Compliance with the GDPR
Identifying what data you have and controlling who has access to it is a critical requirement of the RGPD, so Microsoft Azure ensures that it can manage the identities of its users, credentials, as well as control access to data in different ways:
AZURE ACTIVE DIRECTORY (AZURE AD)
It helps ensure that only authorized users can access applications, data and desktops. It has tools such as Multi-Factor Authentication, which allows for secure authentication. Azure AD Privileged Identity Management allows you to reduce risk by assigning privileges through access control, management and reporting.
AZURE INFORMATION PROTECTION
It helps ensure your data is identifiable and secure, no matter where it’s stored or how it’s shared. Lets you classify, tag and protect new or existing data, securely share it with people inside or outside your organization, control usage and even revoke access remotely. Azure Information Protection generates a log report to monitor data distribution and options to manage and control encryption keys.
And because the protection of personal data in its computer system, as well as compliance requirements are fundamental requirements of the RGPD, Azure is equipped with several tools that allow it to fulfill these obligations:
AZURE SECURITY CENTER
Provides visibility and control over the security of Azure resources. Azure Security Center’s built-in advanced analytics helps you identify system attacks that could otherwise go unnoticed.
DATA ENCRYPTION DO AZURE STORAGE
Automatically encrypt data when it is written. With Azure Disk Encryption you can encrypt operating systems and data disks used by virtual machines. It is possible, for example, to automatically encrypt data when it is written to Azure Storage. Data is protected even during the transition of an app and Azure, remaining secure at all times.
AZURE KEY VAULT
Allows you to protect the encryption keys, certificates and passwords that protect your data. Through hardware security modules (HSMs), the Key Volt is designed to give you control over the keys, including the guarantee that Microsoft doesn’t access them.
It helps you identify and repair security breaches to prevent system breaches. It allows you to analyze data generated in the cloud or other on-premises environments, providing real-time insights from custom dashboards, to analyze thousands of records across all workstations and servers, regardless of their physical location.