Tools for collaboration and design for privacy

Enterprise architecture is about strategy and guidelines, but in the end you need to have an implemented process with tools to get business rolling.

We have in our film production company been trying an number of different alternatives for a collaboration tool during the last year, but finally reached a decision, for now.

This month, we started implementing Microsoft Teams as a tool, to improve how we are working together in producing films.

The reason behind this choice are a combination of factors:

  • cloud solution with native apps for both desktop and mobile platforms

  • license cost

  • hosted in EU, but by a US company

  • security 

We usually running a handful concurrent productions per year. As most, there are 25-30 persons involved in each project, and several persons are involved in more than one project at a time.

In order to comply with GDPR, we will not store sensitive personal information within Teams and only personal information needed for the purpose of film production. Access will be limited to the individuals on project basis and all access need personal credentials. 

Cloud Act May be an concern from a GDPR perspective and we have to follow up what happens in the future with this. Another concern is that we will store some images, video clips and audio recordings related to the project, and if they are categorized as biometric information, then we have an issue.

The other caveat is that the implemented solution may not scalable in the long run. Let me explain why.

Azure Active Directory.png

We have an number of individuals with different roles working in our projects. In Azure Active Directory, we have users and guests. We have to pay a license for each user, to be able to use Microsoft teams. However, you can have up to 300 users for Teams without cost, which makes this a cost efficient solution right now.

All Employees will be regular users and have an Office 365 Premium Business plan and get an internal e-mail and have full access to all functionality in Teams

Individuals working at suppliers that are business partners, and individuals hired as contractors will need to have at least an Office 365 Essential plan. All other individuals will be treated as guests and can join conversations, manage tasks and access files and notes.

When starting a new project, the first thing to do is to create the project in Visma, get a project number and a name for the project.

We can now setup a new team in Microsoft Teams and add members to this team. We have setup Teams so guests can access a team, but we limit access so only guests added into our AD can login, and that only regular users can add guests to a project.

With this setup, we assume that we comply with GDPR, including Privacy by Design.

However, this means that we have to add every user or guest user who need access to Teams to our AD which is a bottleneck in our process. It also means that we currently have another bottleneck in our process as we have very few employees or business partners who can add team members.

This is not a legal advise and we have not consulted legal experts to assure that we follow all privacy regulations. However, we have made an assessment of the solution, have processes in place and are updating our internal policy’s. 

Info
Written by Casimir Artmann On