The regulatory landscape is constantly changing, and organizations are often challenged to meet the requirements of a multitude of standards and frameworks. Keeping up with often overlapping requirements creates a significant burden for most organizations. Additionally, a substantial increase in hybrid work models means an organization’s data now lives outside of the traditional boundaries, making it harder to mitigate risks. Organizations face the difficult task of maintaining their own house in order while trying to meet an ever-changing list of compliance requirements. According to a 2022 KPMG study, over 60% of respondents stated they experienced increasing losses from fraud, compliance breaches, and cyber-attacks.
Today, we are excited to announce integrated capabilities across Microsoft Purview Compliance Manager and Microsoft Defender for Cloud. Microsoft Purview Compliance Manager helps organizations simplify compliance and reduce risk. It translates complex regulatory requirements into specific controls, allowing organizations to constantly assess, monitor, and improve their compliance posture. As organizations continue their hybrid environment journeys, it’s more important than ever to have visibility into their entire digital estate from one pane of glass.
One pane of glass
This integration, which will go into public preview next month, enables organizations to manage technical controls coming from Defender for Cloud (including Azure, AWS, GCP services) in one central location. By having Compliance Manager and Microsoft Defender for Cloud working together, we are now extending continuous assessment capabilities across clouds, making it seamless for customers to manage their compliance from a unified digital fabric.
Figure 1: GDPR assessment drilldown
Expanded automated testing
Continuous assessments help customers automate compliance processes by eliminating a big pain point – blind spots. With the help of automated testing, customers can automatically check whether a technical control has passed or failed. For example, if you set up a control to enable Multi-Factor Authentication, the system will scan your tenant every 24 hours, and alert you if the control has failed. This helps customers maintain a refreshed view of their compliance posture in one single location.
Figure 2: Automatic testing for multi-cloud service
Simplified compliance management
Chief Compliance Officers (CCO), Chief Risk Officers (CRO), Chief Information Security Officers (CISO), and IT administrators have different roles, but in the end, they all contribute to mitigating compliance risks and ensuring their organization meets key industry and regional standards. With these enhancements, compliance, risk, and security personas can rely on Compliance Manager as their compliance management solution across their digital estate. The ability to select services from Microsoft or other 3rd party providers enables organizations to better safeguard their data.
Figure 3: Managing subscriptions to meet a regulatory requirement
Get started today!
We are committed to helping organizations do more with less by delivering capabilities that make the end-to-end compliance management experience more efficient. Get started with Compliance Manager through the Microsoft Purview portal. If you are a Microsoft 365 E5 customer, try out your free templates today!