The presentation provides an overview of GDPR and how organizations can accelerate compliance using Microsoft cloud services. It discusses the key changes introduced by GDPR including enhanced personal privacy rights, increased duty to protect data, mandatory breach reporting, and significant penalties for non-compliance. It then outlines how Microsoft can help organizations discover, manage, protect, and report personal data through solutions like Azure, Office 365, and Enterprise Mobility + Security.
The security measures discussed in this IBM Redpapers™ publication represent best practice implementations for cloud security. In this paper, we presented guidance on cloud computing security. We examined the major security challenges for cloud providers and their clients, and we discussed concrete guidelines for the implementation of cloud security
Azure Arc offers simplified management, faster app development, and consistent Azure services. Easily organize, govern, and secure Windows, Linux, SQL Server, and Kubernetes clusters across data centers, the edge, and multicloud environments right from Azure. Architect, design, and build cloud-native apps anywhere without sacrificing central visibility and control. Get Azure innovation and cloud benefits by deploying consistent Azure data, application, and machine learning services on any infrastructure.
Gain central visibility, operations, and compliance
Centrally manage a wide range of resources including Windows and Linux servers, SQL server, Kubernetes clusters, and Azure services.
Establish central visibility in the Azure portal and enable multi-environment search with Azure Resource Graph.
Meet governance and compliance standards for apps, infrastructure, and data with Azure Policy.
Delegate access and manage security policies for resources using role-based access control (RBAC) and Azure Lighthouse.
Organize and inventory assets through a variety of Azure scopes, such as management groups, subscriptions, resource groups, and tags.
Learn more about hybrid and multicloud management in the Microsoft Cloud Adoption Framework for Azure.
One of the biggest announcements at the Microsoft Ignite 2019 is Azure Arc – the hybrid and multi-cloud platform from Microsoft.
View this content to learn how Azure Arc allows enterprises to manage on-prem and cloud resources like Windows VMs, Linux Servers, Kubernetes clusters, and Azure data services by centrally organizing and governing from a single place.
Azure Arc is a solution that simplifies management across different hybrid clouds or multi-clouds. Azure Arc extends Azure management and security beyond the walls of Azure to other cloud platforms or on-premises environments enabling you to make use of Azure services to manage infrastructure at these environments. In this session, you will be introduced to Azure Arc, why should you use it and how to make use of it in different scenarios.
The security measures discussed in this IBM Redpapers™ publication represent best practice implementations for cloud security. In this paper, we presented guidance on cloud computing security. We examined the major security challenges for cloud providers and their clients, and we discussed concrete guidelines for the implementation of cloud security
Azure Arc offers simplified management, faster app development, and consistent Azure services. Easily organize, govern, and secure Windows, Linux, SQL Server, and Kubernetes clusters across data centers, the edge, and multicloud environments right from Azure. Architect, design, and build cloud-native apps anywhere without sacrificing central visibility and control. Get Azure innovation and cloud benefits by deploying consistent Azure data, application, and machine learning services on any infrastructure.
Gain central visibility, operations, and compliance
Centrally manage a wide range of resources including Windows and Linux servers, SQL server, Kubernetes clusters, and Azure services.
Establish central visibility in the Azure portal and enable multi-environment search with Azure Resource Graph.
Meet governance and compliance standards for apps, infrastructure, and data with Azure Policy.
Delegate access and manage security policies for resources using role-based access control (RBAC) and Azure Lighthouse.
Organize and inventory assets through a variety of Azure scopes, such as management groups, subscriptions, resource groups, and tags.
Learn more about hybrid and multicloud management in the Microsoft Cloud Adoption Framework for Azure.
One of the biggest announcements at the Microsoft Ignite 2019 is Azure Arc – the hybrid and multi-cloud platform from Microsoft.
View this content to learn how Azure Arc allows enterprises to manage on-prem and cloud resources like Windows VMs, Linux Servers, Kubernetes clusters, and Azure data services by centrally organizing and governing from a single place.
Azure Arc is a solution that simplifies management across different hybrid clouds or multi-clouds. Azure Arc extends Azure management and security beyond the walls of Azure to other cloud platforms or on-premises environments enabling you to make use of Azure services to manage infrastructure at these environments. In this session, you will be introduced to Azure Arc, why should you use it and how to make use of it in different scenarios.
In early 2019, Microsoft created the AZ-900 Microsoft Azure Fundamentals certification. This is a certification for all individuals, IT or non IT background, who want to further their careers and learn how to navigate the Azure cloud platform.
Learn about AZ-900 exam concepts and how to prepare and pass the exam
Azure. Cloud for all.
These 4 pillars represent the main value proposition for what differentiates Azure from the competition.
As you can see in the proof points, these are the reason why customers choose Microsoft, because of the unique value that we provide in a productive, hybrid, intelligent, and trusted cloud.
With Azure, you can do—or be—all of these things.
Productive
Get unparalleled developer productivity with integrated tools from mobile DevOps to serverless computing.
Learn about accelerating innovation
Hybrid
Develop and deploy where you want, with the only consistent hybrid cloud on the market. Extend Azure on-premises with Azure Stack.
Learn about our consistent hybrid cloud
Intelligent
Create intelligent apps that delight with data-driven experiences. Go quickly from concept to release with Azure data services and artificial intelligence, from image recognition to bot services.
Learn about intelligent apps
Trusted
Join startups, governments, and 90 percent of Fortune 500s that trust the Microsoft Cloud for security, privacy, transparency, and the most compliance coverage of any cloud provider.
Getting started with Azure – Part 1 | TechMeet360BizTalk360
As an initiative by TechMeet360, the Tech Community of BizTalk360, we are conducting an Azure Meetup series. In the first part of the series, Microsoft Azure MVP @Kuppurasu Nagaraj gives a detailed look at getting started with Microsoft Azure Cloud Computing and Azure App Services.
Microsoft Azure is an ever-expanding set of cloud services to help your organization meet your business challenges. It’s the freedom to build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks.
Productive
Reduce time to market, by delivering features faster with over 100 end-to-end services.
Hybrid
Develop and deploy where you want, with the only consistent hybrid cloud on the market. Extend Azure on-premises with Azure Stack.
Intelligent
Create intelligent apps using powerful data and artificial intelligence services.
Trusted
Join startups, governments, and 90 percent of Fortune 500 businesses who run on the Microsoft Cloud today.
In early 2019, Microsoft created the AZ-900 Microsoft Azure Fundamentals certification. This is a certification for all individuals, IT or non IT background, who want to further their careers and learn how to navigate the Azure cloud platform.
Learn about AZ-900 exam concepts and how to prepare and pass the exam
Windows Azure Active Directory: Identity Management in the CloudChris Dufour
Windows Azure Active Directory provides easy-to-use, multi-tenant identity management services for applications running in the cloud and on any device and any platform. Originally created to support Office 365 it is now available as an Azure service. On November 28th, 2012 Microsoft shared that Windows Azure Active Directory (AD) has processed 200 BILLION authentications.
“At Microsoft, we have been on a transformative journey to cloud computing and we have been working with customers every step of the way. Millions of customers have embraced the cloud and we are excited to share the news that we’ve reached a major milestone in cloud scale computing. Since the inception of the authentication service on the Windows Azure platform in 2010, we have now processed 200 BILLION authentications for 50 MILLION active user accounts. In an average week we receive 4.7 BILLION authentication requests for users in over 420 THOUSAND different domains. This is a massive workload when you consider others in the industry are attempting to process 7B logins per year, Azure processes close to that amount in a week.
These numbers sound big right? They are. To put it into perspective, in the 2 minutes it takes to brew yourself a single cup of coffee, Windows Azure Active Directory (AD) has already processed just over 1 MILLION authentications from many different devices and users around the world. Not only are we processing a huge number of authentications but we’re doing it really fast! We respond to 9,000 requests per second and in the U.S. the average authentication takes less than 0.7 seconds. That’s faster than you can get your coffee from your cup and into your mouth! (Do not attempt this at home :-))!”
In this session we will take a tour of Windows Azure Active Directory to learn about its capabilities, interfaces and supported scenarios, and understand how you can take advantage of the features in your application.
What is Microsoft Azure used for?-Microsoft azure Zabeel Institute
Microsoft Azure, commonly described as Azure, is a cloud computing solution created by Microsoft for building, screening, deploying, and taking care of applications and services through Microsoft-managed data centers.
Adelaide Global Azure Bootcamp 2018 - Azure 101Balabiju
A one day session that covers all the foundation of Azure services.
Microsoft Cloud Overview - IaaS, PaaS and SaaS
• Microsoft Azure Resource Manager (ARM)
• Microsoft Azure Storage
• Microsoft Azure Virtual Machines
• Microsoft Azure Identity
• Microsoft Azure Backup
Spanning cloud services across azure and awsMohamed Wali
With the evolution of cloud computing many companies are migrating their applications and services to the cloud or even build their own cloud native applications, yet they figure out limitations or better solutions in another cloud platform.
Within this session, you will learn how to get the most outta Azure and AWS by spanning your services across them with some scenarios discussing how to integrate these services.
"Microsoft: How to get the most with Cloudera & Microsoft Azure" by Filipe Prezado - Enterprise Architect @Microsoft on the event Cloudera & Big Data Ecosystem
With Azure Arc customers can manage virtual machines, Kubernetes clusters and data services on-premises, at service providers and in other clouds from a single view in Azure using the innovative security, monitoring and policy tools from Azure they appreciate. In this session you will get an introduction to Azure Arc and we will dive deeper into Azure Arc for Kubernetes specifically.
In early 2019, Microsoft created the AZ-900 Microsoft Azure Fundamentals certification. This is a certification for all individuals, IT or non IT background, who want to further their careers and learn how to navigate the Azure cloud platform.
Learn about AZ-900 exam concepts and how to prepare and pass the exam
Azure. Cloud for all.
These 4 pillars represent the main value proposition for what differentiates Azure from the competition.
As you can see in the proof points, these are the reason why customers choose Microsoft, because of the unique value that we provide in a productive, hybrid, intelligent, and trusted cloud.
With Azure, you can do—or be—all of these things.
Productive
Get unparalleled developer productivity with integrated tools from mobile DevOps to serverless computing.
Learn about accelerating innovation
Hybrid
Develop and deploy where you want, with the only consistent hybrid cloud on the market. Extend Azure on-premises with Azure Stack.
Learn about our consistent hybrid cloud
Intelligent
Create intelligent apps that delight with data-driven experiences. Go quickly from concept to release with Azure data services and artificial intelligence, from image recognition to bot services.
Learn about intelligent apps
Trusted
Join startups, governments, and 90 percent of Fortune 500s that trust the Microsoft Cloud for security, privacy, transparency, and the most compliance coverage of any cloud provider.
Getting started with Azure – Part 1 | TechMeet360BizTalk360
As an initiative by TechMeet360, the Tech Community of BizTalk360, we are conducting an Azure Meetup series. In the first part of the series, Microsoft Azure MVP @Kuppurasu Nagaraj gives a detailed look at getting started with Microsoft Azure Cloud Computing and Azure App Services.
Microsoft Azure is an ever-expanding set of cloud services to help your organization meet your business challenges. It’s the freedom to build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks.
Productive
Reduce time to market, by delivering features faster with over 100 end-to-end services.
Hybrid
Develop and deploy where you want, with the only consistent hybrid cloud on the market. Extend Azure on-premises with Azure Stack.
Intelligent
Create intelligent apps using powerful data and artificial intelligence services.
Trusted
Join startups, governments, and 90 percent of Fortune 500 businesses who run on the Microsoft Cloud today.
In early 2019, Microsoft created the AZ-900 Microsoft Azure Fundamentals certification. This is a certification for all individuals, IT or non IT background, who want to further their careers and learn how to navigate the Azure cloud platform.
Learn about AZ-900 exam concepts and how to prepare and pass the exam
Windows Azure Active Directory: Identity Management in the CloudChris Dufour
Windows Azure Active Directory provides easy-to-use, multi-tenant identity management services for applications running in the cloud and on any device and any platform. Originally created to support Office 365 it is now available as an Azure service. On November 28th, 2012 Microsoft shared that Windows Azure Active Directory (AD) has processed 200 BILLION authentications.
“At Microsoft, we have been on a transformative journey to cloud computing and we have been working with customers every step of the way. Millions of customers have embraced the cloud and we are excited to share the news that we’ve reached a major milestone in cloud scale computing. Since the inception of the authentication service on the Windows Azure platform in 2010, we have now processed 200 BILLION authentications for 50 MILLION active user accounts. In an average week we receive 4.7 BILLION authentication requests for users in over 420 THOUSAND different domains. This is a massive workload when you consider others in the industry are attempting to process 7B logins per year, Azure processes close to that amount in a week.
These numbers sound big right? They are. To put it into perspective, in the 2 minutes it takes to brew yourself a single cup of coffee, Windows Azure Active Directory (AD) has already processed just over 1 MILLION authentications from many different devices and users around the world. Not only are we processing a huge number of authentications but we’re doing it really fast! We respond to 9,000 requests per second and in the U.S. the average authentication takes less than 0.7 seconds. That’s faster than you can get your coffee from your cup and into your mouth! (Do not attempt this at home :-))!”
In this session we will take a tour of Windows Azure Active Directory to learn about its capabilities, interfaces and supported scenarios, and understand how you can take advantage of the features in your application.
What is Microsoft Azure used for?-Microsoft azure Zabeel Institute
Microsoft Azure, commonly described as Azure, is a cloud computing solution created by Microsoft for building, screening, deploying, and taking care of applications and services through Microsoft-managed data centers.
Adelaide Global Azure Bootcamp 2018 - Azure 101Balabiju
A one day session that covers all the foundation of Azure services.
Microsoft Cloud Overview - IaaS, PaaS and SaaS
• Microsoft Azure Resource Manager (ARM)
• Microsoft Azure Storage
• Microsoft Azure Virtual Machines
• Microsoft Azure Identity
• Microsoft Azure Backup
Spanning cloud services across azure and awsMohamed Wali
With the evolution of cloud computing many companies are migrating their applications and services to the cloud or even build their own cloud native applications, yet they figure out limitations or better solutions in another cloud platform.
Within this session, you will learn how to get the most outta Azure and AWS by spanning your services across them with some scenarios discussing how to integrate these services.
"Microsoft: How to get the most with Cloudera & Microsoft Azure" by Filipe Prezado - Enterprise Architect @Microsoft on the event Cloudera & Big Data Ecosystem
With Azure Arc customers can manage virtual machines, Kubernetes clusters and data services on-premises, at service providers and in other clouds from a single view in Azure using the innovative security, monitoring and policy tools from Azure they appreciate. In this session you will get an introduction to Azure Arc and we will dive deeper into Azure Arc for Kubernetes specifically.
Deep dive into Microsoft Purview Data Loss PreventionDrew Madelung
Are you protecting your data at rest and in transit?
In this session we will go through all the different types of DLP in Microsoft Purview including endpoint, Exchange, Teams, SharePoint, OneDrive, and more. We will discuss the configuration options, why it is important, and the best practices to get started while going through a collection of demos.
You will leave this sessions with a deeper understanding of the technology and how it can impact your employee's experience
GDPR Compliance Made Easy with Data VirtualizationDenodo
Companies should be gearing up for May 25, 2018 when the General Data Protection Regulation (GDPR) comes into effect. GPDR will affect how businesses that serve the European Union collect, use and transfer data, forcing them to provide specific reasons and need for the personal data they gather and prove their compliance with the principles established by the regulation.
The regulation is already creating many challenges for companies, including:
• Ensuring secure access to most current data, whether on or off-premise
• Consistent security across all data sources
• Data access audit
• Ability to provide data lineage
This webinar aims to demonstrate how data virtualization has surfaced as a straight-forward solution to many of the challenges and questions brought on by the GDPR. It will also include a case study of how Asurion already achieved the desired level of security with data virtualization.
Watch the webinar in full to learn more about the benefits of using data virtualization to smoothly comply with the GDPR: http://ow.ly/1kzk30bRw3i
We are living a complete digital transformation where people are not restricted by apps or devices or even location. Work can be done anywhere and on any device which leads to greater security concerns regarding this business data living on mobile devices and shared with external (sometimes not trusted users). Microsoft Unified Labeling protection leverages the power of the cloud and ease of use (a few clicks for implementation) to provide a complete Information Protection solution. Now with the new unified Azure label client, users can administer the labels from one location while being integrated across the whole Microsoft platform. Attendees will learn how to configure Unified labels with real case scenarios.
The GDPR requires organizations — both “data controllers” and “data processors” — to strengthen their data protection and security measures to protect the personally identifiable information (PII) of EU citizens, and to demonstrate their compliance at any time. See how Quest solutions can help make it easier to ensure that your customer on-premises, cloud or hybrid environment meets GDPR compliance requirements.
Microsoft Information Protection: Your Security and Compliance FrameworkAlistair Pugin
Its one thing encrypting and protecting your data from prying eyes but what use is it, if it is not retained or protected against loss. With Microsoft Information Protection, Microsoft provides organisations the ability to:
• Protection content from deletion
• Adhere to compliance standards (GDPR, HIPAA, etc)
• Discover content for litigation
• Manage access to content based on rules
By implementing the correct rules, organisations are able to mitigate risk and remain compliant and at the same time ensure that content is identified, classified, retained and disposed of accordingly.
Andrew Bettany, MVP and cloud technology expert, provides a quick technical overview of how Microsoft 365 and GDPR can work really well together to secure GDPR compliance for your business.
Date: 15th November 2017
Location: AI Lab Theatre
Time: 16:30 - 17:00
Speaker: Elisabeth Olafsdottir / Santiago Castro
Organisation: Microsoft / Keyrus
SureSkills GDPR - Discover the Smart Solution Google
In today’s digital business, information is currency. But is your data really protected and delivering value? How can you gain competitive advantage, while ensuring you stay compliant with the onerous upcoming EU General Data Protection Regulation?
Similar to Microsoft Cloud GDPR Compliance Options (SUGUK) (20)
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Microsoft Cloud GDPR Compliance Options (SUGUK)
1. SUGUK Northwest Region – 07th December 2017
With Andy Talbot
This presentation is intended to provide an overview
of GDPR and is not a definitive statement of the law.
Accelerate GDPR compliance with the Microsoft Cloud
2. Andy Talbot
- Independent Microsoft 365 Consultant
- http://Collab365.Community Live Show Host
- AvePoint Community Influencer
Contact
andy@andy.im | @SharePointAndy
https://linkedin.com/in/andytalbot/
…….....Anything else?
Love’s cats, art, travel, house renovation, tech,
and…….GDPR (of course!)
6. Providing clarity and consistency for the protection
of personal data
Enhanced personal privacy rights
Increased duty for protecting data
Mandatory breach reporting
Significant penalties for non-compliance
The General Data Protection
Regulation (GDPR) imposes new
rules on organizations in the European
Union (EU) and those that offer goods
and services to people in the EU, or that
collect and analyze data tied to EU
residents, no matter where they are
located.
Microsoft believes the GDPR is an important step forward for clarifying and enabling individual privacy rights
7. What are the key changes to address the GDPR?
Personal
privacy
Controls and
notifications
Transparent
policies
IT and training
Organizations will need to:
• Train privacy personnel
& employee
• Audit and update data
policies
• Employ a Data
Protection Officer (if
required)
• Create & manage
compliant vendor
contracts
Organizations will need to:
• Protect personal data
using appropriate security
• Notify authorities of
personal data breaches
• Obtain appropriate
consents for processing
data
• Keep records detailing
data processing
Individuals have the right to:
• Access their personal
data
• Correct errors in their
personal data
• Erase their personal data
• Object to processing of
their personal data
• Export personal data
Organizations are required
to:
• Provide clear notice of
data collection
• Outline processing
purposes and use cases
• Define data retention
and deletion policies
11. • To simplify your path to compliance, Microsoft are committing to
GDPR compliance across their cloud services when enforcement
begins on May 25, 2018.
• They will share their experience in complying with complex
regulations such as the GDPR.
• Together with their partners, they are prepared to help you meet
your policy, people, process, and technology goals on your journey
to GDPR.
12. Microsoft will stand behind you with contractual
commitments for their cloud services that:
• Meet stringent security requirements
• Support customers in managing data subject requests
• Provide documentation that enables customers to
demonstrate compliance for all the other requirements
of the GDPR applicable to processors and more
Microsoft was the first major cloud services provider
to make these commitments to its customers. Their
goal is to simplify compliance for their customers with
both the GDPR and other major regulations.
13.
14. Centralize, Protect, Comply with the Cloud
Centralize processing in a single system, simplifying data management,
governance, classification, and oversight.
Protect data with industry leading encryption and security technology
that’s always up-to-date and assessed by experts.
Utilize services that already comply with complex, internationally-
recognized standards to more easily meet new requirements, such as
facilitating the requests of data subjects.
Maximize your protections
Process all in one place
Streamline your compliance
15. Protect through
the entire lifecycle
Discover data across
systems
Govern access and
processing
• Protect user credentials with
risk-based conditional access
• Safeguard data with built-in
encryption technologies
• Rapidly respond to intrusions
with built-in controls to detect
and respond to data breaches
• Enforce use policies and access
controls across your systems
• Classify data for simplified
compliance
• Easily respond to data requests
and transparency requirements
• Easily discover and catalog
data sources
• Increase visibility with auditing
capabilities
• Identify where personal info
resides across devices, apps
and platforms
0
0
1
1
0
0
1
0
0
1
1
0
0
0
0
1
01
0
0
1
1
0
0
1
0
0
1
1
0
0
20. Identify what personal data you have and
where it resides
Discover1
Govern how personal data is used
and accessed
Manage2
Establish security controls to prevent, detect,
and respond to vulnerabilities & data breaches
Protect3
Keep required documentation, manage data
requests and breach notifications
Report4
22. Microsoft will help you
Discover:
In-scope:
•
•
•
•
•
•
•
•
•
•
Inventory:
•
•
•
•
•
•
•
Microsoft Azure
Microsoft Azure Data Catalog
Enterprise Mobility + Security (EMS)
Microsoft Cloud App Security
Dynamics 365
Audit Data & User Activity
Reporting & Analytics
Office & Office 365
Data Loss Prevention
Advanced Data Governance
Office 365 eDiscovery
SQL Server and Azure SQL Database
SQL Query Language
Windows & Windows Server
Windows Search
Example solutions
1
23. • Current project files
• Current reference docs
What is this?
• Client records
• Employee records
• Previous project files
What you use…
What you need to keep…
Dark Data
24. Where is it? What is it? Who can access it?
?
Who owns it?
Who can read it?
Who can edit it?
File Level Analysis
Content Level Analysis
e.g.
• Redundant, outdated and
trivial (ROT) data
• File types (Music, log files,
etc..)
e.g.
• Sensitive data
• Date Created
• Owner
Can you answer the following in your organisation?
e.g.
• File Shares
• SharePoint
• Office 365
• Yammer
• Skype for
Business
• Exchange
• SQL
WARNING! None Microsoft Applications excluded from the above…..ask me why!
25. Plan for the future
Remove what’s unnecessary
Keep what’s required
Protect what’s important
Establish a way to identify it
Find out what it really is
Reduce Cost.
Increase
Productivity.
$
Users:
Relevant Information
IT Admins:
Easier Maintenance
Compliance Officers:
Lowered Risks
26. 2
Example solutions
Microsoft will help you
Manage:
Data governance:
•
•
•
•
•
•
•
•
Data classification:
•
•
•
•
•
•
•
Microsoft Azure
Azure Active Directory
Azure Information Protection
Azure Role-Based Access Control (RBAC)
Enterprise Mobility + Security (EMS)
Azure Information Protection
Dynamics 365
Security Concepts
Office & Office 365
Advanced Data Governance
Journaling (Exchange Online)
Windows & Windows Server
Microsoft Data Classification Toolkit
27. 3
Example solutions
Microsoft will help you
Protect:
Preventing data
attacks:
•
•
•
•
•
•
•
•
Detecting &
responding to
breaches:
•
•
•
•
•
•
Microsoft Azure
Azure Key Vault
Azure Security Center
Azure Storage Services Encryption
Enterprise Mobility + Security (EMS)
Azure Active Directory Premium
Microsoft Intune
Office & Office 365
Advanced Threat Protection
Threat Intelligence
SQL Server and Azure SQL Database
Transparent data encryption
Always Encrypted
Windows & Windows Server
Windows Defender Advanced Threat Protection
Windows Hello
Device Guard
28. 4
Example solutions
Record-keeping:
•
•
•
•
•
Reporting tools:
•
•
•
•
•
•
Microsoft Trust Center
Service Trust Portal
Microsoft Azure
Azure Auditing & Logging
Azure Data Lake
Azure Monitor
Enterprise Mobility + Security (EMS)
Azure Information Protection
Dynamics 365
Reporting & Analytics
Office & Office 365
Service Assurance
Office 365 Audit Logs
Customer Lockbox
Windows & Windows Server
Windows Defender Advanced Threat Protection
Microsoft will help you
Report:
31. Safeguard customer data in the cloud,
including personal data, with industry-leading
security measures and privacy policies
32. • Integrate Azure search for hosted
applications to locate personal data
across user-defined indexes
• Trace and identify personal data
stored in different data sources
Search &
identify
personal data
Protect data
in the cloud
Control
access
Detect &
Remediate
threats
Classify
data
Record-
keeping
• Securely manage access to your
data, applications and other
resources
• Enforce separation of duties
• Easily determine and assign
relative values to your data
• Employ advanced encryption,
cryptography, and monitoring
• Restore data availability with a
variety of recovery and Geo-
redundant storage options
• Proactively prevent, detect and
respond quickly to threats
• Deliver verifiable transparency
and delivers tamper-resistant
insights with activity log
• Leverage comprehensive
compliance and privacy
documentation for Azure
Discover Manage Protect Report
33. Safeguard customer data in the cloud,
including personal data, with industry-leading
security measures and privacy policies
34. • Create reports that uncover
personal data
• Discover, analyze and visualize
personal data using Power BI
Record-
keeping
• Securely manage access to your
data by roles, applications and
other resources
• Classify data and protect against
accidental disclosure
• Protect data by limiting access
based on user roles
• Restrict access to specific high-
impact fields or records
• Monitor service health and stay-
up-to-date on the latest security
updates
• Explore Microsoft’s comprehensive
documentation on Dynamics 365’s
compliance, security, privacy and
trust offerings
Discover Manage Protect Report
Define access
privileges
Monitor
service status
Control
access
Classify
content
Identify
personal data
35. Secure your IT environment and achieve
compliance with enterprise-grade user and
administrative controls
36. • Utilize eDiscovery to identify
types of personal data
• Easily find, classify, set policies
on and manage data with
Advanced Data Governance
Identify
personal data
Control
access
Safeguard
environment
Set retention
policies
Respond to
threats
Transparency
assurances
Classify
content
Record-
keeping
• Use Advanced eDiscovery to
export and/or delete personal
data from Exchange, SharePoint,
etc.
• Archive and preserve content
across your Office 365 systems
• Automatically protect against
accidental disclosure by
enforcing policy on sensitive
data
• Protect email from today’s
sophisticated malware attacks
with Advanced Threat Protection
• Prevent sensitive records from
being used by unauthorized users
with Data Loss Protection
• Proactively uncover and protect
against advanced threats and
risks with Threat Intelligence and
Advanced Security Management
• Conduct risk assessments using
built-in tools in the Service
Assurance Dashboard
• Track and report on user
activities with detailed Audit
Logs
Discover Manage Protect Report
37. Protect customer data both in the cloud, and
on-premises, with industry-leading security
capabilities
38. • Quickly identify sensitive data
across your environment with
Azure Information Protection
• Discover cloud apps in your
environment
• Gain deeper visibility into user
activity
Identify
personal data
Protect data,
identities,
devices &
apps
Detect
threats &
remediate
Gain rich
logging &
reporting
• Deliver consistent data protection with
Azure Information Protection
• Protect personal data with risk-based
conditional access and Privileged
Identity Management
• Protect data in mobile devices and
mobile apps with Microsoft Intune
• Detect data breaches with behavioral
analytics and anomaly detection
technologies
• Gain rich logging and reporting
to analyze how sensitive data is
distributed
• Monitor activities on shared
data and revoke access in
unexpected events with Azure
Information Protection
Classify &
label data
• Define a classification scheme
for better data manageability
• Use Azure Information
Protection to configure policies
for classifying, labeling and
protecting personal data
Discover Manage Protect Report
39. Protect the data inside your databases with
controls for managing access and
authorization at several levels
40. • Easily query databases to
uncover personal data
• Tag data with sensitivity labels
using Extended Properties
Identify and
track
personal data
Safeguard
data
Respond to
breaches
• Encrypt data whether at rest, in
transit or in client applications
• Track and log database events
to identify potential threats or
security violations
• Use continuously learning
algorithms to identify unusual or
suspicious activity
• Track and report on all database
activities with granularly
configurable auditing
• Securely authenticate to your
database and apply granular
authorization policies
• Restrict access to users using
Dynamic Data Masking and
Row-Level Security
Control
access
Record-
keeping
Discover Manage Protect Report
41. Protect devices with industry-leading
encryption, anti-malware technologies, and
identity and access solutions
42. • Uncover personal data on local
and connected machines
Locate
personal data
Safeguard
environment
Respond to
threats
Record-
keeping
• Move from password to more
secure forms of authentication
• Protect devices with both
detection-based solutions and
secure-by-design techniques
• Prevent data from leaking to
unauthorized documents or
locations
• Easily detect, investigate,
contain and respond to data
breaches on your network
• Audit detailed user and
application actions to meet
reporting auditing requirements
• Utilize sample search expression
and rules to ease compliance
requirements
Meet
compliance
requirements
Discover Manage Protect Report
53. West US
West US 2
38 Cloud regions worldwide (with more planned)
Central US
East US
North Central US
Brazil South
West Europe
Japan East
South India
Southeast
Asia
Australia Southeast
Australia East
Central India
West India
Japan West
East Asia
China West1
North Europe
Germany
Northeast2
Canada East
Canada Central
South Central US
China East1
Germany
Central2
Korea
South3
East US 2
Korea Central3
United Kingdom West
United Kingdom
South
West Central US
US Gov Virginia
US Gov Iowa
US DoD East
US DoD
West
France3
France3
100+ datacenters
One of 3 largest networks in the world
1China datacenters operated by 21 Vianet
2German data trustee services provided by
T-systems
3France, South Korea and US Gov datacenter
regions have been announced but are not
currently operational
Sovereign datacenters
Global datacenters
US Gov Texas3
US Gov Arizona3
54. HIPAA /
HITECH Act
FERPA
GxP
21 CFR Part 11
Singapore
MTCS
UK
G-Cloud
Australia
IRAP/CCSL
FISC Japan
New Zealand
GCIO
China
GB 18030
EU
Model Clauses
ENISA
IAF
Argentina
PDPA
Japan CS
Mark Gold
CDSA
Shared
Assessments
Japan My
Number Act
FACT UK GLBA
Spain
ENS
PCI DSS
Level 1 MARS-E FFIEC
China
TRUCS
Canada
Privacy Laws
MPAA
Privacy
Shield
India
MeitY
Germany IT
Grundschutz
workbook
Spain
DPA
HITRUST IG Toolkit UK
China
DJCP
ITAR
Section 508
VPAT
SP 800-171 FIPS 140-2
High
JAB P-ATO
CJIS
DoD DISA
SRG Level 2
DoD DISA
SRG Level 4
IRS 1075
DoD DISA
SRG Level 5
Moderate
JAB P-ATO
GLOBALUSGOVINDUSTRYREGIONAL
ISO 27001
SOC 1
Type 2ISO 27018
CSA STAR
Self-AssessmentISO 27017
SOC 2
Type 2 SOC 3ISO 22301
CSA STAR
Certification
CSA STAR
AttestationISO 9001
Azure has the deepest and most comprehensive compliance coverage in the industry
55. GET ANSWERS TO COMMON
ENTERPRISE QUESTIONS AT THE
MICROSOFT TRUST CENTER
58. Please provide me with a
copy of, or access to, my
personal data that you
have or are processing!
Please confirm to me whether or not my personal
data is being processed. If it is, please provide me
with the categories of personal data you have about
me in your files and databases.
In particular, please tell me what you know about
me in your information systems, whether or not
contained in databases, and including e-mail,
documents on your networks, or voice or other
media that you may store.
Please provide a list of all third parties with whom
you have (or may have) shared my personal data.
Additionally, I would like to know what safeguards
have been put in place in relation to these third
parties that you have identified in relation to the
transfer of my personal data.
59.
60. There is so much to chose from, but here’s Andy’s top list
61. I recommend at least a weekly check - https://securescore.office.com/
64. GDPR Benchmark Report
Download full report
White Paper
The Operational Impact of the European Union General Data Protection
Regulation (GDPR) on IT
GDPR Blog Series
More ways to learn
AvePoint’s GDPR Solutions
Tools for GDPR compliance
www.avepoint.com/GDPR
DO AvePoint Privacy Impact Assessment System
Our free privacy impact assessment tool exclusively distributed by the
International Association of Privacy Professionals (IAPP)
https://iapp.org/resources/apia/
LEARN
MSFT Field - Please view presenter notes/talk track at: aka.ms/gdprnotes
Dana
File shares still represent a major document repository for many organizations, but the reality is it just does not give the control necessary to meet today’s complex regulatory requirements around data privacy and records management.
As time goes on, more and more data is created and accumulated, and you know less and less about what’s actually living within those file shares.
[CLICK]
There’s the data that are currently being used, and data that you are required to keep.
[CLICK]
Documents being collaborated on for current projects, such as plans, images, proposals, presentations, etc.
Or reference docs like company policies and official forms and templates.
[CLICK]
Most organizations are required to maintain certain files for a specific period of time such as client and employee records, or certain files/contracts from previous engagements.
[CLICK]
But there’s a vast amount of data that simply cannot be accounted for. 4 versions of the same file that Johnny Dogood created as drafts for some task before he left, that no one even realizes exists, let alone what’s within them [or insert your favorite examples/anecdotes].
All of that dark data sitting there, no one really knows what it’s for, who actually owns it, or what type of information it contains…
Where is it?
File Share
SharePoint
Office 365
Database
What is it?
File level analysis
redundant, outdated and trivial (ROT) data
file types (Music, log files, etc..)
Content level analysis
Sensitive data
Date Created
Owner
Who can access it?
Who owns it?
Who can read it?
Who can edit it?
File Analysis, helps you…
Find out what it really is – Start by understanding your data. What’s in it? Is it important?
Establish a way to identify it – Standardize your taxonomy. Set a structure around factors that determine classification.
Protect what’s important – Establish proper SLAs
Keep what’s required – Make sure your record requirements are met
Remove what’s unnecessary – Minimize clutter
Plan for the future – Consider scalability down the line as things like organizational structure change
[CLICK]
This way, users will be able to find what they need quickly and logically
IT Admins will be able to identify types of data and act accordingly
And compliance officers will have visibility into the information within the system and can be sure that updating policies means the data will conform accordingly.
[CLICK]
Ultimately reducing cost and making it easier for everyone to get their jobs done.
Microsoft Azure:
Azure Security Center
Data Encryption in Azure Storage
Azure Key Vault
Log Analytics
Enterprise Mobility + Security (EMS):
Azure Active Directory (Azure AD)
Azure Active Directory Premium
Cloud App Security
Microsoft Cloud App Security
Microsoft Intune
Microsoft Azure Information Protection
Office & Office 365:
Advanced Threat Protection
Threat Intelligence
Advanced Security Management
Office 365 Audit Logs
SQL Server and Azure SQL Database:
Azure SQL Database firewall
SQL Server authentication
Dynamic Data Masking (DDM)
Row-Level Security (RLS)
Transparent Data Encryption
Always Encrypted
Auditing for SQL Database and SQL Server audit
SQL Database Threat Detection
Windows 10 & Windows Server 2016:
Windows Hello
Windows Defender Antivirus
Windows Defender Advanced Threat Protection
Device Guard
Credential Guard
BitLocker Drive Encryption
Windows Information Protection
Shielded Virtual Machines
Just Enough Administration and Just in Time Administration
People – identity, device, apps, data
MSFT Field - Please view associated material at: https://microsoft.sharepoint.com/sites/Infopedia_G01/Pages/OneMicrosoftSecurity.aspx
http://www.reuters.com/article/US-microsoft-privacy-idUSKCN0XB22U
http://blogs.microsoft.com/on-the-issues/2016/07/14/search-warrant-case-important-decision-people-everywhere/#I5UQu7aUGCU56XCV.99
When governments or law enforcement make a lawful request for customer data from Microsoft, we are committed to transparency and limit what we disclose. Because Microsoft believes that customers should control their own data, we will not disclose data hosted in the Microsoft Cloud to a government or law enforcement except as you direct or where required by law.
We do not offer direct access to customer data. Microsoft does not give any third party (including law enforcement, other government entity, or civil litigant) direct or unfettered access to customer data except as you direct. We do not provide any government with our encryption keys or the ability to break our encryption.
We redirect law enforcement and other third-party requests to the customer. When we receive a government or law enforcement request for customer data:
We always attempt to redirect the third party to obtain the requested data from our customer.
We will promptly notify you of any third-party request, and give you a copy unless we are legally prohibited from doing so.
We disclose information only when we are legally compelled to do so for valid requests that we are not able to redirect to the customer, and we always make sure that we provide only the data specified in the legal order.
We are transparent regarding government requests for customer data. The Microsoft Transparency Hub, brings together reports that Microsoft issues regularly on requests for customer data made by law enforcement, as well as government requests related to US national security. These reports include:
Law Enforcement Requests Report discloses the scope and number of requests for access to Microsoft customer data.
U.S. National Security Orders Report documents government requests for customer data through legal orders issued pursuant to the national security laws of the United States.
The number of enterprise cloud customers subjected to law enforcement requests is very small. In the first half of 2016, Microsoft received twenty-eight requests from law enforcement for accounts associated with enterprise cloud customers. In twelve cases, the requests were rejected, withdrawn or law enforcement was successfully redirected to the customer. In sixteen cases Microsoft was compelled to provide responsive information, five of the sixteen cases required the disclosure of some customer content and in the remaining eleven cases we were compelled to disclose non-content information only.
Feb-2017: Azure compliance coverage includes 54 offerings.