General Data Protection Regulation (GDPR) with Microsoft (GDPRMS)
The General Data Protection Regulation (GDPR) strengthens the right of individuals in the European Union (EU) to control their personal data and requires organizations to bolster their privacy and data protection measures. It applies to organizations established in the EU as well as organizations, wherever they are located, that offer goods and services to the EU or monitor the behaviour of individuals in the EU. Enforcement of the regulation begins May 25, 2018.
GDPR legislatively embodies the well-recognised privacy principles of transparency, fairness, and accountability and attempts to introduce a risk-based approach that enables innovation and participation in the global digital economy while respecting individual rights.
This one-day course will provide a good understanding of the new regulation, the changes it will bring and the potential impact it will have for your customer’s organisation. It will also examine the Microsoft products and solutions to help provide customers with the key technology building blocks to address the challenges they face in dealing with this regulation.
To provide the foundation knowledge to help become GDPR compliant by explaining the legal basis for processing, consent, privacy notices, control of personal data, mandatory breach reporting, complaints and penalties.
- What does GDPR change mean & why
- Who & what does the GDPR apply to
- GDPR principles considered: -
- Right to be forgotten (RTBF) and servicing a person's data access request
- Data protection by design and by default and defining what "state of the art" means
- Data breach notification rules
- Encryption and/or pseudonymization of data
- Data minimization principle, defining data use cases and managing consent
- Data transfers to countries outside of the EU
- Data portability
- Appointing a data protection officer (DPO)
- What accountability & governance your customers need to apply
- How to position GDPR compliance as risk mitigation
Conduct an online Microsoft GDPR Assessment to review the key questions to ask to help identify technologies and steps that can be implemented to simplify their GDPR compliance efforts. We will then review the Microsoft recommendation that organizations begin their journey to GDPR compliance by focusing on four key steps:
- 1. Discover—identify what personal data is being managed and where it resides.
- 2. Manage—govern how personal data is used and accessed.
- 3. Protect—establish security controls to prevent, detect, and respond to vulnerabilities and data breaches.
- 4. Report—keep required documentation, manage data requests, and provide breach notifications
To help customers mitigate risk and also embrace the opportunities that come with GDPR compliance, we will outline the key relevant Microsoft products and solutions across the four key steps of the GDPR journey; including how Microsoft Enterprise Mobility and Security (EMS) is designed to provide a holistic solution set to help apply the latest mobility and cloud innovations: -
- Azure Information Protection - provides persistent data classification and protection; and allows secure sharing of data within or outside of your organization, including the option to monitor activities on shared data and responding in case of unexpected events.
- Azure Active Directory Premium - delivers multi-factor authentication; access control based on device health, user location; and, holistic security reports, audits, and alerts.
- Microsoft Intune - makes it easier to secure and manage iOS, Android, and Windows PCs all from one console. Deep integration with Office 365 helps keep company data secure in the Office mobile apps.
- Microsoft Cloud App Security - provides deep visibility and control of data inside cloud applications, and threat protection.
- Microsoft Advanced Threat Analytics - helps protect against advanced persistent threats and malicious attacks using machine learning, behavioral analytics, and deterministic detections.
We will also briefly examine how Microsoft SQL customers will need to ensure that qualifying data in their database systems is aptly handled and protected according to GDPR principles.
Comprehension review and Call To Action
Currently there are no training dates scheduled for this course. Request a date