Construction Firm Strengthens Security Before Copilot for Microsoft 365 Rollout

Challenge

The customer has M365 E3 licenses and is deeply entrenched in it in terms of usage and data. Therefore, it becomes imperative to assess the security footprint before rolling out M365 Copilot. The company also uses additional non-Microsoft security products that need to be assessed critically in this context.

The company wanted to ensure that the system and data to be considered for Copilot for Microsoft 365 deployment do not introduce any new or unidentified risk to the organization. It weighed heavily on them to be able to identify all risks associated with such a process and they needed to keep the risks below the accepted internal risk threshold.

Solution

Netwoven conducted an in-depth review of the infrastructure, all Microsoft 365 workloads, users, data and its usage, and the existing security tools and practices. The goal was to assess the present status of each one against Microsoft's best practices and provide appropriate recommendations. Netwoven also reviewed past security incidents and established remediation steps. The following is a high-level list of entities that were examined. A detailed review was undertaken at a very granular level within each one of these.

• Microsoft 365 Tenant Settings
• Microsoft Entra – Users, Groups and Devices
• Multi Factor Authentication (MFA)
• Conditional Access Policy
• Data Governance
• Data Security
• SharePoint Online
• OneDrive for Business
• Microsoft Teams
• Content sharing and permissions review
• Microsoft Purview Compliance
• Identification of sensitive sites

Netwoven provided detailed recommendations for each one of the above as a part of the final assessment report.

Some of the recommendation highlights are as follows:

1. Upgrading to Microsoft 365 E5

This was strongly recommended to gain access to a comprehensive suite of features that include all the offerings of E3. Additionally, to take advantage of the enhanced value with scalable business analytics through Power BI Pro, advanced security and compliance capabilities etc. This strengthens the areas of:

• Information Protection
• Threat Protection
• Cloud Access Security Broker
• Insider Risk Management

2. Microsoft Secure Score

This was recommended to be used more vigorously as one point metric on a continuous basis. Certain settings were suggested to be activated as baseline default and certain settings were advised to be changed e.g., setting up alerts on changes in secure score resulted by high impact actions.

3. Microsoft Entra – Users, Groups and Devices

The important recommendations were

• Implement Role Based Access Control (RBAC)
• Leverage Group Based Access Control
• Utilize Device Management Solution
• Enable Mobile Device Management (MDM) and Mobile Access Management (MAM)
• Define Guest User Policies and Access
• Enable redundant MFA using Entra ID to provide users a backup option in case they forget or lose one of their factors and provides them the convenience of authenticating securely from any device.

4. Implementing data protection and compliance using Microsoft Purview

By utilizing pre-built assessments for relevant regulations, this identifies data protection risks and suggests improvement actions. With Sensitivity labels, the customer can classify and protect critical information, ensuring it is only accessed by authorized personnel. Data Loss Prevention (DLP) empowers the customer to set up safeguards that prevents sensitive data from unintentionally exiting the company network. Additionally, insider risk management features within Purview help identify and mitigate potential security threats posed by malicious or careless employee activity.

Likewise, detailed recommendations were made for each relevant entity to strengthen the security readiness for deployment of M365 Copilot. This was important because Copilot will extract data from the documents, presentations, spreadsheets, emails, calendars, chats, meetings, contacts, and other files through Microsoft Graph. The content can reside in any repository like Microsoft 365, ServiceNow, Box.com, Azure File Share etc. that has been integrated with the Graph data. The most important aspect would be the resilience of the secured searches. Therefore, it was imperative to examine the organization’s security maturity, with a strong focus on identity and access management. This ensures that the foundation of security controls are in place before Copilot deployment and helps identify and address potential risks and gaps in infrastructure, data, and security.

Benefits

This assessment helped the organization with a 360-degree view of its present security posture. It gave them a clear roadmap for a smooth deployment of M365 Copilot. The major business benefits were:

• Appropriate technology solution optimizing on existing investment
• Implementation recommendations for a more secure business operation
• Secure foundation to attain improved employee productivity with proposed M365 copilot deployment