Data protection programme in place? Tick.
Stress-testing occasionally to ensure effectiveness? Tick.
In that case, your and your customers’ data is protected, right?
Well, maybe.
But what if the testing occurred round the clock? What if smart AI tools were constantly at work in the background of your unified communication systems: continuously watching for vulnerable back doors and weak spots in their defences? Only then are your customers and their customers as protected as possible.
For Microsoft users, that can now be the case thanks to a recently-released suite of data protection tools that are baked into its products and which do exactly that.
Combine that clever new capability with the expertise of outsourced data protection professionals and Microsoft users really are ticking all the boxes.
“Effective data protection is proactive rather than reactive – it’s not about just having a policy in place that relies upon random audit checks, it’s about actively ensuring that a policy is being followed every moment of the day,” says Dr Scott Allendevaux, senior practice lead at UC professional services practice Allendevaux & Company, which is helping enterprises all over the world leverage the benefits of Microsoft’s latest AI-powered tools.
“The tools are not a data protection programme in and of themselves; UC providers must have one of those by law to begin with. But, in the hands of experts, the tools can carry out what could be described as a continuous, automated, 24/7 ‘super audit’; checking that a programme is effective at all times, and creating alerts if it is not.
“It’s providing assurance that data protection practises aren’t just written in policy, but they are actively enforced. For UC providers, it not only mitigates the real risk of a data breach, it also acts as a powerful market differentiator.”
Traditionally, data protection programmes are subjected to annual ‘spot checks’. However, those sample stress tests can fail to identify non-compliant practises that could be lurking in a system, and which could potentially expose an organisation to, say, a ransomware attack or other threat.
A protection programme communicated to all employees at the point they join the organisation may comprise potentially effective policies but, if that organisation employees hundreds or even thousands of people, a once-a-year check that they are all behaving compliantly may be insufficient.
“We build data protection programmes on behalf of customers; we create those policies and procedures such as password management, multifactor authentication, and the like,” says Allendevaux.
“However, manual auditors cannot check that every employee is compliant at every moment of every day. Microsoft’s AI-enabled tools enable us to continually monitor whole environments; to follow data wherever it is flowing. We teach those tools to understand an organisation’s data protection programme and track it for non-compliant events. Real-time intelligent insights are delivered via a user dashboard displaying triggers, thresholds and event correlations. For example, if an employee’s laptop is not encrypted, or someone’s smartphone becomes compromised.
“The tools are complex and, unless you are a data professional, it can be like getting into the cockpit of an aircraft. You have hundreds of switches and levers which enable the plane to fly, but you lack the expertise to use them in the right way. That is where we come in. If you are using Microsoft, we’ll build your data protection programme in Microsoft, and we’ll use Microsoft’s tools. You will consume the tools under the terms of your Microsoft licence, and it will all be in your Microsoft environment, and under your control. We are simply granted temporary access to go in and manage or perform updates whenever they are required.”
In some cases, Microsoft users may already be unknowingly paying via their licence for this new functionality, so it’s important for them to be deriving maximum value from their investment.
“It’s exciting for us to be partnering with Microsoft to deliver the benefits of these new AI tools, and it’s obviously a great Microsoft story too,” says Allendevaux.
“Deploying the tools effectively can help us ensure that organisations that already have robust data protection programmes in place can further enhance their levels of security.
“That feels like a triple win.”
To learn more about how Allendevaux & Co. can help your and your customers’ businesses be better protected, click here.
