Is your company prepared for the GDPR compliance that is set to be mandated on May 25th, 2018? It is imperative that your company is complying with GDPR as you will likely be obligated under this serious legislation.
We want to help you avoid the threat of heavy fines and litigation for your company. In this blog we will be showing you :
- What Advanced Data Governance in Office 365 is,
- How it works, and
- How it will help your organization achieve GDPR compliance
GDPR compliance starts with discovering, classifying, labeling, managing, and protecting your company’s personal data. Microsoft 365 provides an excellent feature in Office 365 to help with these GDPR compliance obligations, called Advanced Data Governance.
What is Advanced Data Governance?
The purpose of data governance is to keep your company’s sensitive data collected when needed. It is also important to dispose of it when you no longer do. Data governance in Office 365 enables you to manage the full content lifecycle. From importing and storing your data to creating policies that retain your data, then permanently deleting content at the end. Microsoft’s mission with office 365 is to help your organization familiarize itself with your data. Then you can act upon it in order to keep your company secure and compliant. Their strategy behind this is to use classification and policies to help you achieve it.
Microsoft uses well-known categories for structured data, and machine assistance and learning to classify unstructured data. Then recommends to you and proposes policies based on data classification. This includes creating policies as well as taking one-time actions to keep the data compliant and secure. These actions help to import, preserve, and protect high-value, or personal, data in place. You can confidently keep what is relevant while purging any obsolete data that might put your company at risk for litigation for failure of compliance.
How does Advanced Data Governance work?
Advanced Data Governance uses intelligence and machine-assisted insights to help you find, classify, set policies on, and take action to manage the lifecycle of the data that is most important to your organization. You can access organizational insights and recommendations in the governance dashboard. Retention policies help to comply with regulations and internal policies by ensuring that you retain content as long as required.
A single retention policy can cover your entire organization. In addition, you can use labels to implement a file plan by classifying data across your organization for governance. After than you can enforce retention rules based on that classification.
By creating an organizational-wide policy you combine a retention action as well as a preservation action. These are based on the information that you have about the data in your tenant. Most large organizations will need to customize this policy, so while this is a recommendation that kick-starts the policy creation. You have to ability to go to advanced policy creation and customize the policy appropriate for your company. With Advanced Data Governance, you can set specific locations and groups in your policies.
How does Advanced Data Governance help you achieve GDPR compliance?
This feature is important to you, because as the amount of electronic data grows exponentially, many organizations are exposing themselves to risk by retaining unnecessary data. For example, many organizations continue to retain the personal information of former employees who left the company long ago. If this data were compromised in a breach, the company could be liable for costly remediation, such as lifetime credit monitoring for these former employees.
Effectively governing your organization information is vital to your company. It allows for effective knowledge sharing and business agility, protects against increasing threats and leakage, and what is top-of-mind for companies’ word-wide this year, is that it proactively meets evolving compliance and legal requirements, such as the GDPR.
Advanced Data Governance in Office 365 provides solutions for your company to:
- Set proactive policy recommendations and automatic data classifications that allow you take actions on data—such as retention and deletion—throughout its lifecycle.
- Create system default alerts to identify data governance risks, such as “Unusual volume of file deletion,” as well as the ability to create custom alerts by specifying alert matching conditions and threshold.
- And most important to us, To have the ability to apply compliance controls to on-premises data by intelligently filtering and migrating that data to Office 365.
CyberTraining 365 is an online academy that offers nearly 1,000 hours of relevant and cutting edge cyber security training. Our training provides the most in demand industry certification prep courses including EC-Council, CompTIA, (ISC)2 and Cisco; all taught by leading cyber security experts. All of our offerings are aligned with the national initiative for cyber security education (NICE) and ensure the most up-to-date information for this constantly shifting field. With engaging content in a scenario-based format, CyberTraining 365 uses bite-sized micro-learning methodology ensures learners are not overwhelmed with information. On Demand LMS platform has white-label capabilities ideal for internal training purposes.