fbpx

ALL ABOUT MICROSOFT GDPR STRATEGIES (…WITH NAV SUPPORT)

“ALL ABOUT” MICROSOFT GDPR STRATEGIES (…WITH NAV SUPPORT)

Hi guys,

the deadline is approaching … it lacks a little … and today we can also talk about NAV (only NAV was missing and expected..).. in this post i want to summary all the GDPR strategies of Microsoft published to date.

GDPR with NAV WHITEPAPER IS READY !!

Today the long-awaited WHITEPAPER for NAV has been published … (about 600 people have asked me about this document) … and so now that it’s out, good reading to everyone!

Summary of publications by Topics

  • ABOUT GDPR
  • GDPR on PARTNER NETWORK
  • GDPR for AZURE
  • GDPR for SQL SERVER
  • GDPR for OFFICE 365
  • GDPR for CLOUD
  • GDPR ASSESMENTS PAGES
  • GDPR COMPLIANCE MANAGER
  • GDPR for NAV

 

ABOUT GDPR

“May 25, 2018: a new era begins for data privacy”

“On this date in a little less than a year, the new European Union (EU) data protection law will be implemented, replacing the old Data Protection Directive, which has been in effect since 1995. The new law, known as the General Data Protection Regulation (GDPR), gives individuals greater control over their personal data and imposes many new obligations on organizations that collect, handle, or analyze personal data.”

 

 

https://ec.europa.eu/info/law/law-topic/data-protection_en

 

GDPR ON PARTNER NETWORK

A lot of questions are available on Microsoft partner network

https://partner.microsoft.com/it-it/marketing/details/gdpr

Source https://azure.microsoft.com/it-it/blog/gdpr-questions-azure-has-answers/

 

GDPR FOR AZURE

Please have a look at our white paper How Microsoft Azure Can Help Organizations Become Compliant with the EU General Data Protection Regulation to gain an understanding of how your organization can use currently available features in Azure to optimize your preparation for GDPR compliance. We are here to help you with your compliance efforts in the face of the coming EU law.

https://robertostefanettinavblog.com/2017/10/07/gdpr-and-azure-a-new-era-for-data-privacy/

Azure SQL and Information Protection (GDPR)

SQL Information Protection (SQL IP) introduces a set of advanced services and new SQL capabilities, forming a new information protection paradigm in SQL aimed at protecting the data, not just the database:

More details on using SQL Information Protection can be found in:

· Azure SQL Database: Getting Started Data Discovery & Classification

· SQL Server (on-prem): Getting Started with Data Discovery & Classification

https://demiliani.com/2018/02/21/azure-sql-and-information-protection-gdpr/

 

GDPR FOR SQL SERVER

Free ebook “Meet the new General Data Protection Regulation (GDPR) requirements with Microsoft SQL Server”

https://info.microsoft.com/sql-server-gdpr-ebook-registration.html?wt.mc_id=AID670838_QSG_PD_SCL_227916_D

 

GDPR FOR SQL OFFICE 365

Microsoft ha riunito Office 365, Windows 10 ed Enterprise Mobility + Security in un’unica soluzione sempre aggiornata, ovvero Microsoft 365, che alleggerisce le organizzazioni da gran parte dei costi e della complessità tipici di sistemi multipli e frammentati, non necessariamente progettati per essere conformi agli standard correnti

Leggi questo white paper per un’esplorazione approfondita di:

  • GDPR e le sue implicazioni per le organizzazioni.
  • Modo in cui le funzionalità di Microsoft 365 Enterprise possono aiutare la tua organizzazione ad accostarsi alla conformità al GDPR e ad accelerare il percorso di adeguamento.
  • Che cosa puoi fare per iniziare subito.

https://resources.office.com/ww-landing-M365EGDPR-accelerate-your-GDPR-compliance-whitepaper.html?LCID=it&wt.mc_id=AID670838_QSG_PD_SCL_227856_A

 

GDPR FOR CLOUD

The new General Data Protection Regulation (GDPR) is the most significant change to European Union (EU) privacy law in two decades. The GDPR requires that organizations respect and protect personal data – no matter where it is sent, processed or stored. Complying with the GDPR will not be easy. To simplify your path to compliance, Microsoft is committing to be GDPR compliant across our cloud services when enforcement begins on May 25, 2018.

GDPR is part of our holistic cloud compliance investments

We are committed to our principles of cloud trust – across security, privacy, transparency and compliance. We have a broad portfolio of cloud services that address the rigorous security and privacy demands of our customers, who comprise over 90 percent of Fortune 500 companies. As the GDPR enforcement begins, here is what else you can expect from us:

https://blogs.microsoft.com/on-the-issues/2017/02/15/get-gdpr-compliant-with-the-microsoft-cloud/

 

GDPR ASSESMENTS PAGES (TRUSTED CENTER)

GDPR https://www.microsoft.com/it-it/trustcenter/privacy/GDPR

GDPR GENERAL https://www.gdprbenchmark.com/IT/

https://www.gdprbenchmark.com/it/?wt.mc_id=aid655379_qsg_191696_c

GDPR ASSESMENTS https://www.gdprbenchmark.com/it/questions

GDPR – Compliance Manager Preview is now available !

*Compliance Manager is a dashboard that provides a summary of your data protection and compliance stature and recommendations to improve data protection and compliance. This is a recommendation, it is up to you to evaluate its effectiveness in your regulatory environment prior to implementation. Recommendations from Compliance Manager should not be interpreted as a guarantee of compliance.”

LINKS – COMPLIANCE MANAGER

https://servicetrust.microsoft.com/

https://servicetrust.microsoft.com/ComplianceManager

 

GDPR FOR NAV

“To start I would like to emphasize that all versions in mainstream support will get GDPR related features (This means NAV 2015 and up).

NAV GDPR WHITEPAPER IS READY!

https://blogs.msdn.microsoft.com/nav/2018/03/07/get-gdpr-compliant-with-dynamics-nav/

As mentioned in an earlier blog post, Microsoft is dedicated to helping our partners and customers meet the requirements of the GDPR. By May 2018, Dynamics NAV 2018, Dynamics NAV 2017, Dynamics NAV 2016, and Dynamcis NAV 2015 will be updated with tools to help you get GDPR compliant. The March cumulative updates have just been made available and provide the first round of updates for you. We have prepared a Dynamics NAV whitepaper that will help you prepare for compliance. Get it here.

The following links provide additional information and will be updated over time:

DOWNLOAD NAV GDPR WHITEPAPER HERE

https://servicetrust.microsoft.com/ViewPage/TrustDocuments?command=Download&downloadType=Document&downloadId=cc632c1c-15b7-42d1-879f-487f9592ee53&docTab=6d000410-c9e9-11e7-9a91-892aae8839ad_FAQ_and_White_Papers

Other Tools for NAV
I started to look at some tools for the old versions of NAV, for now i found this:

NAV GDPR Toolset

http://navgdpr.com.gridhosted.co.uk/wordpress/

http://navgdpr.com.gridhosted.co.uk/wordpress/navgdpr-toolset/

CLASSIFYING DATA IN NAV (FIRST STEP..)

https://blogs.msdn.microsoft.com/nav/2018/03/08/classifying-data-in-dynamics-nav/

 

NAV GDPR “OPEN ISSUES”…..

And what’s next ?

Data Classification is only the basic requirement in order to define your product to be totally GDPR-compliant. What we need right now in NAV?

One of the key aims of the GDPR is to empower individuals and give them control over their personal data. For having a good GDPR-compliance, we need to have features to satisfy at least these GDPR articles and topics:

  • Personal / sensitive data discovery
  • The right to be informed (Articles 12, 13, 14)
  • The right of access (Article 15)
  • The right to rectification (Article 16)
  • The right to erasure (Article 17)
  • The right to restrict processing (Articles 18, 19)
  • The right to data portability (Article 20)
  • Data encryption and destruction (automated)
  • GDPR activities logging

What to do in practice? What should the NAV Product Team do? 

  1. Data Classification (done)
  2. Providing GDPR-related entity management (like Data Protection Officer card, Administrators or other controllers identification).
  3. Providing a quick way to retrieve sensitive data in the entire database (for example, if your old contact asks you to retrieve all his sensitive data you have in your system, you need to have a quick way to retrieve them).
  4. Providing a quick way to rectify sensitive data (for example, change of a contact data: you need to change this data in the entire database and documents).
  5. Providing a quick and automated way to mask or delete sensitive data (if your old contact asks you to immediately delete all his sensitive data in your database, you need to remove them or cypher them).
  6. Provide a way to export all sensitive data of an individual in a standard format (CSV or XML) for data portability.
  7. Providing a centralized way where launching all these GDPR tasks, log them, log GDPR incoming requests and action performed on the database.

We’ll have something similar before the May 25? Or we’ll have to develop all by ourself ? …..we are waiting answers directly from Microsoft about these topics ! Let you know ASAP !

 

MY OLD GDPR POSTS

GDPR and Azure, a new era for data privacy

https://robertostefanettinavblog.com/2017/10/07/gdpr-and-azure-a-new-era-for-data-privacy/

Microsoft Dynamics 365 and GDPR

https://docs.microsoft.com/en-us/dynamics365/get-started/gdpr/index?branch=gdpr-hub

COMPLIANCE MANAGER is AVAILABLE

https://robertostefanettinavblog.com/2018/02/17/compliance-manager-preview-is-now-available-gdpr/

Have a nice GDPR Time!

One thought on “ALL ABOUT MICROSOFT GDPR STRATEGIES (…WITH NAV SUPPORT)

Leave a Reply

Your email address will not be published. Required fields are marked *

15 + 6 =

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Enjoy this blog? Please spread the word :)

%d bloggers like this: