Compliance audits are that part of the year when the whole IT department scrambles around checking and rechecking the security perimeters, combing through logs, and updating documents to ensure that not a hair is out of place when the auditor shows up.
Yes, been there, done that!
Having faced many internal and external compliance audits representing my team, I sure know how draining the experience can be. You close all loopholes and keep your fingers crossed that Murphy’s Law takes the day off when the audit happens. Still, it’s quite possible that the auditor spots that chink in your shiny armor that was hiding from you in plain sight!
The chink in question is often a clause or requirement related to data privacy that goes unnoticed. With GDPR coming into effect last May 28, organizations with business interests in EU are now mandated to tackle this, hands-on.
GDPR is a European privacy law focused on the privacy rights of customer data irrespective of the location where it is stored, transmitted, or processed. GDPR raises the bar on how data privacy is managed, especially in public cloud environments. Azure is one of the leading public cloud service providers and Microsoft has come up with clear guidelines and checklists to help customers in their GDPR compliance journey.
In this blog, we will review the different aspects of GDPR, as well as some of the sanity checks that can be followed by customers to ensure their Azure deployments are GDPR-ready.