Microsoft 365 has introduced protection solutions to help businesses leverage and monitor data in the cloud environment and assess and manage compliance risks according to the latest General Data Protection Regulation (GDPR) requirements.

Compliance with GDPR is becoming mandatory to identify, classify, protect, and monitor sensitive cloud-based data, as well as enhance data security and establish trust with increasingly demanding customers aware of potential cyber risks.

Below is a summary of Microsoft 365’s updates and capabilities introduced this February, designed to provide businesses with an information protection strategy to help with GDPR compliance.

Compliance Manager

Compliance Manager assists businesses in managing and assessing compliance risk. The module is available for Azure, Dynamics 365, and Office 365 Business and Enterprise customers in public clouds.

The cross–Microsoft Cloud services solution is designed to help organisations meet complex compliance obligations such as GDPR, by providing valuable insights on the relationships between regulation, processes, and technology.

XGRC’s solution transforms your company’s data into rich visuals for you to collect and organise, so you can focus on what matters to you. Stay in the know, spot trends as they happen and push your business further.

Compliance Score

Compliance Score is a Compliance Manager feature that enables organisations to perform ongoing risk assessments on Microsoft Cloud services with a risk-based score reference. Currently available for Office 365, it will be rolled out to all Microsoft Cloud services.

This feature assigns different risk levels via a scoring system which changes with the assessment and implantation of each risk control, with the aim to increase visibility into compliance performance, including GDPR requirements.

Azure Information Protection Scanner

Generally available, the Azure Information Protection scanner for hybrid cloud and on-premises solutions enables organisations to configure and periodically scan repositories based on company policies.

The feature automatically discovers, classify, label, and protect documents in on-premises repositories such as File servers and on-premises SharePoint servers, protecting vital data relevant to GDPR regulatory framework.

Learn more about GDPR compliance on the Microsoft blog.

MSX Cyber, part of the XGRC product range, assists organisations to drive performance and compliance with its integrated information security management system built on the ISO 9001 Quality and ISO 27001 Information Security framework.

ISO 27001 compliance within ISMS ensures the implementation of proper security controls in line with the latest business, legal, contractual and regulatory requirements. It also adheres to cybersecurity laws such as the General Data Protection Regulation (GDPR) or the NIS Directive.