Microsoft

Still Playing Whack-A-Mole With Cloud Compliance? How to Simplify With Microsoft

Antonio MaioJez HaismanJonathan Trillos
November 29, 2021
4 min read

It’s a challenging landscape out there in the world of compliance. Regulatory changes, data privacy concerns and evolving trends like the hybrid workplace are requiring companies to increase their focus on compliance, in all forms. Huge fines and potential brand damage from data breaches or the discovery of non-compliance by regulators can be crippling. Yet we see organizations continuing to struggle with how to deal with these compliance challenges most effectively.

We have traditionally seen a lack of rigor around how organizations protect their data and, as we close out 2021, there is still more work to be done. Businesses often turn to technology to help maintain compliance, hoping to move from living in a state of reaction and trying to respond to the next issue. Additionally, we see a lack of collaboration across organizations as internal teams continue to silo their risk management awareness. Compliance and privacy teams may know the regulations but are not experts in IT solutions to meet the evolving requirements. It can be a constant game of whack-a-mole trying to keep up with regulatory changes. But the good news is, if risk is managed well within an organization, compliance is a natural outcome.

How Microsoft Compliance Manager can help manage compliance in the cloud

In a recent webinar, we asked our audience how they are currently tracking their company’s compliance posture. While over half are using a third-party tool or an outsourced provider, a third are still using spreadsheets to track this critical objective, while seven percent were not tracking at all. This helps illustrate a point we strongly believe: the time is right to move to a single tool, which can easily be managed in-house to maintain security, data and regulatory compliance. Organizations invest a considerable amount of money moving to the cloud. We want to make sure that each client we work with is using the right tools to get the return on investment expected.

Enter Microsoft Compliance Manager. Compliance Manager is a Microsoft platform that helps organizations meet complex regulatory compliance obligations, including ISO 27001, ISO 27018, CCPA, GDPR, Gramm-Leach-Bliley, HIPAA, NIST 800-53, PCI-DSS, PIPEDA, Sarbanes-Oxley and others. In addition to out-of-the-box functionality, our solutions use the extensibility of Microsoft Compliance Manager to enable input and compliance monitoring of non-Microsoft assets, such as custom End User Developed Applications (EUDAs), for a full view of the client environment.

Most organizations already have basic Microsoft tools in place, but even those that do not will find that adding this security suite of products provides enhanced visibility into the security, risk, data privacy and ongoing compliance landscape of any organization. The solution offers intuitive management, scalable assessments and built-in automation that allows companies to quickly ramp up and continually track progress as their compliance journey evolves and grows.

Shared responsibility model

 

During that recent webinar, we also asked the audience which technology risk areas their organization needs visibility into. It was not surprising to see that they ranked these areas almost equally:

  • Cloud adoption and usage
  • Data protection
  • Third-party risk management
  • Privacy regulations

Taking the first steps can be daunting and as a result, we often hear clients ask: where do we start? Yes, the landscape of Microsoft compliance tools is vast and knowing where to start can be a challenge. Microsoft Compliance Manager provides a place to start the compliance journey.

We encourage our clients to build a risk and compliance culture of trust, where all compliance teams are connected, share insights and partner with business leaders to design effective standards and controls to prevent, detect and remediate compliance issues. Microsoft Compliance Manager supports and simplifies that effort.

This shared responsibility model is highlighted within Compliance Manager, so that auditors can easily see how the organization ensures it has the right level of controls. Compliance Manager also provides extensibility so that companies can:

  • Create or extend premium templates to assess a wide variety of assets and/or systems
  • Customize compliance requirements
  • Track organization-specific controls sets such as Sarbanes-Oxley, IT general controls, etc.

Next steps in the compliance journey

It’s true that compliance is more complex than ever before and is likely to continue on that trajectory for years to come. At Protiviti, our mission is to help clients not only succeed with their compliance efforts, but to excel. We are excited about the technology Microsoft Compliance Manager offers to help organizations deliver the right processes and people dedicated to minimizing risk and becoming the gold standard in compliance efforts.

Interested in learning more about how Compliance Manager can help solve risk and compliance challenges? Consider a compliance quick-start session, which will provide recommendations for deployment.

To learn more about our Microsoft compliance solutions, contact us.

Antonio Maio

Managing Director
Technology Consulting - Microsoft

View all posts

Jez Haisman

Director
Technology Consulting - Protiviti UK

View all posts

Jonathan Trillos

Associate Director
Security and Privacy

View all posts

You may also like

Subscribe to Topics

Protiviti Technology Follow

Protiviti leverages emerging technologies to innovate, while helping organizations transform and succeed by focusing on business value.

ProtivitiTech
protivititech Protiviti Technology @protivititech ·
8 Apr

Join our experts on April 25 as they delve deep into the strategies and practices essential for safeguarding customer trust, ensuring a stellar user experience, and adhering to privacy and data security standards. Register today! https://ow.ly/fumH50R4fbw #DataPrivacy

Reply on Twitter 1777336025301254502 Retweet on Twitter 1777336025301254502 Like on Twitter 1777336025301254502 Twitter 1777336025301254502
protivititech Protiviti Technology @protivititech ·
5 Apr

Find out how businesses can use #AI technologies for real use cases in #Quantum sensing, simulations and migration to post-quantum cryptography during the latest podcast episode with guest @paul_kassebaum. https://ow.ly/Wy7u50R9t8M

Reply on Twitter 1776309432592330940 Retweet on Twitter 1776309432592330940 1 Like on Twitter 1776309432592330940 4 Twitter 1776309432592330940
protivititech Protiviti Technology @protivititech ·
5 Apr

Protiviti’s Kim Bozzella explains how technology and #Automation in the #Manufacturing industry has—and will continue to—improve productivity and quality enhancement. Read more from the Forbes Technology Council. https://ow.ly/nTPy50R7WYC

Reply on Twitter 1776249003769803111 Retweet on Twitter 1776249003769803111 Like on Twitter 1776249003769803111 Twitter 1776249003769803111
protivititech Protiviti Technology @protivititech ·
1 Apr

Organizations who are part of the Department of Defense supply chain must understand, identify and protect controlled unclassified information, often called #CUI in their environments. Here’s what you need to know: https://ow.ly/bjbW50R59Ke #ProtivitiTech

Reply on Twitter 1774769203540566390 Retweet on Twitter 1774769203540566390 Like on Twitter 1774769203540566390 Twitter 1774769203540566390
protivititech Protiviti Technology @protivititech ·
29 Mar

A global hospitality company is well positioned to leverage the latest AI technologies after hiring Protiviti to establish and implement a comprehensive AI governance standard. Read our latest client story: https://ow.ly/Ir7R50R4nrh #ProtivitiTech #ClientStory

Reply on Twitter 1773772540306919718 Retweet on Twitter 1773772540306919718 Like on Twitter 1773772540306919718 1 Twitter 1773772540306919718
Load More