privacy. security. risk. 2016€¦ · dana simberkoff, jd, cipp chief compliance & risk officer...
TRANSCRIPT
![Page 1: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/1.jpg)
Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint
Sanjay Jacob Global Head, Intelligent Cloud
Strategic Industries Microsoft Corporation
Privacy. Security. Risk. 2016 IAPP Privacy Academy and CSA Congress
![Page 2: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/2.jpg)
Presenter
Dana Louise Simberkoff, JD, CIPP Chief Compliance and Risk Officer, AvePoint
Blog: www.DocAve.com
https://www.linkedin.com/in/danalouisesimberkoff
@danalouise
![Page 3: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/3.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
![Page 4: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/4.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
![Page 5: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/5.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
![Page 6: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/6.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
![Page 7: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/7.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
![Page 8: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/8.jpg)
![Page 9: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/9.jpg)
A new era of digital transformation is upon us
![Page 10: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/10.jpg)
![Page 11: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/11.jpg)
Cloud momentum continues to accelerate
“If you’re resisting the cloud because of security concerns, you’re running out of excuses.”
“The question is no longer: ‘How do I move to the cloud?’ Instead, it’s ‘Now that I’m in the cloud, how do I make sure I’ve optimized my investment and risk exposure?’”
“By 2020 clouds will stop being referred to as ‘public’ and ‘private’. It will simply be the way business is done and IT is provisioned.”
![Page 12: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/12.jpg)
OPPORTUNITIES
SECURITY & PRIVACY POLICY & CONTROLS
SECURITY RISKS
Balance Opportunities and Risks
DATA GOVERNANCE
![Page 13: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/13.jpg)
Data is a new currency
![Page 14: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/14.jpg)
![Page 15: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/15.jpg)
Hyperscale infrastructure is the enabler 28 Regions Worldwide, 22 ONLINE…huge capacity around the world…growing every year
100+ datacenters
West US
California
East US
Virginia
US Gov
Virginia
North Central US
Illinois
South Central US
Texas
Brazil South
Sao Paulo State
West Europe
Netherlands
China North *
Beijing
China South *
Shanghai
Japan East
Tokyo, Saitama
Japan West
Osaka
India South
Chennai
East Asia
Hong Kong
SE Asia
Singapore
Australia South East
Victoria
Australia East
New South Wales
India Central
Pune
Canada East
Quebec City
Canada Central
Toronto
India West
Mumbai
Germany North East **
Magdeburg
Germany Central **
Frankfurt North Europe
Ireland
East US 2
Virginia
United Kingdom
Regions United Kingdom
Regions
Pacific NW
Washington
Central US
Iowa
US Gov
Iowa
![Page 17: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/17.jpg)
Cloud Trust pillars
![Page 18: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/18.jpg)
Microsoft IT cloud vision
“We’re comfortable with 93% of our portfolio
moving to the cloud, and we’re well on our
way to that. By the time we're complete
with that part of our portfolio, the remainder
will be ready to move to the cloud.”
Jim DuBois, CIO of Microsoft
![Page 19: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/19.jpg)
Five steps to data governance adoption Executive sponsorship is crucial
![Page 20: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/20.jpg)
How should you determine what data lives in the cloud? Understand the risk of unintended disclosure of data and safeguards
DATA HANDLING TECHNIQUES
![Page 21: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/21.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Rapidly changing
information
landscape creates
more business
opportunities, but
also increases risk
throughout the
data lifecycle.
• Over-retention
• Inadvertent
disposal
• Excessive collection
• Inadequate records • Inappropriate
access
• Accidental misuse
• Breach or response
failure
• Cross-border restrictions
• Excessive sharing
Create & Collect
Use
Share
Dispose
DATA
LIFECYCLE
![Page 22: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/22.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
What is this?
• Client records
• Employee records
• Previous project
files
The Challenge
What you use…
What you need to keep…
• Current project files
• Current reference docs
Dark Data
![Page 23: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/23.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Someone else’s Computer
![Page 24: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/24.jpg)
Cloud ‘flavors’ Cloud Service Provider manages
You manage
Data Governance and Rights Management
Client End-points
Account and Access Management
Identity and Directory Infrastructure
Application
Network Controls
Operating System
Physical Hosts
Physical Network
Physical Datacenter
Security
Privacy and Control
Compliance
Transparency
SaaS
PaaS
IaaS
On-Prem
![Page 25: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/25.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Build “controls”
into containers
Make sure no
one messes with
your controls
Ensure the system
is used as intended
![Page 26: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/26.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Cloud is a chance for “Housekeeping” Restructure your IA, consolidate Check for poor security settings
Migrate
![Page 27: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/27.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Mixed Junk IN
Filter for Compliance Prioritize for
Business Need
Structure for
Governance
Organized
Gold OUT
![Page 28: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/28.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Data Discovery Data Identification Data Migration
40TB 30TB 4TB
Business Information
Business Critical Data
/Important Data
Scan the
content
Identify ROT &
duplicates
Remove duplicate Data
Data and File Analysis Process
![Page 29: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/29.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Plan for the future
Remove what’s unnecessary
Keep what’s required
Protect what’s important
Establish a way to identify it
Find out what it really is
Reduce Cost. Increase
Productivity.
$
Users:
Relevant Information
IT Admins:
Easier Maintenance
Compliance Officers:
Lowered Risks
![Page 30: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/30.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Where is it?
File Share
SharePoint
Office 365
Databases
Who can access it?
Who owns it?
Who can read it?
Who can edit it?
What is it? ?
File Level Analysis
Content Level Analysis
• Redundant, outdated and
trivial (ROT) data
• File types (Music, log files,
etc..)
• Sensitive data
• Date Created
• Owner
![Page 31: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/31.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Tags
Ownership Purpose
Audience Sensitivity level
Classify
Is it a record? Is it high business
impact?
Who should have
access? Where should it live?
![Page 32: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/32.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Delete
Archive Does it need to be
reorganized?
• Is it a record?
• Does it belong somewhere
else?
Can I get rid of it?
• Is it a record?
• Is it a duplicate?
• Is there a later version?
• Is it relevant?
![Page 33: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/33.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
• Which is the “golden copy”?
• Do you need multiple copies?
• Does it need to be indelible?
• Does it need to be stored off site?
• Who can access it?
• What’s the retention period?
Is it a record? Is it high business
impact?
• Does it need to be encrypted or redacted?
• How often is it accessed?
• How many people have access?
• Are multiple versions necessary?
![Page 34: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/34.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Compliant Migration to…
End-of-Life
Another location on the
file system for archiving
Another system
(SharePoint, Office 365, storage,
etc.)
Another location for
“legal hold”
Another location on
the file system
![Page 35: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/35.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Incident
Tracking
Prove It
Assess Prioritize
Say It Do It
1 2 3 4 5
Ongoing
Monitoring
7
Incident
Management
6
8
![Page 36: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/36.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
![Page 37: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/37.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Privacy Impact Assessment
Yes, risky data will be stored
Implement Controls
Restrict and control access
Tag and Classify, Move, Quarantine, Delete,
Redact, Encrypt, Block, and Audit
Enforce internal policies
Reporting / Certification
No, no risky data stored
Verify and Report Reporting/ Monitor
![Page 38: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/38.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
• Developed by AvePoint
• Distributed exclusively by IAPP
• Global Support provided by AvePoint
• Educational Resource ***Cost Free***! (AvePoint Global Research and Development Team)
• Extended by the Privacy Community!
• https://www.privacyassociation.org/resource_center/avepoint_privacy_impact_assessment_system
![Page 39: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/39.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Microsoft Azure Trust Center https://azure.microsoft.com/en-us/support/trust-center/
Office 365 Trust Center https://www.microsoft.com/en-us/TrustCenter/CloudServices/Office-365
AvePoint Data Governance Solutions http://www.avepoint.com/solutions/data-governance/
![Page 40: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/40.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
AvePoint Data Governance Workshop http://www.avepoint.com/assets/pdf/Advisory_Data_Governance_Workshop_Product_Brochure.pdf
AvePoint Privacy Impact Assessment https://iapp.org/resources/apia/
AvePoint Compliance Guardian Market Place https://azure.microsoft.com/en-us/marketplace/partners/avepoint/avepoint-compliance-guardian/
![Page 41: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/41.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Q & A
![Page 42: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/42.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
![Page 43: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/43.jpg)
![Page 44: Privacy. Security. Risk. 2016€¦ · Dana Simberkoff, JD, CIPP Chief Compliance & Risk Officer AvePoint Sanjay Jacob Global Head, Intelligent Cloud Strategic Industries Microsoft](https://reader034.vdocument.in/reader034/viewer/2022050411/5fabc2340a2ad221175c81e7/html5/thumbnails/44.jpg)
©AvePoint, Inc. All rights reserved. Confidential and proprietary information of AvePoint, Inc. No part of this may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written consent of AvePoint, Inc.
Whitepaper – The Operational Impact of the
European Union General Data Protection
Regulation (GDPR) on IT
www.avepoint.com/GDPR
GDPR Survey Benchmark Survey
www.avepoint.com/GDPR-Survey
AvePoint Privacy Impact Assessment
System
http://www.avepoint.com/privacy-impact-
assessment/
https://iapp.org/resources/apia/
Resources