Microsoft discovers an average of 38 million new identity risks per day, according to the latest Digital Defense Report.
If attackers gain access to a user account via compromised access data, stolen tokens or other identity attacks, it is not just the compromise itself that determines the damage – but above all the question of what information this account can access.
This is exactly where another risk arises in many companies. Over the years, content has been shared, project areas opened, teams created and sharing links created. These authorizations often remain in place even though the original need has long since ceased. This is how oversharing occurs: information is accessible to significantly more people than originally intended.
Many security architectures lose their effectiveness over time. With AI, the vulnerabilities are discovered – and exploited.
shutterstock/CL STOCK
AI makes visible what has long been open
“We often see that security configurations were initially introduced cleanly, but then many gaps arise during ongoing operations,” says Sebastian Stiller, Product Owner Modern Workplace at OEDIV, a company in the Oetker Group that supports medium-sized companies in IT strategy and operations.
Microsoft now explicitly treats oversharing as a governance and copilot risk and recommends using SharePoint and OneDrive governance to specifically check which content has been shared too widely and can therefore become visible in AI-supported searches.
“This is something we regularly see from our customers: Governance is not just a set of rules, but an ongoing task,” explains Stiller. “Many companies have the tools, but not the process.”
End devices become a controlled access layer
The challenge is not limited to identities, permissions and data access. Similar deficits can also be seen in the end devices themselves. Multi-factor authentication and risk-based access are now part of basic protection. But it is not enough to set up devices securely once and then leave them to their own devices.
Modern workplace environments require continuous compliance checks, standardized security baselines and structured patch, update and device management. The conclusion is: End devices must also become a central part of the security architecture.
This points to a key weakness in many security strategies: tried-and-tested security tools and defense programs are widely used, but they are often not used consistently or operationalized on a long-term basis. “In many companies there is a lack of permanent, if possible automated, monitoring,” reports Stiller from his experiences. “This is because security is often thought of as a project – and not as a continuous operational process.”
Security is not a solution, it is an operating model
Anyone who thinks of security as an operating model often just needs to use their standard solutions more consistently. “Many companies already have a large part of the necessary security functions,” says Stiller. “The real challenge often lies not in the technology, but in its operationalization – that is, in operating these functions consistently, permanently and in a controlled manner.”
OEDIV sees modern workplace security as an interplay of governance, security and ongoing operations. In this sense, OEDIV Managed Microsoft 365 is the focus. The service makes Microsoft 365 environments permanently controllable – with clear rules, ongoing monitoring and structured improvement processes.
OEDIV thus addresses the weak points mentioned above: consistent governance and ongoing sharpening of regular operations. Managed Microsoft 365 becomes an operating model for security, governance and control. This ensures, for example, that excessive releases or risks in identity and access management can be visibly and specifically addressed at an early stage.
An operating model includes operational control
This approach is complemented by Managed Workplace, which structures the operational control of end devices according to two complementary levels: On the one hand, the devices should remain secure and up-to-date through endpoint management, patching and endpoint security. On the other hand, it is about the operational control of the device fleet – from mobile device management to the controlled provision of applications.
In conjunction with Managed Microsoft 365, an integrated control level is created: Identities, devices and data access are no longer isolated islands, but rather a continuously controlled area. On the one hand, security can be technically increased. On the other hand, an operational framework is created in which deviations can be identified more quickly and appropriate measures can be initiated immediately.
This integrated control level works according to two central guiding principles that OEDIV embeds in all services: Security by Design means that security is built into every component from the start – not as an additional module, but as a consistent structural principle. In both services, every operational step is interwoven with security requirements.
Evergreen by Design addresses the problem of statics. Many IT systems are configured once and then hardly modernized. OEDIV’s service model embeds continuous updates, patches and best practice optimizations – security and modernity arise during ongoing operation, not just during the initial configuration.
“That’s why we position Managed Workplace and Managed Microsoft 365 not as isolated solutions, but as integrated service offerings,” explains Stiller. “For us, governance, security and operations cannot be separated from each other – they are the basis for real control.”
Make safety part of your business routine
