Microsoft

Still Playing Whack-A-Mole With Cloud Compliance? How to Simplify With Microsoft

Antonio MaioJez HaismanJonathan Trillos
November 29, 2021
4 min read

It’s a challenging landscape out there in the world of compliance. Regulatory changes, data privacy concerns and evolving trends like the hybrid workplace are requiring companies to increase their focus on compliance, in all forms. Huge fines and potential brand damage from data breaches or the discovery of non-compliance by regulators can be crippling. Yet we see organizations continuing to struggle with how to deal with these compliance challenges most effectively.

We have traditionally seen a lack of rigor around how organizations protect their data and, as we close out 2021, there is still more work to be done. Businesses often turn to technology to help maintain compliance, hoping to move from living in a state of reaction and trying to respond to the next issue. Additionally, we see a lack of collaboration across organizations as internal teams continue to silo their risk management awareness. Compliance and privacy teams may know the regulations but are not experts in IT solutions to meet the evolving requirements. It can be a constant game of whack-a-mole trying to keep up with regulatory changes. But the good news is, if risk is managed well within an organization, compliance is a natural outcome.

How Microsoft Compliance Manager can help manage compliance in the cloud

In a recent webinar, we asked our audience how they are currently tracking their company’s compliance posture. While over half are using a third-party tool or an outsourced provider, a third are still using spreadsheets to track this critical objective, while seven percent were not tracking at all. This helps illustrate a point we strongly believe: the time is right to move to a single tool, which can easily be managed in-house to maintain security, data and regulatory compliance. Organizations invest a considerable amount of money moving to the cloud. We want to make sure that each client we work with is using the right tools to get the return on investment expected.

Enter Microsoft Compliance Manager. Compliance Manager is a Microsoft platform that helps organizations meet complex regulatory compliance obligations, including ISO 27001, ISO 27018, CCPA, GDPR, Gramm-Leach-Bliley, HIPAA, NIST 800-53, PCI-DSS, PIPEDA, Sarbanes-Oxley and others. In addition to out-of-the-box functionality, our solutions use the extensibility of Microsoft Compliance Manager to enable input and compliance monitoring of non-Microsoft assets, such as custom End User Developed Applications (EUDAs), for a full view of the client environment.

Most organizations already have basic Microsoft tools in place, but even those that do not will find that adding this security suite of products provides enhanced visibility into the security, risk, data privacy and ongoing compliance landscape of any organization. The solution offers intuitive management, scalable assessments and built-in automation that allows companies to quickly ramp up and continually track progress as their compliance journey evolves and grows.

Shared responsibility model

 

During that recent webinar, we also asked the audience which technology risk areas their organization needs visibility into. It was not surprising to see that they ranked these areas almost equally:

  • Cloud adoption and usage
  • Data protection
  • Third-party risk management
  • Privacy regulations

Taking the first steps can be daunting and as a result, we often hear clients ask: where do we start? Yes, the landscape of Microsoft compliance tools is vast and knowing where to start can be a challenge. Microsoft Compliance Manager provides a place to start the compliance journey.

We encourage our clients to build a risk and compliance culture of trust, where all compliance teams are connected, share insights and partner with business leaders to design effective standards and controls to prevent, detect and remediate compliance issues. Microsoft Compliance Manager supports and simplifies that effort.

This shared responsibility model is highlighted within Compliance Manager, so that auditors can easily see how the organization ensures it has the right level of controls. Compliance Manager also provides extensibility so that companies can:

  • Create or extend premium templates to assess a wide variety of assets and/or systems
  • Customize compliance requirements
  • Track organization-specific controls sets such as Sarbanes-Oxley, IT general controls, etc.

Next steps in the compliance journey

It’s true that compliance is more complex than ever before and is likely to continue on that trajectory for years to come. At Protiviti, our mission is to help clients not only succeed with their compliance efforts, but to excel. We are excited about the technology Microsoft Compliance Manager offers to help organizations deliver the right processes and people dedicated to minimizing risk and becoming the gold standard in compliance efforts.

Interested in learning more about how Compliance Manager can help solve risk and compliance challenges? Consider a compliance quick-start session, which will provide recommendations for deployment.

To learn more about our Microsoft compliance solutions, contact us.

Antonio Maio

Managing Director
Technology Consulting - Microsoft

View all posts

Jez Haisman

Director
Technology Consulting - Protiviti UK

View all posts

Jonathan Trillos

Associate Director
Security and Privacy

View all posts

You may also like

Subscribe to Topics

Protiviti Technology Follow

Protiviti leverages emerging technologies to innovate, while helping organizations transform and succeed by focusing on business value.

ProtivitiTech
protivititech Protiviti Technology @protivititech ·
13h

#VISIONbyProtiviti speaks to Protiviti’s @KonstantHacker to discuss how quantum computing will impact the #FutureOfGovernment, where the U.S. stands in the #quantum race, national security implications, and more. Listen now! https://ow.ly/S2en50RzV6l

Reply on Twitter 1788599871466832284 Retweet on Twitter 1788599871466832284 1 Like on Twitter 1788599871466832284 2 Twitter 1788599871466832284
Retweet on Twitter Protiviti Technology Retweeted
protiviti Protiviti @protiviti ·
8 May

Protiviti’s Scott Laliberte joins a panel of experts on @Nasdaq @TradeTalks for a discussion with host @JillMalandrino about #AI washing and implementing effective AI governance and compliance. Watch now! #Protiviti

Reply on Twitter 1788303077327487309 Retweet on Twitter 1788303077327487309 1 Like on Twitter 1788303077327487309 Twitter 1788303077327487309
protivititech Protiviti Technology @protivititech ·
8 May

Gain a better understanding of cloud-based application dependencies and leveraging failure mode and effects analysis (#FMEA) testing—the two key aspects of #cloud infrastructure resiliency. https://ow.ly/hZVi50Rwghs

Reply on Twitter 1788192494234095787 Retweet on Twitter 1788192494234095787 Like on Twitter 1788192494234095787 Twitter 1788192494234095787
protivititech Protiviti Technology @protivititech ·
7 May

Congratulations to Andrew Paw, Associate Director of Technology Consulting (UK), who was accepted into Microsoft's Most Valuable Professional (#MVP) Program for his exceptional leadership and #Microsoft expertise. https://ow.ly/c0Pz50RyXQl #ProtivitiTech

Reply on Twitter 1787958189389906085 Retweet on Twitter 1787958189389906085 Like on Twitter 1787958189389906085 1 Twitter 1787958189389906085
protivititech Protiviti Technology @protivititech ·
6 May

Protiviti is a platinum sponsor of OneTrust's TrustWeek in Austin, TX. Register for the opportunity to hear about the latest industry trends in the ever-evolving trust landscape and make sure to stop by the Protiviti booth! https://ow.ly/r1Uy50RmzOM #TrustWeek

Reply on Twitter 1787482686132457914 Retweet on Twitter 1787482686132457914 Like on Twitter 1787482686132457914 Twitter 1787482686132457914
Load More