Microsoft Copilot for M365 is the generative AI that revolutionises organisations’ efficiencies by surfacing strategic insights, finding information, assisting with the curation of content, even summarising and planning your day as efficiently as clicking a button! What is missing from this equation is that deploying the technology isn’t as simple as flicking a switch and ‘going live” with Copilot for Microsoft 365. While the competitive advantage Copilot for Microsoft 365 offers is unparalleled, ensuring the protection of your organisation and its information assets requires more than activating the licenses.

This article examines the necessary preparation organisations should go through to prepare and mitigate potential pitfalls before integrating Copilot for Microsoft 365 into your organisation.

Despite the recent surge in interest in AI over the last 12 months, generative AI is a relatively young discipline as a technology that can engage with everyday users conversationally. Just a few years ago, AI was confined to academic research institutions, the subject of peer-reviewed papers and the research conference circuit. Organisations like OpenAI brought this technology to everyday users and now the workplace has realised the possibilities that context-based GenAI offers, igniting the interest in Copilot for Microsoft 365.

Source: Shutterstock

Copilot for Microsoft 365  allows users and workgroups to automate their day, collaborate more efficiently, be more productive and use collated data from across the organisation to make more informed decisions; all based on information reserves that are continually added to.

While there are benefits generative AI can bring, organisations must address significant concerns regarding security and data governance when embracing such technology.

Here we delve into three steps crucial for the successful implementation of generative AI:

 Step One: Prepare the Environment and Consolidate Your Data

“Make Microsoft 365 the core of organisational information “

Making Microsoft 365 the core basis for business data, and therefore business intelligence is the most operationally logical choice for the majority of organisations. Most IT professionals understand that information becomes much more valuable when it is at users’ fingertips in the most-used platforms, rather than kept  in isolated silos. Migrating data into M365 allows the smart algorithms of Copilot for Microsoft 365 to access relevant information, enabling the AI to enhance its understanding of how your organisation works based on the information available to it.

Fortunately, the AvePoint Confidence Platform helps organisations achieve this consolidation of content through migration, a process which goes beyond a straightforward lift-and-shift.

AvePoint Fly empowers organisations to move from on-premises or remote email to digital collaboration platforms like Google Workspaces, Box, Dropbox, Slack and other collaboration platforms to M365. It discovers and maps existing applications and content, creating migration schedules that minimise operational disruption and downtime. With multiple legacy tenants’ data in one place, businesses can start to better capitalise on their digital resources immediately.

Step Two: Identify and Organise

“Strengthen your data to enable strong Copilot for M365 results”

AvePoint’s Insights and Policies provides the framework to identify high risk content and build efficient and compliant workflows automatically to remediate any potential breaches. Reviewing and strengthening information security provides the ability to establish a solid foundation, encompassing robust cyber protections, identifying areas of sensitive and overshared content and classifying of information according to sensible privilege rules. This is a vital preparatory stage to protect your intellectual property (IP) and ensure your information remains secure and accessible to the right audience.

AvePoint Opus streamlines the classification and organisation of information within M365 (amongst other repositories), ensuring a standard approach to manage content that minimises user intervention. The aim is to ensure information remains accessible and supports compliance with relevant standards and legislation while being available to those who need it.

Simultaneously, organisations should reassess privilege hierarchies and security rules, considering the large investments in solutions like Teams, Groups, OneDrive, SharePoint, Power Automate and so on. Resolving and revising access accumulated access rights accrued over the years, helps bolster security and internal operational efficiency through simplification and consolidation.

Source: Shutterstock

Step Three: Continuous data management

“Ensuring relevant resources”

Tools such as Copilot for Microsoft 365 increase their value to the organisation over time, as they continually improve and refine their capabilities with the accumulation of information.

This is however contingent on the accuracy of your information. Keeping information that is no longer relevant and no longer serves a purpose can impact on the accuracy of machine learning’s findings. Information may represent older products or abandoned work practices that are no longer suitable for the organisation’s current environment.

It is however important to properly store and archive all data, both for compliance and as a source of contextual information for business intelligence with Copilot AI. Here, AvePoint Opus has you covered, keeping data accessible and secure.

Addressing ‘data hygiene’ regularly is imperative, yet many organisations have the resources to manage every aspect of their information assets. AvePoint   automates content lifecycle management by automating the archival of inactive or ROT content and disposing of content that has exceeded its regulatory lifecycle. Furthermore, addressing data hygiene issues also offers a mechanism to reducing storage costs associated with M365.

As outlined in this article, the presence of shadow IT and siloed information can significantly impact the effectiveness of generative AI-driven content curation. Just having access to Copilot for M365 as part of a M365 license does not guarantee quality generate content. Without careful consideration of the organisations information structures, classification methods and content lifecycle management, the potential power of generative AI tools are unrealised.

For organisations committed to realising the maximum benefits of Copilot for M365, we recommend seeking specialised guidance to become “AI ready”. As an early adopter of machine learning technologies, AvePoint has assisted hundreds of organisations across various customer segments to unlock the full potential of generative AI.

With AvePoint’s expert guidance, you can navigate the Copilot for Microsoft 365 journey confidently, leveraging  technology that is specifically designed to deliver optimal results.

To find out more about Copilot for M365 and how it and AvePoint can transform your organisation’s approach to data-based driven operations, contact AvePoint for a demo.

The post 3 Steps to Successfully Automate Copilot for Microsoft 365 Implementation appeared first on Tech Wire Asia.

Many organisations don’t think about these possibilities until a critical incident occurs. Of course, it may be too late by then to recover from a ransomware demand, a loss of intellectual property, or the setback caused by important data that’s been deleted.

The bottom line is that the least terrible thing that can happen will be an interruption to production or workflow, with associated costs. The worst is that the business may be unable to bear the cost of recovery from a ransomware attack (an eye-watering average of $3.35m this year) and cease to exist. We all face this reality in 2022, with ransomware attacks getting bolder and smarter and more of our daily business activities “going digital.”

It’s understandable that Microsoft as a company takes a security-first approach to protect its infrastructure from compromise of all sorts, but M365 tools cannot roll back entire SharePoint sites, mailboxes or Teams Groups when things go badly wrong. But the broad-brush approach isn’t practical in protecting critical data that changes all the time and that people and systems rely on. When margins are tight, the ability to roll back just a few hours can preserve business continuity and get the organisation back on track – before a single client notices.

Speaking exclusively to Tech Wire Asia, Max McNamara, the Director of Solution Engineering of AvePoint Australia, said, “88% of company Boards now actually believe that cybersecurity is a business risk rather than a IT risk – i.e., it’s a business problem, not an IT problem. So, they’re actually saying ‘this is a problem, we need to solve at a company level.’ [A data loss] is not just going to cost money, it’s the reputational damage, the intangible value of the brand that you can’t measure.”

Experienced IT professionals know the value of sound backup and recovery strategies but also know that implementing and practising them can be complex and, therefore, often expensive. Backups and replications must be prioritised, made to happen often, and executed in ways that remain compliant with the organisation’s data policies. Restoring lost information – often in a very granular way – is also essential and needs to be rehearsed and quickly achievable.

It’s difficult to establish these types of procedures inside the Microsoft 365 environment, and many administrators don’t realise what the limits are on their abilities until some disaster takes place. Board-level decisions to invest in cybersecurity insurance are increasingly less effective, with some insurance companies not paying out in circumstances where the insured has not been meticulously proactive.

Business continuity today effectively mirrors data continuity so even small mistakes made by non-IT staff are amplified. The permanent deletion of an email or OneDrive folder is simply done, but can have serious consequences because rolling back to last week’s backup may also roll back the user’s entire profile – at the cost of hours and hours of correspondence and work.

Further up the food chain, IT administrators working in Microsoft 365 are also human. As Max points out, “An example would be security settings in the platform, or user identities – [information] that doesn’t have a versioning history, and [data] that’s not natively kept in the M365 platform. Once they’re changed or deleted, it can take three to four days to manually unpick a change that could have been rolled back within minutes had a backup been in place.”

Few companies offer the type of compliant, granular and comprehensive backup and restore of Microsoft 365 workflows that AvePoint does. Its users can rely on data replication up to four times daily, with information securely held in a different cloud location. Pulling data back happens through a single-pane-of-glass interface so IT administrators can easily and very quickly locate what’s needed and restore it to where it’s wanted.

There’s a choice of where snapshots and archives are held, so if organisations already have cloud capacity, that may be the logical choice. AvePoint also has its own highly secure cloud operations, so the simplest and fastest solution may be to leverage that.

John Hodges, the SVP of Product Strategy at AvePoint, said “Let’s take the intangible cloud and make it something tangible that I can look at, and know that my data is nearby.”

Regardless of your off-site backup preferences, AvePoint Cloud Backup covers Groups, Teams, Office, SharePoint, Exchange, and Project Online, and OneDrive for Business. Backups are fully automated and require no manual exports or .csv files. Snapshots are taken in real-time too, so there’s no need to shut down or pause services like Exchange to be assured of database integrity.

Many organisations’ decision-makers are unaware of how deeply their business has become invested in the Microsoft 365 eco-system. As an environment that seamlessly helps companies collaborate, create, and communicate, most users simply default to the platform to complete the majority of tasks. It’s only when a mistake is made or an attack (internal or external) occurs that recovery from an issue becomes a thorny problem.

Investigating the detail of the scope of your company’s agreements with Microsoft for M365 is an excellent investment to make right now. For advice on the best ways and available tools to protect critical data and workflows, we recommend the team at AvePoint. Get in touch with the company here.

The post Third-Party M365 Backup & Recovery Options for Better Cloud Surety appeared first on Tech Wire Asia.

In a modern workplace where remote and hybrid working is the new norm, technology teams must prioritise security policies and procedures to steer clear of the heightened threat landscape. Given the value of company and personal data to Australian and New Zealand organisations and the increasing need to comply with state and federal data security regulations, protection of information has only grown in importance.

Storing data and running applications in the cloud removes many pitfalls associated with on-premises data storage and management, yet it presents new challenges for IT admins. These challenges include data loss prevention, storage, redundancy and the recovery of data.

Public and private cloud provides remote and distributed workforces easy access to their business applications and collaboration tools to work with colleagues irrespective of location. Whilst great for business continuity and staff motivation, in the changing data storage landscape, data protection and restoration is often overlooked.

With the proliferation of Software-as-a-Service (SaaS) applications that’s changing how we collaborate and get our job done in the modern workplace, protecting data is a new, unexpected challenge. Data is growing. The more data you own, the more you have to sift through, manage and protect.

The new reality of hybrid work only exacerbates the demand for collaboration. Communicating with a distributed workforce over a shared platform like Microsoft Teams or Google Workspace is now commonplace, but what happens to business continuity if something goes wrong with these platforms? Around 40% of companies admit to not having a 3rd party backup solution, so restoring data like Teams chats and documents is not straightforward.

Almost without exception, third-party service providers (such as Microsoft, Salesforce and Google) make the customer take responsibility for their own data protection, whilst focusing on providing a platform that’s secure and available. This means that most organisations face the potential for data loss without the necessary protections in place.

Not all threats are external. It’s common for data breaches and security threats to come from within.  92% of security incidents are unintentional and not malicious; they’re likely user errors. While a general awareness of phishing links in emails and surreptitious malware is relatively high, security teams still need to be conscious of ‘that one user who clicked’. It’s one of the key reasons why data should be backed up frequently and consistently. The same goes for accidental deletion or overwriting documents – reliable backup and recovery is vital in such scenarios.

Not all vulnerabilities lead to malicious intrusions, but unfortunately many do. And often, they’re for profit. The financial impact of data breaches is rising for companies in Australia, with IBM Security’s Cost of a Data Breach Report outlining how the average cost of a data breach based on 23 Australian firms was AU$3.35 million — a year-on-year increase of 9.8%. Just over half (56%) of the intrusions were caused by malicious attacks, well ahead of system faults and human error. Like the cost of a single data breach, the cost of a malicious attack, on average, is AU$3.74 million for an organisation. The ability to pro-actively detect and address threats before they impact your cloud and on-premises environments is critical.

Ransomware is also popular among bad actors, and ransom demands have shot through the roof. The average cost has increased from US$5,000 in 2018 to US$200,000 in 2021. In 2022, a record ransomware payout raked in US$40 million. However, financial loss is not the only problem. Ransomware impacts technology applications and critical infrastructure. That’s downtime for manufacturing plants, IoT devices, processing facilities; anything connected to your organisations affected network. Layer the reputational damage and it’s easy to understand the material impact attacks can have on the modern organisation.

Data protection is never 100%. However, it’s better to be prepared than to be caught unaware. Since most cloud vendors recommend or require third-party backup solutions to secure and protect your data, you need to a solution that meets the growing need for unlimited backup and restore capabilities, such as AvePoint Cloud Backup.

AvePoint Cloud Backup has recently been named a Leader in The Forrester New Wave™: SaaS Application Data Protection Report in Q4 2021.  AvePoint combines 20 years of global and local experience with deep flexibility in storage and configuration to provide the most compete Cloud Backup solution for Microsoft 365. It’s the only SaaS application data protection vendor to score the highest-possible “differentiated” rating across Google Workspace, Salesforce, and Microsoft 365.

AvePoint goes beyond data restoration and looks at the spectrum of data governance, protection and compliance to support organisations to migrate, manage and protect their most valuable assets across 14 data centres globally.

Take the next step with AvePoint Cloud Backup and join over nine million cloud users who rely on AvePoint to protect their data. The platform is built to optimise SaaS operations and secures collaborative environments so that your critical data is never out of reach.

Watch a 5 minute Demo to see how AvePoint can support your organisations data protection requirements.

The post Make data protection a certainty with dependable cloud backup appeared first on Tech Wire Asia.

This is particularly difficult for those managing multi-tenant Microsoft 365 environments. In brief, where does the buck stop? With Azure, Microsoft, the multi-tenancy provider (in the case of an MSP), or the individual company? Coby Liang, CTO SaaS Management of the SaaS and data management platform provider AvePoint, joined us recently to talk through companies’ options.

Cloud Security is Your Responsibility

M365 handles huge amounts of business-critical information daily in the form of emails, documents, spreadsheets, and the like that need proper protection to ensure they’re backed up and recoverable.

Many incorrectly assume that cloud providers protect their users’ data and operational integrity as part of the service they offer. The truth is that while the cyber and physical defenses around an Azure data center are formidable, these measures are in place to protect your data from power outages, bad patches, and natural disasters – not from yourself.

If you happen to fall victim to cybercrime, regulatory missteps, or even human error, you could lose data or even revenue as you work to recover. This is why many cloud providers encourage users to invest in a third-party solution that extend these native protections to streamline recovery and ensure business resiliency.

The stakes are even higher for multi-tenancy organizations, such as MSPs or companies that operate in discrete divisions or sections, like companies with international branch offices or businesses that have grown through merger and acquisition. For these types of organizations, security, account management, and oversight are generally thrown together into one large melting pot for local administrators to manage. With admins juggling so much, security can fall to the wayside and environments can be left vulnerable.

Pain Points of Cloud Security for Multi-Tenancy Organization

While access to your collaboration environment can be secured and encrypted (it’s easy enough to add a single sign-on facility or multi-factor authentication, too), there aren’t too many native security features suitable for multi-tenancy organizations. The ethos of M365 is that it’s deployed company-wide with at least the potential for cross-division, multinational working. It’s challenging for administrators to create discrete account spaces for multi-tenancy where data simply has to be kept separate.

In large organizations, data protection and security are highly complex for many more reasons than the possibility of hacking. Sensitive information should only be available, for example, to those given the right privileges. Certain data should only exist in certain locations, and of course, that makes collaboration — or rather, safe collaboration – highly problematic.

That’s just the situation, Coby told us, that gives rise to a new generation of shadow IT: people will use the nearest possible tools to get a cross-departmental job done, regardless of security concerns or data governance.

For MSPs, total data separation is a must-have. Client’s information, working spaces, entire environments must be kept to clearly-demarcated areas. At the same time, the MSP’s administrators need oversight into all of their tenants’ operations and data to get their own insights into operations right across the company.

Delegated Administration Secures Environment and Unburdens Central IT

At the heart of the problems facing multi-campus organizations and MSPs is one of access privilege control. Solutions such as AvePoint’s Elements Platform can layer security systems that, for instance, can close or isolate accounts in just a few seconds while providing a broad suite of management functions over multi-tenancy environments.

In fact, Coby explains the ideal model for privilege policies (and security policies in general) is one of delegation, as this unburdens your global admins of routine, mundane tasks and allows them to focus on securing and controlling your collaboration environment.

“AvePoint can bring a delegation operational model to our clients, which is a major competitive differentiator for us. And when we say delegation, we talk about the two different layers of delegation. First, delegating to the business, regional IT, or key user groups […] on behalf of global IT. You can delegate to the region’s IT but central IT should maintain all the key security compliance settings for [each] tenant. […] Second, delegating directly to users themselves. When a user wants to create a workspace to host a project, do they need to go to the IT team to create one? Self-service helps the business move ahead on projects quickly while allowing IT to focus on more high value activities. And this is where M365 can really help you to maximize your revenue for the organization.”

The Bottom Line

While AvePoint offers this enterprise-grade security and control to businesses of all sizes and industries, the general principles are the same for all organizations.

Coby says, “If you think about a large company like a modern automobile manufacturer, they have so many different brands, and not necessarily all these brands need to have their own tenancy. However, sometimes they have to set up [an isolated tenancy] because one of the brands wants to manage themselves. So that’s a fundamental difference, but the setup is exactly the same. If you think about how we help the MSP or the enterprise […] we basically provide a single dashboard with full transparency across multiple tenants.”

With a powerful and malleable feature set, AvePoint’s platform helps organizations migrate, manage and protect their Microsoft investments.

To learn more about AvePoint’s specialist platform for the cloud service that’s everywhere, reach out to a representative today or sign up for a free 30-day trial.

The post Securing and managing multi-tenant Microsoft 365 environments appeared first on Tech Wire Asia.

Protecting this valuable data is not only important for organisations to be competitive, but also because this data is often subject to government regulations that carry hefty fines for non-compliance.

To mitigate these risks, organisations have developed operational IT governance policies to help guide user behavior and ensure IT applications, and the data held within them, are protected and enabling business success.

A successful policy framework will have chains of responsibility, authority, and communication with measurement and control mechanisms in place. The challenge most organisations are facing is, once the policies have been created, how do you enforce them across the workforce?

Today, most organisations are leveraging SharePoint or Office 365 in an on-premise, cloud or hybrid environment as their enterprise content management system to store and collaborate on their content. In fact, by 2021, Gartner forecasts that more than 70 percent of businesses will be substantially provisioned with cloud office capabilities.

While Office 365 and SharePoint offer rich features to empower users and enable business success, they also present unique challenges to enforcing operational governance. For example in Office 365, by default, any user can create a Team in Microsoft Teams. When a new Team is established, a new SharePoint site, Exchange mailbox, OneNote, and other Office 365 resources are automatically spun up and shared with the Team members.

Source: AvePoint

That is a lot of new places that critical business data can be created and stored making IT oversight difficult. And, once that Team has been created and in use, what happens to the critical business data if the creator of that Team decides to delete the Team? That data is deleted as well.

Or, what happens if the members within the company are no longer working together on the project that required the creation of a Team? Oftentimes, no appropriate lifecycle or expiration process is put in place, which creates significant compliance risks. These issues arise in SharePoint with the creation of team sites and across Office 365 where there are 19 separate ways to create a “Group” of shared resources.

Whether on-premise, in the cloud or in a hybrid environment, organizations need to figure out a way to standardize policies for ownership and control across these common Microsoft applications, without limiting business potential.

This is where AvePoint’s platform enters the picture. Its governance solutions can define who can create, edit and delete data and specify where content or workspaces are hosted and stored.

At the end of the workspace lifecycle, the solution can help ensure the proper disposal or archival of data according to predefined policies. While there are other solutions to help govern the creation of shared workspaces like SharePoint sites or a Team, AvePoint’s is the only solution that automates the governance across the entire lifecycle. It’s important to note here that AvePoint also has a records solution that can further extend your organisation’s record management capabilities in SharePoint or Office 365.

The governance software will automatically revert back any changes made outside of data policies, informs users as to what’s available and possible, and gives guidelines on appropriate usage. This framework develops a proactive approach to data that’s constructive and one that drives positive change throughout the organisation, rather than just being a set of rigid strictures that prevent creative, strategic thinking in the business.

Source: AvePoint

There are data measuring and tracking routines too to ensure that new IT infrastructure is producing maximum ROI, automatically cataloging adoption and use of collaborative workspaces. And the same facility not only protects the business but also (and this is vital for compliance) can provide the necessary data required for IT audits – internal and external – quickly and without the need to sideline staff to produce mandatory proof of good practice.

In addition to stronger governance and relieving IT administrators from the burden of tedious tasks related to shared workspace maintenance, automating governance can also help your end-user productivity. With an organized collaboration environment, end-users can find content much more quickly. This helps adoption of the new environment as well.

Ask most C-level executives about data governance, and backup and disaster recovery immediately come to mind. AvePoint’s backup solution means that in-house or cloud data is protected and immediately available for restore, from a partial roll-back of key data held on a local server, to a full reversion to a snapshot of a SharePoint instance out in the public cloud. Protection is as granular as it’s needed to be: a single application or database table field, a full web front end, a virtualised service, or a single mailbox, document, calendar, or contact.

To learn more about how AvePoint can help your organisation automate governance to work more safely and more efficiently, sign up for a free trial of Cloud Governance (Office 365 users) or Governance Automation (on-premise or hybrid users) today. You can also trial backup and records solutions. There’s also a free eBook on data governance to download and learn more about how protecting your data helps protect your company: click here.

The post Protect as you deploy: operational governance with AvePoint appeared first on Tech Wire Asia.