Data security and regulatory compliance are hot topics these days, due in no small part to the European Union's General Data Protection Regulation (GDPR) going into effect on May 25. Helping its cloud customers better adapt to the tough new data privacy provisions in the law, Microsoft announced the general availability of a handful of new compliance tools.
First is the Azure Data Subject Request (DSR) portal, allowing businesses to "respond to requests to access, rectify, delete, and export personal data in the cloud," stated Tom Keane, head of global infrastructure at Microsoft Azure, in a May 25 announcement. "In addition, Azure enables customers to access system-generated logs as a part of Azure services."
Under GDPR, organizations that conduct business in the EU market or collect data on EU residents must comply with the regulation and its many mandates, even if they are headquartered elsewhere. Those mandates include a "right of access by the data subject," where companies must furnish users, or data subjects, with a copy of their personal data upon request. Data subjects also have a "right to erasure," or the "right to be forgotten" as it is often called, requiring businesses to purge their systems of a user's personal data when asked.
Enabling businesses to set policies that improve GDPR compliance, Microsoft also officially launched Azure Policy, a free tool that allows businesses to implement data management policies for a variety of scenarios and regulatory regimes. Users can ensure that their cloud data is restricted to a certain region or is encrypted, offered Keane as examples.
The Compliance Manager GDPR dashboard, another free tool for Azure customers, is generally available as well. Businesses can use the interface to assign, track and document compliance tasks, allowing teams to coordinate their efforts and aiding in the creation of audit reports, according to the company.
On the cloud storage front, a new integration between two major Azure services can help the software maker's cloud customers place tighter controls on access to sensitive information.
Azure Storage now supports Azure Active Directory authentication in Blobs and Queues as part of a beta release of the new integration. Azure Storage Blobs are Microsoft's take on object storage, while the company's Azure Queue Storage provides large cloud workloads with message queuing functionality.
Lavanya Kasarabada, a senior program manager at Microsoft Azure Storage, called the new capability "one of the features most requested by enterprise customers looking to simplify how they control access to their data as part of their security or compliance needs," in a blog post. Organizations can now grant specific permission to applications, groups or users to individual blob containers or queues, she added.
Microsoft isn't the only technology giant grappling with GDPR.
Google announced on May 11 that its cloud services fully comply with the regulation. Google introduced a new data export feature for its G Suite and Google Cloud Identity services that helps satisfy GDPR's data portability requirement, among other new capabilities.
Cloud market leader Amazon Web Services (AWS) made a similar announcement on March 26. "This announcement confirms we have completed the entirety of our GDPR service readiness audit, validating that all generally available services and features adhere to the high privacy bar and data protection standards required of data processors by the GDPR," stated Chad Woolf, vice president of AWS Security Assurance.