Gram-Leach-Bliley Act (GLBA)

The Gram-Leach-Bliley Act was introduced to protect customer information within financial institutions. Under this act, organizations are required to disclose how they protect and share customers' personal information with third-party service providers. The privacy rule of this act specifically focuses on safeguarding the confidentiality of customers' non-public personal information (NPI). To achieve compliance, financial institutions must adhere to security and privacy requirements outlined by the GLBA.

This includes monitoring user activity, storing information, controlling access rights, and more in your Microsoft 365 environment.

The following table lists the GLBA compliance requirements and M365 Manager Plus reports that help meet them.

Section	Description	Reports
6801 (a) and (b)	Privacy obligation policy and financial institutions safeguards	Exchange Admin Activity Non-Owner Mailbox Access Mailbox Permission Changes User Mailbox Security Admin Roles Mailbox Delegate Changes User Logon Activity Recent Successful Logon Recent Logon Failure Azure Admin Activity

Steps to generate GLBA compliance reports in M365 Manager Plus

1. Log on to M365 Manager Plus and navigate to the Reports tab.
2. In the left pane, click Compliance Reports.
3. Under GLBA, click the report that you wish to generate.
4. Select the desired domain(s) and click Generate Now.