Information Protection
The settings for a Sensitivity Label have changed since Ignite in September 2020. One of the first steps is now to specify whether the label should be used for “Files & Email”, for “Groups & Sites” or also for the new Azure Purview integration:Even if the
dialog looks a bit different in detail, no new feature has been added to the „Files
& Email“ section.
The
settings in the label override the settings in the SharePoint Admin Center when
the label is assigned to a site.
Note that
SharePoint Online caches these settings. If a label is reassigned or updated,
it can take up to 24 hours for the changes to take effect. If a label is
assigned directly when the page is created, the settings take effect within 15
minutes.
Azure
Purview:
This is
also a relevant new function, especially in the context of GDPR, as personal
data is usually stored and processed in various IT systems. Details on this: Microsoft
Information Protection and Microsoft Azure Purview: Better Together
What is Azure Purview
Azure Purview is a data governance service. The service aggregates data from on-premises systems, multi-cloud scenarios and software-as-a-service (SaaS) applications. The service creates a Purview data map based on this data:Details: https://azure.microsoft.com/en-us/services/purview/
GDPR
Both
features, sensitivity labeling and integration with the Azure Purview service,
support the requirements of the GDPR. Parallel to the updates of the technical
features, Microsoft has taken action in response to the decisions of the EuGH
(Privacy Shield agreement / Schrems II).
In this press
release, which is unfortunately only available in German, Microsoft
explains the details of the Defending
Your Data program and that these efforts will be part of future contracts
with enterprise and public sector customers. The two most important details
are:
·
Microsoft
is committed to challenging any request by a government entity for data from
enterprise or public sector customers where there is a legal basis for doing
so.
·
Microsoft
will compensate customers for financial damages if their data must be released
to a government agency in violation of the EU General Data Protection
Regulation (EU GDPR).
Details in
the press
release linked above.
Keine Kommentare:
Kommentar veröffentlichen