In this episode of Late Night Brew, Robert Buktenica interviews Matthew Kaplan about AvePoint Policies and Insights (PI), a service and product that provides customers with the ability to manage the security components of their Microsoft 365 tenants of Teams, SharePoint, and OneDrive. They discuss the problems that AvePoint PI can help solve, such as restricting policies, inhibiting collaboration, and relying on trust. They also highlight the benefits of using PI, including the ability to take action before a major problem occurs, meeting security compliance standards, and having a proactive approach to security.
TIMESTAMP
00:07 – Introduction
00:46 – The Brew
01:25 – What is AvePoint Policies and Insights?
02:10 – The Challenges in Collaboration and Data Security
04:20 – The Importance of Proactive Security and Compliance Standards in Preventing Data Loss
06:40 – How to Manage Your Sensitive Data and Risk Exposure
TRANSCRIPT
Introduction
Robert Buktenica: Hello, everyone, and welcome to another episode of the Late Night Brew, where we talk to brews first, and then we get around to what we’re supposed to be talking about. Joining with me for the first time, Matt Kaplan out of Australia. Thanks for joining me, buddy.
Matthew Kaplan: Hey, Rob, nice to be joining you. Thanks so much for the opportunity to chat to you.
The BREW
Robert: Absolutely, thank you for joining and answer some great questions, which today we’re going to be diving into what is AvePoint PI and knocking a couple of cases, right? Of course, what problems are we solving, what’s the benefit. Before we get to that, the most important thing, Matt, what brew are you having with me today?
Matthew: Well, I’ve got the amazing Wakachangi lager, which is a quite nice beer. Oh, I’ve got my blur on. Can you see it?
Robert: There you go, yes.
Matthew: Okay, it’s cool. Yes, this is from New Zealand. It’s a lager and it’s great uncle Kenny’s amazing Wakachangi lager. Cheers to you, what have you got?
Robert: Cheers, mate. I have, it’s Founders All Day Vacay, it’s a session wheat ale, so nice and easy drinking, nice and light. Which, of course, session, you can have all day long and it’s not a problem.
Matthew: Nice one, well, cheers. All the best, especially at this time of year.
What is AvePoint Policies and Insights?
Robert: Definitely, cheers, so let’s dive right into it, what is AvePoint PI?
Matthew: What is AvePoint PI? Well, it’s a service and a product that gives a customers’ IT team and business team the ability to manage the security components of your Microsoft 365 tenants of Teams, SharePoint and OneDrive. So it gives you that security management visibility and insights, the insights of PI, allowing you to find issues, prioritize them, fix them and enforce them across, you know, Microsoft 365 access controls. That’s effectively what it does.
The Challenges in Collaboration and Data Security
Robert: Awesome, so you touched a little bit on it, what are some more specific problems that it’s solving or use cases that Insentra takes advantage of?
Matthew: Yes, so what we see in market right now is is the approach that certain businesses, CIOs, CFOs are following is that they’re directing their IT teams to like restrict policies, put in insecurity measures, lockdown their users. And what that effectively does is it inhibits collaboration. So they’ve invested in this awesome products and tool, Teams and SharePoint, and OneDrive and saying, “Go forth and collaborate.”
But then, on the other hand, we’re locking you down and we’re not allowing you to do anything in the organisation. That’s what we see in market right now, which is a challenge. The other thing that they struggle with, is they’ve got a lot of sensitive data within an organisation, and companies need to restrict who has access to that data. But what they’re relying on still, unfortunately, is saying, “Hey, Pete, hey Mary, hey, Bill, please don’t share that Excel file with anyone outside of our business.” It’s all relied on trust these days, which is not a great strategy.
It’s pretty hard to monitor how their users are collaborating and with whom, so there isn’t the tool sets to say, “You know, Mary sharing this data with Bill outside the organisation,” and so forth. There’s a lot of complexities in and around the permissions and security components of it. And then this balancing act of usability and security is a huge focus and problem for businesses right now.
What we’ve seen, though, what we’ve seen is the ability to allow sharing within the tenant is a much better approach than to check users on how they’re sharing externally, because Mary and Peter, and Bill in my example are sharing data via Google drives, via Gmail e-mail. That’s an absolute shocker. You want to keep them inside your tenant and you want to keep them sharing inside your tenant.
Robert: Absolutely, it’s that line that has always tried to be in tread of security and functionality. How do you keep yourself safe, while at the same time, making it so you’re not impossible for everyone in the company to work.
Matthew: Very much so, very much so. One of our clients, specifically, and this is another trend that we’re seeing, is aligning to certain standards and governance standards, so they’re meeting those security compliance standards now. Maybe it’s Essential Eight in Australia or cyber essentials in the UK, or PCI in the US, for example.
They’re meeting those standards, but not just monitoring the usage like in a reactive manner, but they’re drawing insights of the app which tool is bubbling up insights in how their users are actually using the tool. It’s very much a proactive approach as well, so it’s not just reactive but proactive approach as well, which is very, very positive.
Robert: Which is huge benefit, and that covers beautifully some of the benefits that you can get from PI, the ability to take action before it becomes a major problem. The ounce of prevention is worth a pound of cure, the trite saying.
Matthew: Hundred percent, I mean, imagine the unexpected loss. You know, whether by accident or, you know, some kind of malicious intent through an external party or an internal person, by the way, who has a malicious intent. How that could affect your bottom line as a customer, how they could affect your reputation, how you could be held ransom to the sensitive data being grabbed from your network.
So data is huge at risk, which customers probably haven’t thought of before, and they generally underestimate, you know, the data that hackers and external parties are after. You know, it’s sometimes the obvious things. It’s sometimes the obvious things like bank account numbers, or I don’t know, passport numbers, or credit card information, or personal information. But, you know, sensitive data to an architectural design company, could be the design plans of their building, to a healthcare, could be a healthcare record, obviously, or an X-ray of someone.
Robert: It could be emails.
Matthew: Exactly.
Robert: Targeted phishing.
Matthew: Exactly.
How to Manage Your Sensitive Data and Risk Exposure
Robert: That’s all just simple message or simple information that you wouldn’t.
Matthew: Exactly, so policies and insights, the PI service from AvePoint, bubbles up the insights. It shows you the insights of who’s using, who’s sharing what data, where your sensitive data is going. Is it being externally shared, do you have shadow users, what SharePoint will Teams start to externally accessible? And then, you can complement that with policies to stop that external sharing or reduce your risk exposure, so that’s the policies and insights component.
Robert: That’s awesome, and that’s a phenomenal point to end on with one little addendum, if you’re curious about what kind of reports, especially if you’re taking advantage of Insentra managing this for you, what kind of reports you can get out of PI, there is the link below to take a look at a sample report, which I really encourage you to do. On that, Matt, huge, huge, huge thank you, sir. I hope you have a fantastic rest of your day, and I really enjoyed having you on. Cheers, buddy.
Our Sample Managed Policies & Insights Report outlines:
Matthew: Cheers, Rob. Thanks so much for the opportunity. Cheers, mate.
Robert: You’re welcome.
Ready to learn more about how Insentra Managed PI can help you protect your business from cyber threats? Visit our Managed Policies and Insights to find out more, or contact us today to speak with one of our experts. Don’t wait until it’s too late – take control of your security with Insentra Managed PI.
Next Episode: Late Night Brew – Unleashing the Power of AvePoint PI and OneDrive
