In certain cases, the GDPR requires that if a data breach occurs, organisations need to rapidly notify regulators. In some cases, organisations will also need to notify the affected data subjects. In order to meet this requirement, organisations will benefit from being able to monitor for and detect system intrusions.<\/p>\n
For incidents where we hold some or all of the responsibility to respond, we have established detailed Security Incident Response Management processes such as outlined for Azure<\/a> and Office 365<\/a>.<\/p>\n In addition, we outline how we work collaboratively with our customers under a Shared Responsibility Model outlined in the Shared Responsibilities in Cloud Computing<\/a> white paper.<\/p>\n Once you have detected a potential breach, we recommend, and use for our own incident response program, a four-step process:<\/p>\n Azure <\/strong><\/p>\n Protecting personal data in your systems and reporting on and reviewing for compliance are key requirements of the GDPR. The following Azure services and tools will help you meet these GDPR obligations:<\/p>\n Additionally, Security Center provides prioritised security alerts that give you insights into the attack campaign, including related events and impacted resources.<\/p>\n Read more: Download the white paper on how Microsoft Azure can help your organisation become compliant with the GDPR<\/a><\/p>\n Dynamics 365 <\/strong><\/p>\n We regularly maintain and update Dynamics 365 (online) to ensure security, performance and availability, and to provide new features and functionality. From time to time, we also respond to service incidents. For each of these activities, the Dynamics 365 administrator for your organisation receives email notifications. During a service incident, a Dynamics 365 (online) customer service representative may also call and follow up with an email. See the full details of our policies and communications for Dynamics 365<\/a> on TechNet.<\/p>\n Enterprise Mobility +Security (EMS) <\/strong><\/p>\n Our comprehensive threat intelligence uses cutting-edge behavioural analytics and anomaly detection technologies to uncover suspicious activity and pinpoint threats\u2014both on-premises\u00a0and in the cloud. That includes known malicious attacks (such as Pass the Hash, Pass the Ticket) and security vulnerabilities in your system. You can take immediate action against detected attacks and streamline recovery with powerful support. Our threat intelligence is enhanced with the Microsoft Intelligent Security Graph, driven by a vast number of datasets and machine learning in the cloud:<\/p>\n Read more: Download the white paper on supporting your EU GDPR compliance journey with Microsoft EMS<\/a><\/p>\n Office and Office 365 <\/strong><\/p>\n Office 365 features several capabilities that help you identify and respond when a data breach occurs:<\/p>\n SQL Server and Azure SQL Database <\/strong><\/p>\n SQL Server and SQL Database provide a powerful set of built-in capabilities that identify when a data breach occurs:<\/p>\n Read more: Download the white paper on enhancing privacy and addressing GDPR requirements with the Microsoft SQL platform<\/a><\/p>\n Windows and Windows Server <\/strong><\/p>\n Windows Defender Advanced Threat Protection (ATP) <\/a>enables your security operations teams to detect, investigate, contain and respond to data breaches on your network. With Windows Defender ATP, you gain advanced breach detection, investigation and response capabilities across all your endpoints with up to 6 months of historical data, even when endpoints are offline, outside of the network domain, have been reimaged, or no longer exist. Windows Defender ATP helps you fulfill a key requirement of the GDPR, which is having clear procedures for detecting, investigating and reporting data breaches.<\/p>\n Next step: Report<\/a> Start by protecting your data, ready for the GDPR. Establish security controls to detect and respond to data breaches quickly and efficiently. <\/p>\n","protected":false},"author":223,"featured_media":1208,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ep_exclude_from_search":false,"_classifai_error":"","footnotes":""},"categories":[1,141,142,143,144,145],"post_tag":[],"content-type":[],"coauthors":[24],"class_list":["post-461","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cross-industry","category-financial-services","category-government","category-health","category-manufacturing","category-retail"],"yoast_head":"\n\n
\n
\n
\n
\n
\n
\n
\nFind out more about Securing your Data<\/a>
\nFind out more about Safeguarding your Infrastructure<\/a>
\nFind out more at a GDPR Cloud workshop<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"