Maureen Data Systems, a woman-owned IT services and solutions company, is committed to developing custom, streamlined solutions for customers to achieve their business objectives. Maureen Data Systems structures its teams to align with how its customers consume technology—with one team responsible for infrastructure, another heading up productivity and applications, and a third committed to identity and security solutions.

“We have structured ourselves to best align with our customers and how they think,” said Maureen Data CTO Michael Trachtenberg. “This allows us to tackle challenges posed by regulations such as the GDPR, as we can weave security into the fabric of our customers’ infrastructure and productivity solutions.”

The impact of the GDPR beyond the EU

But how do you know if a regulation applies to you? The GDPR impacts any organization that conducts business internationally in Europe—meaning that a company based in the US will often need to comply with the regulation if it targets consumers in the EU, monitors EU citizens, or otherwise offers goods and services in the EU (even if those services are offered for free).

“One of our customers is based outside of the EU and has a website hosted in the Caribbean. This customer was unsure as to whether the regulation applied to them, as EU residents might consume, access or enter data into its website,” said Maureen Data Executive VP Stewart Lande. “Another customer in the UK was dealing with a multi-pronged dilemma. Did the GDPR apply to them given the aftermath of Brexit? Were they housing any data from current EU residents that would cause them to be impacted regardless?”

These questions often don’t have a clear answer.

A holistic approach to compliance

When Maureen Data works with customers, each with their own unique circumstances, to prepare for the new regulatory environment, its approach enables it to work with customers facing a variety of different scenarios. Maureen Data adopts a consultative methodology, partnering with customers to help them determine whether they will be impacted by the legislation and determining the steps they need to take to achieve full compliance.

Following a comprehensive assessment, implementing the right technology is the next critical step organizations need to take when addressing data compliance. By implementing Microsoft 365, Maureen Data helps to arm its customers with services designed to protect and classify data across devices, cloud services, and on-premises.

One of these services, Azure Information Protection (AIP), classifies, labels, and protects sensitive files and emails. The service allows for encryption and authorization, ensuring users must successfully authenticate to access the materials within. Microsoft Cloud App Security (MCAS) can then read files labelled and classified by AIP and set policies accordingly.

“Microsoft 365 gives our customers a host of services working together to address the data classification concerns addressed in the GDPR. If a customer implements Microsoft 365 and lays out a plan showing that they are adopting the technologies included in those services, they can show an auditor that they are moving towards compliance,” said Michael Fiorito, Microsoft Practice Director.

But full compliance with the GDPR requires more than technology. That is why Maureen Data partners with legal organizations to ensure its customers are holistically informed regarding how the regulation might impact them.

“One of the biggest reasons we have had success with our customers preparing for the GDPR is that we back our story up with lawyers. We partner with a legal organization and bring people in to help our customers understand how the regulation will be lawfully enforced within the organization,” said Maureen Data CTO Michael Trachtenberg.

Getting customers on the right path

By embracing the unique situations of their customers and adopting a holistic approach, Maureen Data is helping organizations across the world better understand how the GDPR and other regulations like HIPPA and DFS impact their businesses and how they can adopt a modern information security posture to address these concerns. By implementing Microsoft 365, Maureen Data puts these customers on a path to becoming fully compliant. Further, by backing these technology implementations up with legal counsel, Maureen Data ensures that its customers are fully aware of the steps they need to take across their organization to become compliant.