By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
World of SoftwareWorld of SoftwareWorld of Software
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Search
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
Reading: The governance trap: Why one-off security is no longer enough
Share
Sign In
Notification Show More
Font ResizerAa
World of SoftwareWorld of Software
Font ResizerAa
  • Software
  • Mobile
  • Computing
  • Gadget
  • Gaming
  • Videos
Search
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Have an existing account? Sign In
Follow US
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
World of Software > News > The governance trap: Why one-off security is no longer enough
News

The governance trap: Why one-off security is no longer enough

News Room
Last updated: 2026/07/16 at 5:06 AM
News Room Published 16 July 2026
Share
The governance trap: Why one-off security is no longer enough
SHARE

Microsoft discovers an average of 38 million new identity risks per day, according to the latest Digital Defense Report.

If attackers gain access to a user account via compromised access data, stolen tokens or other identity attacks, it is not just the compromise itself that determines the damage – but above all the question of what information this account can access.

This is exactly where another risk arises in many companies. Over the years, content has been shared, project areas opened, teams created and sharing links created. These authorizations often remain in place even though the original need has long since ceased. This is how oversharing occurs: information is accessible to significantly more people than originally intended.

Many security architectures lose their effectiveness over time. With AI, the vulnerabilities are discovered – and exploited.

shutterstock/CL STOCK

AI makes visible what has long been open

“We often see that security configurations were initially introduced cleanly, but then many gaps arise during ongoing operations,” says Sebastian Stiller, Product Owner Modern Workplace at OEDIV, a company in the Oetker Group that supports medium-sized companies in IT strategy and operations.

Microsoft now explicitly treats oversharing as a governance and copilot risk and recommends using SharePoint and OneDrive governance to specifically check which content has been shared too widely and can therefore become visible in AI-supported searches.

“This is something we regularly see from our customers: Governance is not just a set of rules, but an ongoing task,” explains Stiller. “Many companies have the tools, but not the process.”

End devices become a controlled access layer

The challenge is not limited to identities, permissions and data access. Similar deficits can also be seen in the end devices themselves. Multi-factor authentication and risk-based access are now part of basic protection. But it is not enough to set up devices securely once and then leave them to their own devices.

Modern workplace environments require continuous compliance checks, standardized security baselines and structured patch, update and device management. The conclusion is: End devices must also become a central part of the security architecture.

This points to a key weakness in many security strategies: tried-and-tested security tools and defense programs are widely used, but they are often not used consistently or operationalized on a long-term basis. “In many companies there is a lack of permanent, if possible automated, monitoring,” reports Stiller from his experiences. “This is because security is often thought of as a project – and not as a continuous operational process.”

Security is not a solution, it is an operating model

Anyone who thinks of security as an operating model often just needs to use their standard solutions more consistently. “Many companies already have a large part of the necessary security functions,” says Stiller. “The real challenge often lies not in the technology, but in its operationalization – that is, in operating these functions consistently, permanently and in a controlled manner.”

OEDIV sees modern workplace security as an interplay of governance, security and ongoing operations. In this sense, OEDIV Managed Microsoft 365 is the focus. The service makes Microsoft 365 environments permanently controllable – with clear rules, ongoing monitoring and structured improvement processes.

OEDIV thus addresses the weak points mentioned above: consistent governance and ongoing sharpening of regular operations. Managed Microsoft 365 becomes an operating model for security, governance and control. This ensures, for example, that excessive releases or risks in identity and access management can be visibly and specifically addressed at an early stage.

An operating model includes operational control

This approach is complemented by Managed Workplace, which structures the operational control of end devices according to two complementary levels: On the one hand, the devices should remain secure and up-to-date through endpoint management, patching and endpoint security. On the other hand, it is about the operational control of the device fleet – from mobile device management to the controlled provision of applications.

In conjunction with Managed Microsoft 365, an integrated control level is created: Identities, devices and data access are no longer isolated islands, but rather a continuously controlled area. On the one hand, security can be technically increased. On the other hand, an operational framework is created in which deviations can be identified more quickly and appropriate measures can be initiated immediately.

This integrated control level works according to two central guiding principles that OEDIV embeds in all services: Security by Design means that security is built into every component from the start – not as an additional module, but as a consistent structural principle. In both services, every operational step is interwoven with security requirements.

Evergreen by Design addresses the problem of statics. Many IT systems are configured once and then hardly modernized. OEDIV’s service model embeds continuous updates, patches and best practice optimizations – security and modernity arise during ongoing operation, not just during the initial configuration.

“That’s why we position Managed Workplace and Managed Microsoft 365 not as isolated solutions, but as integrated service offerings,” explains Stiller. “For us, governance, security and operations cannot be separated from each other – they are the basis for real control.”

Make safety part of your business routine

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Twitter Email Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article E-scooter accidents: 38 percent more crashes with injuries in one year E-scooter accidents: 38 percent more crashes with injuries in one year
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

248.1k Like
69.1k Follow
134k Pin
54.3k Follow

Latest News

E-scooter accidents: 38 percent more crashes with injuries in one year
E-scooter accidents: 38 percent more crashes with injuries in one year
Software
here is the extended Model Y for large families
here is the extended Model Y for large families
Mobile
Carnival’s next megacruise will be huge. Your biggest change will be in how the sea will look
Carnival’s next megacruise will be huge. Your biggest change will be in how the sea will look
Gaming
Schufa stores outdated data from millions of consumers in a shadow database
Schufa stores outdated data from millions of consumers in a shadow database
Software

You Might also Like

10 Dark Prompt Engineering Secrets | Computer Week
News

10 Dark Prompt Engineering Secrets | Computer Week

3 Min Read
SAP study: AI pays off – governance lags behind
News

SAP study: AI pays off – governance lags behind

13 Min Read
AWS open source MCP server accelerates research
News

AWS open source MCP server accelerates research

1 Min Read
“AI must support the process – not control it”
News

“AI must support the process – not control it”

5 Min Read
//

World of Software is your one-stop website for the latest tech news and updates, follow us now to get the news that matters to you.

Quick Link

  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Topics

  • Computing
  • Software
  • Press Release
  • Trending

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

World of SoftwareWorld of Software
Follow US
Copyright © All Rights Reserved. World of Software.
Welcome Back!

Sign in to your account

Lost your password?