Organizations are increasing their focus on data privacy to address a rapidly changing environment. The growth of multicloud environments, plus an enormous increase in remote users, is making it harder for organizations to meet their compliance obligations, according to a survey by Enterprise Strategy Group.1
The research shows that sensitive data in public clouds is expected to nearly double in the next 24 months from 37% to 61%, as most organizations expect more data to be classified as sensitive. The primary cause of data loss is attributed to people, including human error and unintentional actions—all of which have been heightened by remote work policies. More than 35% of respondents to the ESG survey said data exposure from remote users is the top contributor to their organization’s public-cloud-related data loss.
Data privacy challenges are exacerbated by a more stringent regulatory environment as well, exemplified by the European Union’s General Data Protection Regulation (GDPR), which impacts people around the world and sets a high bar for organizations to manage data privacy and maintain data protection.
Business leaders focused on data privacy—CISOs, chief compliance officers, risk management teams, and others—recognize the need to understand and define their privacy posture in order to find, access, control, and protect personal data across the organization.
Getting privacy under control and building a privacy-resilient workplace is a competitive advantage for Microsoft 365 customers because of the availability of privacy protection solutions in the Microsoft Priva portfolio, such as Priva Privacy Risk Management. Priva solutions help organizations proactively identify and protect against privacy risks, gain visibility into the storage and movement of personal data, empower users to effectively manage data and manage subject rights requests at scale. Here are four key steps organizations can take to build a privacy-resilient workplace:
- Find and Visualize Personal Data
Understanding your privacy posture starts with understanding where personal data is stored, where it lives across the services you use and the conditions under which it is managed. Your solution should discover personal data automatically and provide analytics and insights to help identify privacy issues and associated risks. - Manage Privacy Risks at Scale
Look for a solution that incorporates tools to detect risks, establish policies and processes for remediation, and directly notify users about issues and recommended actions to take. Priva Privacy Risk Management supports the establishment of ongoing policies tailored to overexposed personal data, data transfers, and data minimization. - Efficiently Fulfill Personal Data Requests
Finding relevant data can be a formidable task, especially for companies that store large amounts of unstructured information. Another solution in the Priva portfolio, Priva Subject Rights Requests, gives you the ability to automate data subject rights fulfillment with easy access to relevant data and customizable workflows. - Integrate Data Privacy, Data Protection and Compliance
One of the benefits of working with Microsoft is the ability to leverage a portfolio of integrated solutions. Priva can work in conjunction with Microsoft Purview Compliance Manager, which offers data protection and privacy assessment templates that correspond to compliance and industry standards around the world. Priva evaluates data stored in business-critical Microsoft 365 services, specifically Exchange Online, SharePoint Online, OneDrive for Business, and Microsoft Teams.
Taking the Next Step
Managing the complexity of data privacy can be a challenging endeavor that relies heavily on manual process. With tools to automate how they find personal data and manage privacy risks in Microsoft 365 environments, organizations can limit their exposure and enhance their ability to meet compliance requirements worldwide. For more information on how your organization can build a more privacy-resilient workplace, please review the features and capabilities of Microsoft Priva.
1 “ESG Research Report: The State of Data Privacy and Compliance,” Enterprise Strategy Group, March 18, 2022
