1. Governance and compliance implementation
In this video, we'll learn how Azure assists in governance and compliance implementation.
2. Service Trust Portal
When using Azure Cloud, Microsoft, as the cloud provider, is also responsible for ensuring our data can safely be stored in the cloud.
The Service Trust Portal serves as a repository where Microsoft details its security, privacy, and compliance practices.
In addition to documenting Microsoft's own controls and processes for data protection and privacy, the Service Trust Portal provides resources and documentation for us to manage compliance and data security.
This includes documentation on specific certifications like ISO (International Organization for Standardization) and GDPR (General Data Protection Regulation).
3. Microsoft Purview
Microsoft Purview is a comprehensive data management service for Azure and other Microsoft products.
It combines what was previously Azure Purview and Microsoft 365 Compliance.
The purpose of this platform is to assist you with managing data assets, specifically data security, data governance, and data risk and compliance.
We'll discuss some specific use cases on the following slide.
4. Microsoft Purview use cases
Microsoft Purview has specific features to help you with common data governance tasks.
The Data Catalog allows you to keep a centralized overview of all data assets and their metadata.
The Data Map provides a visual representation of data flows through systems and applications, allowing you to track data origins and destinations.
Microsoft Purview also assists with data labeling, classification, and metadata enrichment.
Finally, it also supports secure data transfer and sharing with other Azure users.
5. Microsoft Purview: Compliance Manager
In addition to data asset management, Microsoft Purview also offers a tool for assessing compliance of data assets with specific regulations and standards: Compliance Manager.
The Compliance Manager shows a dashboard reviewing the current compliance status of all data assets and uses a scoring system to summarize overall compliance.
To improve the score and thus compliance, the Compliance Manager automatically generates specific recommendations.
6. Example use case: using the Service Trust Portal
Suppose you are responsible for personal customer data. In line with the GDPR, you need to know how to handle data subject requests. This is the right to have personal data reviewed, corrected, or deleted.
You can use the Service Trust Portal to look up the specific rules and guidelines with respect to DSRs in the GDPR.
In addition, you can also find guidance on how to handle such requests, specifically in Azure.
7. Let's practice!
Let's put your knowledge to the test!