Is My Office 365 GDPR Compliant? : Security Issues in Authentication and Administration
Syynimaa, N., & Viitanen, T. (2018). Is My Office 365 GDPR Compliant? : Security Issues in Authentication and Administration. In S. Hammoudi, M. Smialek, O. Camp, & J. Filipe (Eds.), ICEIS 2018 : Proceedings of the 20th International Conference on Enterprise Information Systems. Volume 2 (pp. 299-305). SCITEPRESS Science And Technology Publications. https://doi.org/10.5220/0006770602990305
Päivämäärä
2018Tekijänoikeudet
© Syynimaa & Viitanen & SCITEPRESS, 2018.
The General Data Protection Regulation, commonly referred as GDPR, will be enforced in all European Union
countries in May 2018. GDPR sets requirements for processing EU citizens’ personal data regardless of the
physical location of the organisation processing the data. Over 40 percent of European organisations are using
Office 365. Microsoft claims that Office 365 service is GDPR compliant, and has provided tools to help Office
365 customers to ensure their GDPR compliancy. In this paper, we present some security issues related to the
very foundation of Office 365 service, namely Azure Active Directory and administrative tools, and assess
their GDPR compliancy. Our findings reveal that personal data stored in Office 365 is subject to undetectable
security breaches, preventing organisations to be GDPR compliant. We also propose actions to take to
minimise the impact of the security issues.
Julkaisija
SCITEPRESS Science And Technology PublicationsEmojulkaisun ISBN
978-989-758-298-1Konferenssi
International Conference on Enterprise Information SystemsKuuluu julkaisuun
ICEIS 2018 : Proceedings of the 20th International Conference on Enterprise Information Systems. Volume 2Julkaisu tutkimustietojärjestelmässä
https://converis.jyu.fi/converis/portal/detail/Publication/27977387
Metadata
Näytä kaikki kuvailutiedotKokoelmat
Lisenssi
Samankaltainen aineisto
Näytetään aineistoja, joilla on samankaltainen nimeke tai asiasanat.
-
What affects the intention to change information security behavior when using biometric authentication in mobile payments?
Väli-Klemelä, Ainohelena (2021)Mobiilimaksut ja mobiilimaksusovellusten käyttö ovat lisääntyneet merkittävästi viime vuosina. Käyttäjät käyttävät erityyppisiä tunnistautumismenetelmiä mobiilimaksujen suorittamiseen, mukaan lukien biometrinen tunnistautuminen. ... -
Evidence in cloud security compliance : towards a meta-evaluation framework
Hentula, Antti (2019)Recently the trend of outsourcing IT services into cloud environments as opposed to traditional locally administrated services has been on the rise. This transition allows enables great cost savings through service flexibility ... -
Toward a stage theory of the development of employees' information security behavior
Karjalainen, Mari; Siponen, Mikko; Sarker, Suprateek (Elsevier, 2020)Existing behavioral information security research proposes continuum or non-stage models that focus on finding static determinants for information security behavior (ISB) that remains unchanged. Such models cannot explain ... -
Review of the methods for the development of information security policies at organizations
Wu, Shan (2016)This thesis aims to have an overview of the current studies in the development of information security policy. The research is based on a systematical literature review. The study focuses on the development process of ...
Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.