Ignore Office 365 Compliance – and Pay a Big Price. It Might be Your Job!
GDPR was launched over one year ago, however most companies are still struggling with compliance. According to a recent study, only 27% of companies are GDPR compliant, and 44% of these companies say one of the primary challenges is managing Subject Access Requests (SARs).
The bottom line is that GDPR is a complex, wide-ranging set of rules most organizations doing business with Europe need to follow. It goes deeper than that. California and others are adopting rules identical to or close to GDPR.
Compliance is a big security and economic issue. There are almost daily incidents of fines occurring due to GDPR and other issues, and IT is not usually able to respond quickly.
While it seems like GDPR is a lot to tackle, with large fines if you fail, you can get started with the help of CoreScan from CoreView. CoreScan addresses the GDPR pain points around searching for PII info when a ‘Subject Matter Request’ is received, helping you to easily find requested information within the set 72 hours.
CoreScan automatically scans, identifiesidentifies, and retrieves all personal information in all documents stored within multiple systems such as File Shares, Office 365, SharePoint, Google Drive, Databases, DropBox, One Drive, CRM, etc. It can be managed locally within an organization and is quite affordable in comparison to other scanning tools claiming to help with GDPR.
A key SAR challenge is gathering all the relevant information, which includes structured and unstructured data. Unfortunately, GDPR does not let you leave information out just because it is hard to get.
GDPR applies to all types of systems, and anywhere personal data resides. Personal data can be stored everywhere in an organization — traditional databases, email, spreadsheets, text documents, PDFs, images – and that is just the beginning. You need processes to pull data from all sources that include personal data – including active and archived information.
There is now a perfect solution to this problem: CoreScan from CoreView.
CoreScan is a low cost solution helping companies comply with GDPR, and avoiding big fines and reputational damage. CoreScan understands sensitive personal data within unstructured documents across multiple IT systems, and automates the management of Subject Access Request’s, Right to be Forgotten deletion and redaction processes.
Thanks to CoreScan, an organization like yours saved almost $700,000, reducing a Subject Access Request response time from 20 days with four employees, to under five minutes with just one employee.
Office 365 Compliance Best Practices
If you are not aligned with what your top peers are saying and doing, it is a sign of security weakness. How does a shop know how well it handles security? Looking at peers shows you have at least done your due diligence. If we have not approached best practices, if we cannot measure ourselves with how others are doing in the industry, then we are likely at a severe deficit. That is a career-limiting move.
The way that CoreView surfaces this information is through our enhanced version of Secure Score, which shows exactly how Office 365 shops are doing against their peers, measuring items such as doing proper configuration management, and applying least privileged access.
Many compliance regulations ask shops to collect data logs for a specified period of time. However, Microsoft gives you only the last 30 days of data logs (now moving to a full year), but just for E5 licenses. So how do you manage this regulatory requirement?
Learn More About Doing GDPR Right
Ace your GDPR compliance test with a personalized CoreScan demo.
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.