How Office 365 helps with the GDPR

There are many reasons to make the move to the Microsoft cloud. Here’s another: it gives you a head start in complying with the General Data Protection Regulation (GDPR).

Microsoft has committed that their cloud services, including Office 365, will comply with GDPR when it goes into effect on May 25, 2018. Plus, they keep coming up with new ways to make GDPR compliance easier for you to achieve across your organization.

Here are some specific examples of how Office 365 helps you secure your IT environment and achieve compliance with enterprise-grade user and admin controls.


Before you can better manage data about your customers, you first need to find the many places in which it lives. This can be a challenge, as customer data can be stored in many places throughout your organization, from spreadsheets to chat conversations.

With Office 365, you can:

  • Set data loss prevention policies to find and manage 80+ sensitive data types, including personal, financial and medical info
  • Run a Content Search across many places where personal information might be stored, including mailboxes, public folders, Office 365 Groups, Microsoft Teams, SharePoint Online sites, One Drive for Business, and Skype for Business conversations
  • Reduce discovery costs and challenges with Advanced eDiscovery
  • Use Advanced Data Governance to find, classify, set policies on, and take action on the data that’s most important to your organization


Next up, you need to simplify how you manage and monitor personal data. With Office 365, you can:

  • Go to the Security & Compliance Center and use its data governance features to archive and preserve content across Office 365, including your mailboxes, SharePoint sites, and OneDrive for Business locations
  • Set retention policies to manage the lifecycle of email and documents, such as choosing to remove content after you no longer need it
  • Use Advanced Data Governance to find, classify, set policies on, and take action on the data that’s most important to your organization
  • Set information management policies in SharePoint Online to control how long you retain content, to audit what people do with content, and to add barcodes or labels to documents
  • Use journaling in Exchange Online to respond to legal, regulatory, and compliance requirements by recording inbound and outbound email communications


To make sure your customer information stays private, you should take steps to build a more secure environment. This is where Office 365 really earns its keep, as it includes all kinds of built-in security features that simplify how you protect and manage your data.

For example, you can:

  • Use Secure Score to get insights into the state of your security and what other features you could use to reduce risk while balancing productivity and security
  • Deploy Advanced Threat Protection for Exchange Online to protect your email against new, sophisticated malware attacks, viruses, malicious attachments and links, and more—all in real time
  • Use Information Rights Management to prevent sensitive information from being printed, forwarded, saved, edited, or copied by unauthorized people
  • Use Mobile Device Management to set up policies and rules to secure and manage your employees’ mobile devices, from iPhone to Android


Last up, the GDPR brings a slew of new reporting requirements. This means you’ll need to be more transparent about not only how you handle personal data, but also how you actively maintain documentation that defines your processes and use of personal data. You’ll also need to be ready to answer requests about data and report data breaches. 

With Office 365, you can:

  • Use service assurance to get deep insights into how to do your own risk assessments
  • Use audit logs to monitor and track user and admin activities across Office 365
  • Set up a customer lockbox to control how a Microsoft support engineer can access your data when they’re helping you with an issue

How Binary Tree can help

If you decide to make the move to Office 365, Binary Tree can help get you there as quickly and smoothly as possible. We’ve been doing migrations for nearly 25 years and are exclusively focused on moving organizations to the Microsoft platform. Our commitment to you is that we can deliver even the most complex migrations on an aggressive schedule—all without disrupting your users. See more about how we can help you transform to Office 365.

Read more

Learn more about Microsoft and the GDPR and see how Microsoft products help you comply with the GDPR.