SharePoint and GDPR Compliance
1 like910 views
This webinar discusses how SharePoint administrators can ensure compliance with the General Data Protection Regulation (GDPR) using SPDocKit. The webinar agenda includes an introduction to GDPR and its core pillars, recommendations for how SharePoint can comply with GDPR, and specific action steps that can be taken using SPDocKit tools. These include tagging objects containing personal data, enforcing security rules and auditing settings, auditing permission changes, and using reports and permissions management to understand who has access to what data. A demo then shows SPDocKit features for these compliance tasks.
SharePoint and GDPR Compliance
- 1. Webinar SharePoint & GDPR Compliance - Administration Tips and Action Steps with SPDocKit
- 2. www.spdockit.com Iva Novoselic Product Owner Maja Blazek Product Marketing Manager Andrea.budisa@syskit.com maja.blazek@syskit.com Twitter: @majekb SysKit is a software development company based in Zagreb, Croatia, Europe founded in 2009. We create innovative software solutions for SharePoint, Office 365, SQL Server, RDS, and Citrix admins and consultants. www.syskit.com Technology Partners
- 4. www.spdockit.com • SPDocKit – Quick Intro • GDPR – Intro + the Core Pillars • SharePoint and GDPR – recommendations • SPDocKit and GDPR – action steps • Demo Agenda
- 5. www.spdockit.com Housekeeping Important information for attendees • A recording and a slide deck of the webinar will be available (email notification) • We’ve reserved 10 minutes at the end of the webinar for questions and answers. • Please submit your questions via the chat window, we’ll answer as many as possible and will recap them on our blog
- 6. SPDocKit – Product Overview
- 8. www.spdockit.com Developed for administrators and consultants to automate routine administrator tasks. Generate documentation with a few clicks. Validate farm configuration. Increase data security, classify data and enforce governance policies. Avoid data breaches! Manage SharePoint permissions, audit changes, create rules. SPDocKit Benefits
- 9. GDPR
- 10. www.spdockit.com GDPR – What and why? GDPR – New EU Regulation - apply from 25th May 2018 Why: As companies are moving business over to the digital world, this regulation will allow individuals to achieve more control over their personal data. It also protects all EU citizens from privacy and data breaches, malicious usage and unlawful sharing. GDPR applies to any company that markets and processes goods or services to EU residents, regardless of the company’s location or industry sector (Article 3). Digital World Personal Data Data Protection
- 11. www.spdockit.com GDPR – the Core Pillars Defining personal data Any information related to a person, that can be used to directly or indirectly identify the person. It can be anything from a name, a photo, an email address, bank details, posts on social networking websites, medical information, or a computer IP address. • Data collectors vs. data processors • Data protection officer • Data transparency – Right to access - Right to be forgotten • Consent • Breach notifications • Huge fines – 4% of your annual global turnover, or €20 million (whichever is greater).
- 13. www.spdockit.com GDPR = all about improving business processes, not about IT itself! Protecting personal data Governance policies Upload file to SharePoint – piece of cake! Result: CVs, pictures, customer quotes and marketing mailing lists scattered randomly around Not following company's governance policies, storing data haphazardly, sharing and sending files via emails may create serious problems! Training is essential to help everyone in your organization understand the GDPR principles!
- 14. www.spdockit.com Manage your data structure and classify • Examine your SharePoint structure • Identify where your personal and sensitive data are stored • Protect the data to prevent any security breaches Know who has access to what • Make sure you know at any moment who has access to what • Explore permission levels relating to groups and users. • Revise and adjust permission levels and usage of unique permissions
- 15. www.spdockit.com Audit logs and track changes • Make sure that you are using all of the SharePoint out-of-the-box auditing features to enable you to track what’s going on • Analyze user activities and pick up any malicious behavior – for example, you could check whether someone who is leaving a company has downloaded large amounts of data • Track who has accessed or modified something. • Track changes in permissions • Audit administrators' activities – their privileged roles may allow them to access personal data outside of their policy or role
- 16. www.spdockit.com Explore the SharePoint structure; identify what personal data you have and where such data are stored. Know who has access to what, and audit all changes and activities. Prevent data breaches and secure content. Report suspicious actions. Create reports for each of the previously mentioned areas, revise with your teams, and create action plans to improve the security of your data.
- 17. Action steps with SPDocKit
- 18. www.spdockit.com Keep track of SharePoint objects containing personal and sensitive data KNOW WHERE YOUR PERSONAL DATA ARE STORED – TAG SHAREPOINT OBJECTS Sample: easily label folders containing private and confidential information about employees or your company’s customer information, marketing mailing lists etc.
- 19. www.spdockit.com ENFORCE SECURITY RULES – TURN ON OUT-OF-THE-BOX AUDITING IN SHAREPOINT Built-in Queries help you detect whether auditing is turned on in the Documents and Items and Lists, Libraries, and Sites sections. Go a step further and create a Rule to configure auditing settings straight from SPDocKit.
- 20. www.spdockit.com AUDIT PERMISSIONS CHANGES Permissions Audit Overview - a list of all site collections and the number of permissions changes, if there were any. Drill down and check a complete log of all permissions changes (who changed, type of action, on which object) on a specific site collection in a given time period.
- 21. www.spdockit.com • Permissions Explorer and Reports - Know who has access to what - examine permission levels for each user, explore permissions through your SharePoint hierarchy, and make sure that you have the right people accessing sensitive data. • Manage permissions for users and groups, manage inheritance and restore permissions • Explore users with privileged access - maintain control of this list as such users may have access to almost all data in your environment • You need to ensure that your farm is configured properly – use Best Practices reports • Use comments in Farm Explorer to simplify configuration audits, leave notes to yourself More actions from SPDocKit
- 22. Demo
- 24. www.spdockit.com Customer Support Super friendly, always ready and free of charge! 99 1 0 20 40 60 80 100 How are we doing? Overall Customer Happiness Great! Not so good *Statistics are collected by 3rd party from the last 100 customers that used our service. Powered by Zendesk Phone: USA: (855) 855-5071 Int’l: +1 (631) 406-4900 EU: +44 (0)20 3322-2034 Email: support@syskit.com sales@syskit.com Chat & Web: www.spdockit.com