loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Authors: Nestori Syynimaa 1 and Tessa Viitanen 2

Affiliations: 1 University of Jyväskylä, Gerenios Ltd and Sovelto Plc, Finland ; 2 Unified Chargers Ltd, Finland

Keyword(s): Office 365, Azure, Information Security, GDPR.

Related Ontology Subjects/Areas/Topics: Computer-Supported Education ; Enterprise Information Systems ; Information Systems Analysis and Specification ; Information Technologies Supporting Learning ; Security ; Security and Privacy

Abstract: The General Data Protection Regulation, commonly referred as GDPR, will be enforced in all European Union countries in May 2018. GDPR sets requirements for processing EU citizens’ personal data regardless of the physical location of the organisation processing the data. Over 40 percent of European organisations are using Office 365. Microsoft claims that Office 365 service is GDPR compliant, and has provided tools to help Office 365 customers to ensure their GDPR compliancy. In this paper, we present some security issues related to the very foundation of Office 365 service, namely Azure Active Directory and administrative tools, and assess their GDPR compliancy. Our findings reveal that personal data stored in Office 365 is subject to undetectable security breaches, preventing organisations to be GDPR compliant. We also propose actions to take to minimise the impact of the security issues.

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 216.73.216.61

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Syynimaa, N. and Viitanen, T. (2018). Is My Office 365 GDPR Compliant? - Security Issues in Authentication and Administration. In Proceedings of the 20th International Conference on Enterprise Information Systems - Volume 2: ICEIS; ISBN 978-989-758-298-1; ISSN 2184-4992, SciTePress, pages 299-305. DOI: 10.5220/0006770602990305

@conference{iceis18,
author={Nestori Syynimaa and Tessa Viitanen},
title={Is My Office 365 GDPR Compliant? - Security Issues in Authentication and Administration},
booktitle={Proceedings of the 20th International Conference on Enterprise Information Systems - Volume 2: ICEIS},
year={2018},
pages={299-305},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006770602990305},
isbn={978-989-758-298-1},
issn={2184-4992},
}

TY - CONF

JO - Proceedings of the 20th International Conference on Enterprise Information Systems - Volume 2: ICEIS
TI - Is My Office 365 GDPR Compliant? - Security Issues in Authentication and Administration
SN - 978-989-758-298-1
IS - 2184-4992
AU - Syynimaa, N.
AU - Viitanen, T.
PY - 2018
SP - 299
EP - 305
DO - 10.5220/0006770602990305
PB - SciTePress