Ever worry that your organization might have missed a detail in your clients’ security? Keeping up with regulatory change, cyber-resilience, and personal data accountability are some of the biggest challenges many of our clients face. Organizations need to be up to speed with new regulations and compliance standards but without a robust system in place, complying with rules, standards, and laws can be a daunting task.

As you know, we at CTC Productivity are huge supporters of leveraging technology to drive productivity. Microsoft 365 provides a huge opportunity to streamline workflow and improve efficiencies. However, when we come in to help companies optimize the software we often find that their infrastructure has not been set up properly and there are issues in many areas. One of particular concern is that many companies feel they are following compliance standards, but in reality they are not. Here are a few things to check:

Do a compliance audit: When companies call us to help them better use 365 one of our first questions is, “Do you have compliance guidelines you should be following?” Many say yes and feel confident they have all their bases covered. But in these situations one of the first things we recommend we do is do a compliance audit to make sure their infrastructure was set up properly. Whether that is for companies fully or partially using 365. We call it “peaking under the hood”.

Update the typically open backend of 365 to ensure full compliance: We worked with a client that assumed they were compliant because they were using a third party company for risk management and compliance oversight. While this outside organization was doing an excellent job monitoring and tracking the conversations between the firm and the clients, there were areas of huge exposure with how the company was handling their data on the backend. A typical installation of 365 is set up to be very open to allow for full integration between the various apps, however, to ensure full compliance enterprise wide, 365 needed a few special adjustments to lock things down as tightly as possible and meet their compliance standards.

Make sure your compliance and IT teams collaborate: Many companies assume their internal or external IT group is on top of all compliance standards. However, these are two very separate silos of expertise that need to be connected. Have your compliance leaders collaborate with the set up 365 so the IT specialists configure it properly. We don’t fault the IT group at all for this lack of knowledge. 365 is a very complicated suite of tools to set up and they often don’t’ have the proper training to know all the ins and outs. There is a huge learning curve with leveraging the power of 365 from the end user standpoint, but also for the IT group.

With more and more end users demanding that their IT groups “get them on 365” this can cause issues if it’s not done carefully and intentionally. The good news is we are experts in how to set up 365 to ensure you are fully compliant. Plus, we love training your internal and external IT groups how to do this properly so they can maintain it over the long run. No dependency on us to stick around forever! It is such a win-win because they learn from experts and the leadership team can feel confident they are following all compliance guidelines.

 

Leave a Reply

Your email address will not be published.

Be the first to hear any updates from CTC!