Jaa


Multicloud support in Compliance Manager

In this article: Learn how Compliance Manager helps you automatically assess and manage compliance across your multicloud environment.

Tip

If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview trials hub. Learn details about signing up and trial terms.

Overview

Compliance Manager now integrates with Microsoft Defender for Cloud, which allows you to assess your compliance posture across Microsoft 365, Microsoft Azure, Google Cloud Platform (GCP), and Amazon Web Services (AWS) with resource-level testing and cloud-specific guidance. This new integration provides customers with a single interface in Compliance Manager to help make it easier to manage compliance across the organization’s digital estate.

This integration allows Compliance Manger to track configurations in your organization’s Microsoft Azure environment and detect signals from other services like GCP and AWS, so that you can assess your progress in meeting controls for the regulations you need to comply with. Compliance Manager provides guidance for implementing improvement actions in non-Microsoft services for meeting controls.

The integration with Defender for Cloud surfaces in two contexts within Compliance Manager:

  1. Assessments: When you create an assessment in Compliance Manager, you’ll select a supported regulation and then choose one or more services to assess. Compliance Manger then provides automatic monitoring of configurations in your selected services to determine whether controls are passing or failing.

  2. Improvement actions: Using signals from Defender for Cloud, Compliance Manager automatically detects the test status and test result of improvement actions that pertain to Azure and to your non-Microsoft services. With these signals, Compliance Manager automatically tracks the status of actions and resource-level testing details from cloud services like AWS and GCP.

Supported services

The services listed below can be assessed by Compliance Manager:

  • Microsoft 365
  • Microsoft Azure cloud services
  • Google Cloud Platform
  • Amazon Web Services

Add a new service

If you want to assess a non-Microsoft service that isn't listed above, you can add it as a new service when you're creating a new assessment. When you add a new service, the universal version of the underlying regulation is used, and you perform manual implementation and testing work. For instructions on adding a new service, see step 5 of the assessment creation process.

Tip

Compliance Manager has a dedicated selection of connectors to support other non-Microsoft services such as Salesforce and Zoom. Visit Working with connectors in Compliance Manager.

Service subscriptions

When creating assessments, you can select a subscription if the service you choose for the assessment is monitored by Defender for Cloud. Your choice of subscription will affect the evaluation of improvement actions for that service. Learn more about monitoring assessment progress by service.

If you choose subscriptions that are in scope within Defender for Cloud for a matching regulation, automated test results are pulled from Defender for Cloud and shown in the assessment.

Supported regulations

View the list of regulations supported by both Compliance Manager and Defender for Cloud.

Get started

There are setup steps required before you can start building assessments for your cloud services. Visit Configure cloud settings to get started.

Resources