Is My Office 365 GDPR Compliant? - Security Issues in Authentication and Administration

Nestori Syynimaa; Tessa Viitanen

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Is My Office 365 GDPR Compliant? - Security Issues in Authentication and Administration

Topics: Security

In Proceedings of the 20th International Conference on Enterprise Information Systems - Volume 2: ICEIS, 299-305, 2018 , Funchal, Madeira, Portugal

Authors: Nestori Syynimaa ¹ and Tessa Viitanen ²

Affiliations: ¹ University of Jyväskylä, Gerenios Ltd and Sovelto Plc, Finland ; ² Unified Chargers Ltd, Finland

Keyword(s): Office 365, Azure, Information Security, GDPR.

Related Ontology Subjects/Areas/Topics: Computer-Supported Education ; Enterprise Information Systems ; Information Systems Analysis and Specification ; Information Technologies Supporting Learning ; Security ; Security and Privacy

Abstract: The General Data Protection Regulation, commonly referred as GDPR, will be enforced in all European Union countries in May 2018. GDPR sets requirements for processing EU citizens’ personal data regardless of the physical location of the organisation processing the data. Over 40 percent of European organisations are using Office 365. Microsoft claims that Office 365 service is GDPR compliant, and has provided tools to help Office 365 customers to ensure their GDPR compliancy. In this paper, we present some security issues related to the very foundation of Office 365 service, namely Azure Active Directory and administrative tools, and assess their GDPR compliancy. Our findings reveal that personal data stored in Office 365 is subject to undetectable security breaches, preventing organisations to be GDPR compliant. We also propose actions to take to minimise the impact of the security issues.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 18.218.231.141

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Syynimaa, N. and Viitanen, T. (2018). Is My Office 365 GDPR Compliant? - Security Issues in Authentication and Administration. In Proceedings of the 20th International Conference on Enterprise Information Systems - Volume 2: ICEIS; ISBN 978-989-758-298-1; ISSN 2184-4992, SciTePress, pages 299-305. DOI: 10.5220/0006770602990305

@conference{iceis18,
author={Nestori Syynimaa and Tessa Viitanen},
title={Is My Office 365 GDPR Compliant? - Security Issues in Authentication and Administration},
booktitle={Proceedings of the 20th International Conference on Enterprise Information Systems - Volume 2: ICEIS},
year={2018},
pages={299-305},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006770602990305},
isbn={978-989-758-298-1},
issn={2184-4992},
}

TY - CONF

JO - Proceedings of the 20th International Conference on Enterprise Information Systems - Volume 2: ICEIS
TI - Is My Office 365 GDPR Compliant? - Security Issues in Authentication and Administration
SN - 978-989-758-298-1
IS - 2184-4992
AU - Syynimaa, N.
AU - Viitanen, T.
PY - 2018
SP - 299
EP - 305
DO - 10.5220/0006770602990305
PB - SciTePress