Microsoft Boosts GDPR Compliance, Storage Security in the Cloud

Data security and regulatory compliance are hot topics these days, due in no small part to the European Union's General Data Protection Regulation (GDPR) going into effect on May 25. Helping its cloud customers better adapt to the tough new data privacy provisions in the law, Microsoft announced the general availability of a handful of new compliance tools. First is the Azure Data Subject Request (DSR) portal, allowing businesses to "respond to requests to access, rectify, delete, and export personal data in the cloud," stated Tom Keane, head of global infrastructure at Microsoft Azure, in a May 25 announcement. "In addition, Azure enables customers to access system-generated logs as a part of Azure services." Under GDPR, organizations that conduct business in the EU market or collect data on EU residents must comply with the regulation and its many mandates, even if they are headquartered elsewhere. Those mandates include a "right of access by the data subject," where companies must furnish users, or data subjects, with a copy of their personal data upon request. Data subjects also have a "right to erasure," or the "right to be forgotten" as it is often called, requiring businesses to purge their systems of a user's personal data when asked.