data that's been stored or to delete or modify the data. The individual can also request that the data be provided in an electronic format that can be "moved another data controller," according to Microsoft.

The new Data Subject Access Request interface preview lets organizations perform a search for "relevant data across Office 365 locations." It will search across "Exchange, SharePoint, OneDrive, Groups and now Microsoft Teams." It exports the data for review "prior to being transferred to the requestor," Microsoft explained.

The Data Subject Access Request interface preview also works with Microsoft's Advanced Data Governance service, so it can be event based. Here's how the Office 365 team explained the matter:

One DSR scenario an organization may encounter is when a departing employee requests that their data is provided to them. To help with this scenario and others like it, the Event-based retention feature of Advanced Data Governance is now generally available for Office 365 E5 customers.

Microsoft is promising that the Data Subject Access Request capabilities will be out of preview before the May 25 deadline. Microsoft is also promising that IT pros will be able to "execute DSRs against system-generated logs."

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • Microsoft Appoints Althoff as New CEO for Commercial Business

    Microsoft CEO and chairman Satya Nadella on Wednesday announced the promotion of Judson Althoff to CEO of the company's commercial business, presenting the move as a response to the dramatic industrywide shifts caused by AI.

  • Broadcom Revamps VMware Partner Program Again

    Broadcom recently announced a significant update regarding its VMware Cloud Service Provider (VCSP) program, coinciding with the release of VMware Cloud Foundation (VCF) 9.0, a key component in Broadcom’s private cloud strategy.

  • Closeup of the new Copilot keyboard key

    Microsoft Updates Copilot To Add Context-Sensitive Agents to Teams, SharePoint

    Microsoft has rolled out a new public preview for collaborative "always on" agents in Microsoft 365 Copilot, bringing enhanced, context-aware tools into Teams channels, meetings, SharePoint sites, Planner workstreams and Viva Engage communities.

  • Windows 365 Cloud Apps Now Available for Public Preview

    Microsoft announced this week that Windows 365 Cloud Apps are now available for public preview. This aims to allow IT administrators to stream individual Windows applications from the cloud, removing the need to assign Cloud PCs to every user.