This post has been republished via RSS; it originally appeared at: Financial Services Blog articles.
Within the shared responsibility model of the cloud, we aim to address the most rigorous compliance demands of our customers. Microsoft helps Financial Services organizations achieve and sustain compliance with requirements that might be specific to just their industry.
To support that goal, our Compliance Manager tool summarizes Microsoft’s and our client’s control implementation progress for various standards and regulations in their Microsoft cloud tenant. By providing a dashboard view of assessments that contain Microsoft’s control implementation details and test results as well as customer control implementation guidance and tracking, many financial services organizations have been empowered to use Compliance Manager to meet compliance controls for complex regulations, including the likes of GDPR.
Compliance Manager can also help reduce the duplication of efforts that might otherwise be needed to satisfy identical control requirements across different certifications. For highly-regulated industries like financial services, reducing this overlap can create significant savings across personnel, time, and other IT resources. To that end, we recognize it is vital to regularly expand the number of compliance assessments available in Compliance Manager, and to continuously invest in and improve our cloud offerings.
Compliance Manager now includes two notable assessments added for our customers in the financial services sector that can help strengthen their cybersecurity protection: NIST CSF and CSA CCM.
Developed as part of a US Government effort to protect critical infrastructure, including financial services organizations, the National Institute of Standards and Technology's Cybersecurity Framework (NIST CSF) is a set of standards, best practices, and recommendations that can help organizations enhance their cybersecurity at the organizational level. It can be especially useful to financial services because its processes help them remain compliant with other regulations. Compliance Manager now provides specific recommendations that financial services organizations can implement to configure and assess their Office 365 environment.
The Cloud Security Alliance Cloud Controls Matrix (CSA CCM) provides best practices to help ensure a more secure cloud computing environment. Office 365 customers can leverage the recommended actions to strengthen their cloud security controls. The CSA CCM recommendations are mapped to many other compliance standards, such as NIST, and can help financial services organizations meet their requirements under these regulations.
Compliance Manager provides financial services organizations with a clear view of the actions available within Office 365 that are recommended by these standards.
You can create these new Assessments in Compliance Manager today. To learn about how to add new assessments, please see the support documentation. To learn more about Compliance Manager, download this free infographic and whitepaper.