Arvato Systems | Tim Seebrandt

For More Data Sovereignty and Data Protection in Microsoft 365 - The Data Protection-Friendly Workplace

Data protection-friendly configuration of Microsoft 365 with Arvato Systems takes data protection in the digital workplace to a new level.

The Data Protection-Friendly Workplace With Microsoft 365

Data protection is a top priority for companies, but at the same time, using the public cloud is at the center of current discussions. On the one hand, it offers numerous advantages, such as flexibility and scalability; on the other hand, concerns arise regarding data protection and sovereignty.


To address these concerns, Arvato Systems presents a solution that increases data sovereignty and contributes to the security of the Digital Workplace with M365 - the data privacy-friendly workplace. We configure Microsoft 365 in a way that gives you a higher level of sovereignty over your data while making your company's Digital Workplace secure and efficient. It's time for more data sovereignty and data protection in Microsoft 365.

Arvato Systems | Tim Seebrandt

Together, we create a workplace that is future-proof. Our privacy-friendly configuration of Microsoft 365 enables a higher level of data sovereignty and privacy - essential for a secure Digital Workplace.

Arvato Systems

This Is What Distinguishes the Data Protection-Friendly Workplace From Arvato Systems

Many customers from different industries approach us with the desire for more data protection and data sovereignty in the public cloud. We address data protection concerns when using the public cloud, such as undesirable internal provider data flows, third-party access to the company's own data, and loss of control by third-party companies, with a data protection-friendly configuration of Microsoft 365.

The data protection-friendly workplace offers a high level of data sovereignty based on the public cloud. To achieve this, we first perform a risk analysis so that the subsequent configuration of Microsoft 365 matches your company's security requirements and data protection needs. With the appropriate configuration, we achieve an improved level of data protection that is very close to that of the Sovereign Cloud. Features include the Advanced Data Residency (ADR) add-on, Customer Lockbox, and Microsoft's Purview Data Loss Prevention (DLP) tool.

Would you like more information about the security features of the data protection-friendly workplace with Arvato Systems? Our experts will be happy to advise you.

The Advantages of the Data Protection-Friendly Workplace With Arvato Systems

For organizations without a claim to access the sovereign cloud, but with a desire for more data sovereignty and privacy in Microsoft 365, the privacy-friendly workplace is the ideal solution.
Microsoft 365 configuration gives you more control over your company's own data. This means that you gain more data sovereignty and are also better protected against unauthorized third-party access.
Thanks to the privacy-friendly use of the public cloud, modern ways of working and business models can continue to be used and expanded securely.
Together with SAP, Arvato Systems is developing the Delos Cloud - the sovereign cloud for public administration in Germany. As a result, Arvato Systems' data protection and security experts understand the requirements and challenges associated with managing and protecting sensitive data.

Data Protection-Friendly Configuration of Microsoft 365 - Our Offer for You

We leverage the technologies provided by Microsoft to increase our customers' data sovereignty. In combination with the extensive knowledge of our data protection experts, we increase data sovereignty in the public cloud in a promising way.

We offer a personal exchange of experiences to implement a data protection-friendly workplace. What exactly our consulting offer includes, you can read here:

Technical data protection

Organization and Processes

Migration project/roadmap


We know the data flows of Microsoft 365 - this also includes the data flows depending on features and configurations. We show you these data flows and make recommendations for concrete encryption options.

We set up a budget plan and manage the procurement of the necessary cloud-based services. Changes to IT administration through the use of Microsoft 365 in the cloud we take in hand.

The migration roadmap is also part of our offering. It shows how your data can be migrated securely to the data protection-friendly workplace. We include time, budget, and resources in the roadmap.

We perform a Microsoft 365 Tenant configuration as well as data synchronization. In addition, we provide assistance in the use of the new features. Not to forget Identity and Access Management.

How Can Arvato Systems Implement This?

Knowledge of customer-specific needs

Whether public administration or free enterprise - we know the needs of our customers. Their wishes for more security, transparency, and self-determination are incorporated into our data protection-friendly configuration of Microsoft 365.

Extensive know-how about M365 data flows

We know the data flows of Microsoft 365 and have a holistic focus on data protection. This includes legal regulations for the protection of personal rights or also the opinions of the Data Protection Conference (DSK).

Many years of experience in the area of digital transformation

From consulting to implementation and beyond - our experts support you in your Digital Transformation. Comprehensive knowledge of Microsoft 365 in regulated areas is also one of our competencies.

Exchange of experience on data protection

Arvato Systems' security experts and data protection specialists incorporate all of this into our consulting offering, the exchange of experiences with your company. The result is a data protection-friendly workplace with comprehensive protection.


Take advantage of the exchange of experience on the use of data protection-friendly workplaces with our data protection experts and benefit from their comprehensive know-how and many years of experience. Together, we will raise data protection in your company to a higher level.

Frequently Asked Questions About Microsoft 365 Data Protection

  • Microsoft's public cloud is basically freely accessible. The Delos Sovereign Cloud, on the other hand, is only intended for specific users and must meet special requirements laid down by the German Federal Office for Information Security (BSI). For example, the Delos Cloud is completely isolated from the public Internet. It functions as a separate instance that uses Microsoft's software but is not operated by the US company but exclusively by German companies. The Sovereign Cloud thus offers public administration the opportunity to use Microsoft technology while complying with BSI specifications.

  • With Arvato Systems' data protection-friendly configuration, you can achieve a security level very close to that of the Sovereign Cloud. The special BSI requirements, a prerequisite for significant parts of the public administration, cannot be achieved with a data protection-friendly workplace in the public cloud. The main difference lies in the software's operator and the location where some of the data is stored. You can learn more about the security levels by exchanging experiences with the data protection experts at Arvato Systems.

  • With the EU Data Boundary, Microsoft will offer customers the ability to store and process their data within the EU data boundary for Microsoft 365, Azure, Power Platform, and Dynamics 365 services beginning January 1, 2023. With this release, Microsoft is expanding its local storage and processing commitments and significantly reducing the data flow out of Europe. Customers will be able to see where their data is being held.

Our Glossary on Data Protection in Microsoft 365

Read more about relevant terminology related to data protection in Microsoft 365:

Data protection

Data protection refers to the protection of personal data, with a focus on the right of informational self-determination. The term therefore refers to the conditions under data protection law under which personal information, such as name, address or telephone number, may be collected, processed or used. The 2018 General Data Protection Regulation has further specified these prerequisites.

Data security

Data security refers to the general protection of all of a company's data, whether or not it is personal. It is about taking measures to ensure the security of data, not about the collection and processing of data. Accordingly, data security is a state that can be achieved by taking appropriate measures.

Data privacy compliant

Data privacy compliant means that something is in compliance with applicable data privacy laws. A company acts in a privacy-compliant manner when its business practices meet the legal requirements for protecting personal data. This can include how the company collects, stores, shares and protects data.

Data Protection Conference (DSK)

The DSK is the body of independent data protection authorities in Germany. Its task is to promote and improve data protection in Germany. The DSK prepares opinions on data protection issues, makes recommendations on the interpretation of data protection law and comments on draft legislation. It also serves as a forum for exchange between data protection authorities and helps to ensure uniform application of data protection law in Germany.

Data Protection Supervisory Authority

A data protection supervisory authority is a government institution responsible for monitoring and enforcing compliance with data protection laws. The supervisory authority's tasks include advising on data protection issues, investigating complaints and notifications of data protection violations, and conducting inspections of organizations. In Germany, there are data protection supervisory authorities at the federal and state levels.

General Data Protection Regulation (DSGVO)

The GDPR is a European Union regulation that governs the protection of personal data of EU citizens. It entered into force on May 25, 2018 and applies in all EU member states. The GDPR aims to unify the level of data protection in the EU and strengthen the protection of privacy as a fundamental right. It specifies how companies must collect, store, process and protect personal data. In the event of violations of the GDPR, supervisory authorities take action.

You May Also Be Interested In

For Advanced Security of Your Cloud Platform: Microsoft 365 E5 Security

Protect sensitive data with Microsoft 365 E5 Security - for more security with Microsoft!

Security and Governance: Microsoft Information Protection

How is it possible to ensure your governance and security policies are consistent across all enterprise devices, files, and content? Learn more about the Microsoft Information Protection portfolio!

Microsoft 365

The foundation for your Modern Workplace.

Your Contact for For the Data Protection-Friendly Workplace

Arvato Systems | Tim Seebrandt
Tim Seebrandt
Expert for Microsoft 365