The Infrastructure Illusion: Mapping What Your People Actually Do

1
00:00:00,000 --> 00:00:02,360
Most organizations operate on an imagined version

2
00:00:02,360 --> 00:00:04,720
of their infrastructure, not a documented version,

3
00:00:04,720 --> 00:00:07,040
not a tested version, an imagined one.

4
00:00:07,040 --> 00:00:09,240
Leadership has a mental model of how work flows

5
00:00:09,240 --> 00:00:10,080
through the business.

6
00:00:10,080 --> 00:00:13,620
The model is clean, tools have owners, data follows policy,

7
00:00:13,620 --> 00:00:16,080
processes are followed because they're written down.

8
00:00:16,080 --> 00:00:18,320
Governance means something, control exists,

9
00:00:18,320 --> 00:00:19,520
none of this is true.

10
00:00:19,520 --> 00:00:21,560
But the gap between what leadership believes

11
00:00:21,560 --> 00:00:23,920
and what actually happens isn't a technology problem.

12
00:00:23,920 --> 00:00:25,120
It's not a training problem,

13
00:00:25,120 --> 00:00:26,600
it's not even a management problem,

14
00:00:26,600 --> 00:00:27,840
it's an architecture problem,

15
00:00:27,840 --> 00:00:30,480
and architecture problems don't get solved

16
00:00:30,480 --> 00:00:32,280
with better tools or stricter policies.

17
00:00:32,280 --> 00:00:34,680
They get solved by seeing what's actually there.

18
00:00:34,680 --> 00:00:37,200
This episode is about mapping the invisible infrastructure,

19
00:00:37,200 --> 00:00:40,680
the one nobody designed, the one that actually runs your business.

20
00:00:40,680 --> 00:00:42,840
The diagram that doesn't match reality,

21
00:00:42,840 --> 00:00:45,960
every organization has an infrastructure diagram somewhere.

22
00:00:45,960 --> 00:00:47,640
It's probably in PowerPoint or Visio,

23
00:00:47,640 --> 00:00:51,000
it shows clean lines, clear ownership, logical flows,

24
00:00:51,000 --> 00:00:55,640
systems connect, data moves from point A to point B as intended,

25
00:00:55,640 --> 00:00:57,800
each tool has a purpose, each person has a role.

26
00:00:57,800 --> 00:01:00,240
The diagram represents intent, the diagram is wrong,

27
00:01:00,240 --> 00:01:01,920
not because it was drawn poorly,

28
00:01:01,920 --> 00:01:03,960
because the moment people touched the system,

29
00:01:03,960 --> 00:01:06,320
the moment actual work started happening.

30
00:01:06,320 --> 00:01:09,640
Reality diverged, people adapted, they found shortcuts,

31
00:01:09,640 --> 00:01:11,000
they worked around friction,

32
00:01:11,000 --> 00:01:13,520
they optimized for speed instead of compliance,

33
00:01:13,520 --> 00:01:14,960
they created parallel processes

34
00:01:14,960 --> 00:01:16,840
because the official ones were too slow.

35
00:01:16,840 --> 00:01:19,520
Leadership makes decisions based on the diagram.

36
00:01:19,520 --> 00:01:21,160
They assume the sales process works

37
00:01:21,160 --> 00:01:22,920
the way the CRM is supposed to work.

38
00:01:22,920 --> 00:01:25,040
They assume hiring follows the HR system,

39
00:01:25,040 --> 00:01:26,920
they assume finance reconciliation happen

40
00:01:26,920 --> 00:01:29,920
in the accounting software, they assume data stays classified,

41
00:01:29,920 --> 00:01:31,440
they assume sharing is controlled,

42
00:01:31,440 --> 00:01:32,920
they assume visibility exists,

43
00:01:32,920 --> 00:01:35,960
then they deploy co-pilot or implement a new governance policy

44
00:01:35,960 --> 00:01:37,760
or try to audit compliance.

45
00:01:37,760 --> 00:01:40,440
And for the first time, they see what's actually happening,

46
00:01:40,440 --> 00:01:42,680
the actual infrastructure, not the imagined one,

47
00:01:42,680 --> 00:01:45,560
not the one in the diagram, it doesn't match.

48
00:01:45,560 --> 00:01:47,800
The distance between the diagram and reality

49
00:01:47,800 --> 00:01:49,680
is where your real problems live,

50
00:01:49,680 --> 00:01:51,080
not where the risks are hiding,

51
00:01:51,080 --> 00:01:53,280
where they're actively operating with permission,

52
00:01:53,280 --> 00:01:55,880
following a logic that made sense the moment it was created

53
00:01:55,880 --> 00:01:57,600
but hasn't been questioned since.

54
00:01:57,600 --> 00:01:59,080
Here's what this looks like in practice,

55
00:01:59,080 --> 00:02:00,920
a sales rep needs to move a deal forward.

56
00:02:00,920 --> 00:02:03,280
The CRM says the proposal should be created,

57
00:02:03,280 --> 00:02:04,480
shared through the system,

58
00:02:04,480 --> 00:02:07,440
tracked with timestamps and closed with approval.

59
00:02:07,440 --> 00:02:09,920
The actual process, the rep writes the proposal in word

60
00:02:09,920 --> 00:02:11,040
on their laptop.

61
00:02:11,040 --> 00:02:12,160
They email it to the client

62
00:02:12,160 --> 00:02:14,160
because email feels faster and more controlled

63
00:02:14,160 --> 00:02:15,440
than a shared repository.

64
00:02:15,440 --> 00:02:16,800
The client suggests changes,

65
00:02:16,800 --> 00:02:18,400
those changes come back in email,

66
00:02:18,400 --> 00:02:21,160
the rep integrates them, sends a new version via email,

67
00:02:21,160 --> 00:02:23,000
the thread becomes the source of truth.

68
00:02:23,000 --> 00:02:26,240
Finance never sees the pipeline data because it's in email.

69
00:02:26,240 --> 00:02:29,480
The deal closes, the CRM is updated three weeks later if at all.

70
00:02:29,480 --> 00:02:34,240
The diagram shows CRM, tools, process, closure.

71
00:02:34,240 --> 00:02:38,080
The reality shows, email, adaptation, workaround, closure.

72
00:02:38,080 --> 00:02:39,880
Both are operating, both are valid.

73
00:02:39,880 --> 00:02:42,040
The organization is not broken, it's working,

74
00:02:42,040 --> 00:02:44,320
but it's working on a system that nobody formally acknowledged,

75
00:02:44,320 --> 00:02:45,480
nobody officially designed,

76
00:02:45,480 --> 00:02:46,720
and nobody's actually governing.

77
00:02:46,720 --> 00:02:47,680
This happens everywhere.

78
00:02:47,680 --> 00:02:50,080
The actual infrastructure is built on speed, trust,

79
00:02:50,080 --> 00:02:51,440
and friction reduction.

80
00:02:51,440 --> 00:02:54,080
People become expert at navigating around the official system.

81
00:02:54,080 --> 00:02:56,040
They develop mental maps of what works.

82
00:02:56,040 --> 00:02:57,600
They create shadow repositories.

83
00:02:57,600 --> 00:02:59,120
They maintain parallel spreadsheets.

84
00:02:59,120 --> 00:03:01,000
They own the workaround so thoroughly

85
00:03:01,000 --> 00:03:03,120
that those workarounds become indispensable,

86
00:03:03,120 --> 00:03:04,960
remove them and the business slows down.

87
00:03:04,960 --> 00:03:06,280
Leadership sees the diagram,

88
00:03:06,280 --> 00:03:09,200
ET secures the diagram, compliance audits the diagram,

89
00:03:09,200 --> 00:03:11,000
but the business runs on something else.

90
00:03:11,000 --> 00:03:12,920
That's something else that invisible,

91
00:03:12,920 --> 00:03:15,120
undocumented, adaptive infrastructure

92
00:03:15,120 --> 00:03:17,040
is what we're going to map in this episode.

93
00:03:17,040 --> 00:03:19,080
Because before you can govern it, secure it,

94
00:03:19,080 --> 00:03:20,240
or scale it with AI,

95
00:03:20,240 --> 00:03:22,000
you need to understand that it exists

96
00:03:22,000 --> 00:03:24,320
and you need to understand what it's actually doing.

97
00:03:24,320 --> 00:03:26,880
The sales proposal story, part one, the design.

98
00:03:26,880 --> 00:03:28,920
Let me walk you through a real sales process.

99
00:03:28,920 --> 00:03:30,160
Not the one that happens.

100
00:03:30,160 --> 00:03:33,040
The one that's supposed to happen, a deal starts in the CRM.

101
00:03:33,040 --> 00:03:34,720
A sales rep creates an opportunity

102
00:03:34,720 --> 00:03:37,240
and does the customer information fills in the forecast date.

103
00:03:37,240 --> 00:03:38,400
This is the first gate.

104
00:03:38,400 --> 00:03:39,960
The CRM is the source of truth.

105
00:03:39,960 --> 00:03:42,600
Leadership runs revenue reports of this data.

106
00:03:42,600 --> 00:03:45,040
Finance forecasts based on what's in the pipeline.

107
00:03:45,040 --> 00:03:46,000
The rep knows.

108
00:03:46,000 --> 00:03:48,400
If it's not in the CRM, it doesn't exist.

109
00:03:48,400 --> 00:03:49,360
The deal moves forward.

110
00:03:49,360 --> 00:03:51,240
The proposal needs to be created.

111
00:03:51,240 --> 00:03:54,160
In the design process, the rep uses a proposal template

112
00:03:54,160 --> 00:03:55,240
stored in SharePoint.

113
00:03:55,240 --> 00:03:56,360
The template is governed.

114
00:03:56,360 --> 00:03:57,680
It enforces branding.

115
00:03:57,680 --> 00:03:59,400
It uses approved language.

116
00:03:59,400 --> 00:04:00,840
When the rep creates the proposal,

117
00:04:00,840 --> 00:04:02,400
it goes into a SharePoint library.

118
00:04:02,400 --> 00:04:04,200
The library has retention policies.

119
00:04:04,200 --> 00:04:05,440
It has sensitivity labels.

120
00:04:05,440 --> 00:04:07,120
It has permission structures.

121
00:04:07,120 --> 00:04:10,600
External sharing is restricted unless explicitly approved.

122
00:04:10,600 --> 00:04:12,760
Everyone who needs to see the proposal gets access

123
00:04:12,760 --> 00:04:14,880
through the repository, access is audited.

124
00:04:14,880 --> 00:04:17,400
If someone leaves the company, their permissions are revoked.

125
00:04:17,400 --> 00:04:18,960
The proposal lives in the system.

126
00:04:18,960 --> 00:04:20,440
The client provides feedback.

127
00:04:20,440 --> 00:04:23,080
In the design process, this feedback flows through teams.

128
00:04:23,080 --> 00:04:24,960
The rep creates a channel for the project.

129
00:04:24,960 --> 00:04:27,640
The client gets a guest account with limited permissions.

130
00:04:27,640 --> 00:04:30,360
Comments on the proposal stay inside the collaboration space.

131
00:04:30,360 --> 00:04:31,800
All communication is threaded.

132
00:04:31,800 --> 00:04:33,160
All versions are controlled.

133
00:04:33,160 --> 00:04:34,840
Everyone sees the same current version.

134
00:04:34,840 --> 00:04:37,160
There's no confusion about what the current state is

135
00:04:37,160 --> 00:04:39,560
because the system is the single source of truth.

136
00:04:39,560 --> 00:04:41,480
Finance sees the activity.

137
00:04:41,480 --> 00:04:44,480
Because the proposal is in SharePoint and the deal is in the CRM,

138
00:04:44,480 --> 00:04:47,000
finance can run a report and understand the pipeline.

139
00:04:47,000 --> 00:04:49,360
They can see which deals have active proposals.

140
00:04:49,360 --> 00:04:52,400
They can forecast based on deal stage and proposal status.

141
00:04:52,400 --> 00:04:54,200
They can estimate when contracts will be signed

142
00:04:54,200 --> 00:04:56,320
because the process has defined gates.

143
00:04:56,320 --> 00:04:59,160
They know when to expect cash flow because the system tracks it.

144
00:04:59,160 --> 00:05:01,120
Compliance monitors the process.

145
00:05:01,120 --> 00:05:03,760
Because the proposal is labeled as a customer proposal,

146
00:05:03,760 --> 00:05:06,000
sensitive pricing information is protected.

147
00:05:06,000 --> 00:05:08,400
If the customer is in a regulated industry,

148
00:05:08,400 --> 00:05:11,040
the proposal carries the appropriate sensitivity label.

149
00:05:11,040 --> 00:05:12,600
Compliance can run a report showing

150
00:05:12,600 --> 00:05:15,720
that all customer facing documents are properly classified.

151
00:05:15,720 --> 00:05:18,280
Data loss prevention policies prevent the proposal

152
00:05:18,280 --> 00:05:21,040
from being shared externally without approval.

153
00:05:21,040 --> 00:05:23,160
If someone tries to email the proposal

154
00:05:23,160 --> 00:05:25,720
to an unapproved recipient, the system stops it.

155
00:05:25,720 --> 00:05:28,640
Compliance is confident that sensitive information is protected.

156
00:05:28,640 --> 00:05:30,200
The deal moves toward closure.

157
00:05:30,200 --> 00:05:31,800
The client signs off on the proposal.

158
00:05:31,800 --> 00:05:35,240
The rep updates the CRM to reflect that the proposal is accepted.

159
00:05:35,240 --> 00:05:36,840
The opportunity stage advances.

160
00:05:36,840 --> 00:05:38,720
Finance updates their forecast.

161
00:05:38,720 --> 00:05:40,040
The contract phase begins.

162
00:05:40,040 --> 00:05:42,040
Everyone in the organization with authority

163
00:05:42,040 --> 00:05:44,080
to see that deal can see the current status.

164
00:05:44,080 --> 00:05:45,640
This is the designed infrastructure.

165
00:05:45,640 --> 00:05:46,920
It's clean, it's logical.

166
00:05:46,920 --> 00:05:48,720
Each tool does what it's supposed to do.

167
00:05:48,720 --> 00:05:50,200
Data flows in defined directions.

168
00:05:50,200 --> 00:05:51,520
Controls are enforced.

169
00:05:51,520 --> 00:05:53,360
Governance is embedded in the process.

170
00:05:53,360 --> 00:05:55,560
And it doesn't work, not because the design is flawed.

171
00:05:55,560 --> 00:05:58,320
Because the moment actual human beings tried to close a deal,

172
00:05:58,320 --> 00:06:00,080
the entire system became friction.

173
00:06:00,080 --> 00:06:03,400
The rep cannot close a deal faster by following the designed process.

174
00:06:03,400 --> 00:06:05,520
The process is secure, the process is auditable,

175
00:06:05,520 --> 00:06:08,120
the process is transparent, the process is also slow,

176
00:06:08,120 --> 00:06:10,160
creating a SharePoint library takes time.

177
00:06:10,160 --> 00:06:12,960
Inviting a guest to Teams requires IT approval.

178
00:06:12,960 --> 00:06:15,960
Getting a sensitivity label applied requires classification.

179
00:06:15,960 --> 00:06:17,920
Waiting for compliance review delays the send.

180
00:06:17,920 --> 00:06:19,560
By the time the proposal reaches the client,

181
00:06:19,560 --> 00:06:21,880
they've already talked to a competitor who moved faster.

182
00:06:21,880 --> 00:06:22,880
The rep knows this.

183
00:06:22,880 --> 00:06:24,520
The rep has done this job before.

184
00:06:24,520 --> 00:06:26,000
The rep knows what actually works.

185
00:06:26,000 --> 00:06:28,240
And in that moment, the moment when speed and control

186
00:06:28,240 --> 00:06:31,000
come into conflict, the design infrastructure stops existing.

187
00:06:31,000 --> 00:06:32,240
Another one takes its place.

188
00:06:32,240 --> 00:06:34,960
This isn't a failure of will or a failure of training.

189
00:06:34,960 --> 00:06:37,760
It's not because the rep is ignoring policy or being reckless.

190
00:06:37,760 --> 00:06:39,920
It's because the design system creates friction

191
00:06:39,920 --> 00:06:41,720
that doesn't exist in the real world.

192
00:06:41,720 --> 00:06:44,360
And real business doesn't wait for perfect process.

193
00:06:44,360 --> 00:06:45,800
That's where the story gets interesting.

194
00:06:45,800 --> 00:06:48,680
That's where the actual infrastructure reveals itself.

195
00:06:48,680 --> 00:06:51,560
The sales proposal story, part two, the actual flow.

196
00:06:51,560 --> 00:06:52,840
Here's what actually happens.

197
00:06:52,840 --> 00:06:54,280
The rep opens word on their laptop.

198
00:06:54,280 --> 00:06:56,520
They don't go to SharePoint because they don't have time

199
00:06:56,520 --> 00:06:58,080
to navigate the library structure,

200
00:06:58,080 --> 00:07:00,600
wait for permissions to cascade or deal with the checkout

201
00:07:00,600 --> 00:07:03,760
and check in workflow that makes collaboration feel like a chore.

202
00:07:03,760 --> 00:07:04,760
They open word.

203
00:07:04,760 --> 00:07:06,960
They find an old proposal on their desktop,

204
00:07:06,960 --> 00:07:09,560
something they wrote for a similar customer three deals ago.

205
00:07:09,560 --> 00:07:11,520
They copy it, they customize it.

206
00:07:11,520 --> 00:07:12,520
They work locally.

207
00:07:12,520 --> 00:07:14,400
Total time to first draft 15 minutes.

208
00:07:14,400 --> 00:07:15,640
The proposal is ready.

209
00:07:15,640 --> 00:07:16,800
The client needs to see it.

210
00:07:16,800 --> 00:07:18,960
Email is faster than creating a Teams channel,

211
00:07:18,960 --> 00:07:21,360
assigning permissions and waiting for the guest account

212
00:07:21,360 --> 00:07:22,160
to provision.

213
00:07:22,160 --> 00:07:24,120
The rep sends the email with the attachment.

214
00:07:24,120 --> 00:07:26,720
This is the actual first moment the client sees the deal.

215
00:07:26,720 --> 00:07:28,080
The proposal is now an email.

216
00:07:28,080 --> 00:07:29,320
This is the source of truth.

217
00:07:29,320 --> 00:07:30,320
The client reviews it.

218
00:07:30,320 --> 00:07:31,200
They have feedback.

219
00:07:31,200 --> 00:07:33,840
They don't log into Teams or navigate to SharePoint.

220
00:07:33,840 --> 00:07:36,960
They reply to the email with comments embedded in the message.

221
00:07:36,960 --> 00:07:37,760
They ask questions.

222
00:07:37,760 --> 00:07:39,480
They suggest different pricing.

223
00:07:39,480 --> 00:07:40,960
They want the language changed.

224
00:07:40,960 --> 00:07:43,080
The email thread is now the collaboration space.

225
00:07:43,080 --> 00:07:45,760
The email thread is where the actual negotiation happens.

226
00:07:45,760 --> 00:07:47,040
The rep receives the feedback.

227
00:07:47,040 --> 00:07:48,480
They open the attachment locally.

228
00:07:48,480 --> 00:07:49,320
They make edits.

229
00:07:49,320 --> 00:07:50,400
They save a new version.

230
00:07:50,400 --> 00:07:51,720
The new version gets a different name,

231
00:07:51,720 --> 00:07:53,920
maybe proposal V2 or proposal final.

232
00:07:53,920 --> 00:07:57,640
Or if they're being honest, proposal final, final, actual final.

233
00:07:57,640 --> 00:07:59,760
They attach the new version and send it back.

234
00:07:59,760 --> 00:08:01,080
The email thread grows.

235
00:08:01,080 --> 00:08:03,000
Now there are three versions in the email history.

236
00:08:03,000 --> 00:08:05,600
The client has V1, V2 and V2 revise floating around.

237
00:08:05,600 --> 00:08:06,600
Nobody stops them.

238
00:08:06,600 --> 00:08:08,400
Nobody enforces a single source of truth.

239
00:08:08,400 --> 00:08:10,320
The client doesn't know which version is current

240
00:08:10,320 --> 00:08:14,080
without opening each attachment and checking the modification date.

241
00:08:14,080 --> 00:08:16,440
Meanwhile, the finance team has no idea what's happening.

242
00:08:16,440 --> 00:08:19,040
The CRM still shows the deal in the proposal stage.

243
00:08:19,040 --> 00:08:21,520
But finance doesn't know if the proposal is being reviewed,

244
00:08:21,520 --> 00:08:23,760
if it's in revision, if the client rejected it,

245
00:08:23,760 --> 00:08:25,280
or if they're waiting on a signature.

246
00:08:25,280 --> 00:08:28,160
The data that matters, the deal status, the probability,

247
00:08:28,160 --> 00:08:31,040
the closed date is locked inside an email thread

248
00:08:31,040 --> 00:08:33,040
that the system has no visibility into.

249
00:08:33,040 --> 00:08:34,560
Finance runs their weekly forecast

250
00:08:34,560 --> 00:08:35,840
based on what's in the CRM.

251
00:08:35,840 --> 00:08:37,560
The forecast is optimistic because it's based

252
00:08:37,560 --> 00:08:39,000
on stale information.

253
00:08:39,000 --> 00:08:41,280
The rep knows the deal is held up in revisions.

254
00:08:41,280 --> 00:08:42,320
The system doesn't.

255
00:08:42,320 --> 00:08:44,080
The rep is managing the deal in email

256
00:08:44,080 --> 00:08:46,080
through their own mental model of what's happening.

257
00:08:46,080 --> 00:08:47,800
They're not updating the CRM because they're

258
00:08:47,800 --> 00:08:50,880
focused on closing the deal, not on keeping the system current.

259
00:08:50,880 --> 00:08:53,920
The CRM is becoming a reporting tool, not an operational system.

260
00:08:53,920 --> 00:08:56,240
It's used to answer questions that were asked in the past,

261
00:08:56,240 --> 00:08:58,720
not to inform decisions that need to be made now.

262
00:08:58,720 --> 00:09:01,480
After three more rounds of revision, the client agrees.

263
00:09:01,480 --> 00:09:03,000
The rep sends a final email.

264
00:09:03,000 --> 00:09:03,720
Let's move forward.

265
00:09:03,720 --> 00:09:05,080
When can we sign?

266
00:09:05,080 --> 00:09:07,080
The email thread is the actual close moment.

267
00:09:07,080 --> 00:09:08,600
The deal is closed in email.

268
00:09:08,600 --> 00:09:11,720
The rep then updates the CRM weeks later, sometimes,

269
00:09:11,720 --> 00:09:13,760
to reflect that the opportunity is closed

270
00:09:13,760 --> 00:09:15,200
and the contract has been signed.

271
00:09:15,200 --> 00:09:17,000
Finance never sees the actual pipeline.

272
00:09:17,000 --> 00:09:18,680
They don't see the active proposals,

273
00:09:18,680 --> 00:09:21,200
the revisions, the stalls, the true probability.

274
00:09:21,200 --> 00:09:23,720
They see a CRM that's updated after the fact,

275
00:09:23,720 --> 00:09:26,280
filtered through a rep's interpretation of what happened

276
00:09:26,280 --> 00:09:29,360
and shaped by how much time the rep had to clean up their records.

277
00:09:29,360 --> 00:09:30,880
Compliance doesn't see the proposal.

278
00:09:30,880 --> 00:09:32,760
If the customer is in a regulated industry

279
00:09:32,760 --> 00:09:34,880
and the pricing information should have been protected,

280
00:09:34,880 --> 00:09:36,440
compliance has no visibility.

281
00:09:36,440 --> 00:09:37,920
The proposal exists in email.

282
00:09:37,920 --> 00:09:39,040
It's unclassified.

283
00:09:39,040 --> 00:09:41,600
It may have been forwarded to someone who shouldn't have seen it.

284
00:09:41,600 --> 00:09:42,600
There's no audit trail.

285
00:09:42,600 --> 00:09:43,920
There's no retention policy.

286
00:09:43,920 --> 00:09:46,920
If the customer later disputes the pricing or the terms,

287
00:09:46,920 --> 00:09:50,120
the organization searches the CRM and finds nothing useful.

288
00:09:50,120 --> 00:09:53,120
The actual negotiation history lives in someone's email archive.

289
00:09:53,120 --> 00:09:54,240
This isn't in competence.

290
00:09:54,240 --> 00:09:55,280
This is adaptation.

291
00:09:55,280 --> 00:09:58,000
The rep adapted to the friction in the design system

292
00:09:58,000 --> 00:09:59,400
by creating a faster system.

293
00:09:59,400 --> 00:10:00,600
That faster system works.

294
00:10:00,600 --> 00:10:01,600
It closes deals.

295
00:10:01,600 --> 00:10:02,800
It moves business forward

296
00:10:02,800 --> 00:10:05,600
and it makes every governance control invisible.

297
00:10:05,600 --> 00:10:07,440
Why people bypass the system?

298
00:10:07,440 --> 00:10:10,720
This is the moment where most organizations get the explanation wrong.

299
00:10:10,720 --> 00:10:11,960
They see the email thread.

300
00:10:11,960 --> 00:10:13,320
They see the shadow spreadsheet.

301
00:10:13,320 --> 00:10:14,680
They see the local files.

302
00:10:14,680 --> 00:10:16,640
They see people working outside the system

303
00:10:16,640 --> 00:10:18,320
and they assume it's a discipline problem.

304
00:10:18,320 --> 00:10:19,920
The rep didn't follow process.

305
00:10:19,920 --> 00:10:21,440
The team didn't use the approved tool.

306
00:10:21,440 --> 00:10:23,320
Someone didn't read the governance policy.

307
00:10:23,320 --> 00:10:24,680
If we just enforce it harder,

308
00:10:24,680 --> 00:10:27,640
train more, create stricter controls, the problem goes away.

309
00:10:27,640 --> 00:10:29,560
It doesn't because the problem isn't discipline.

310
00:10:29,560 --> 00:10:30,680
It's arithmetic.

311
00:10:30,680 --> 00:10:33,120
The official process takes longer than the actual work.

312
00:10:33,120 --> 00:10:34,120
That's not a metaphor.

313
00:10:34,120 --> 00:10:35,080
That's not hyperbole.

314
00:10:35,080 --> 00:10:36,760
It's architectural truth.

315
00:10:36,760 --> 00:10:37,760
Let me be specific.

316
00:10:37,760 --> 00:10:40,240
Creating a proposal through the design system.

317
00:10:40,240 --> 00:10:42,000
Locate the SharePoint library.

318
00:10:42,000 --> 00:10:43,720
Navigate to the correct folder structure.

319
00:10:43,720 --> 00:10:45,600
Request access if you don't have it.

320
00:10:45,600 --> 00:10:47,280
Wait for permissions to be assigned.

321
00:10:47,280 --> 00:10:48,080
Open the template.

322
00:10:48,080 --> 00:10:51,280
Download it locally because editing in the browser is slow.

323
00:10:51,280 --> 00:10:52,040
Make changes.

324
00:10:52,040 --> 00:10:53,200
Upload the revised version.

325
00:10:53,200 --> 00:10:55,520
Navigate through the library to create a sharing link.

326
00:10:55,520 --> 00:10:56,600
Add recipients.

327
00:10:56,600 --> 00:10:58,040
Configure permissions.

328
00:10:58,040 --> 00:10:59,280
They get a notification.

329
00:10:59,280 --> 00:11:00,480
They navigate to the library.

330
00:11:00,480 --> 00:11:02,200
They download or open the file.

331
00:11:02,200 --> 00:11:02,720
They read it.

332
00:11:02,720 --> 00:11:04,400
They reply with comments either in a word,

333
00:11:04,400 --> 00:11:06,560
comment thread that may or may not sync properly

334
00:11:06,560 --> 00:11:08,320
or in an email or in a team's message,

335
00:11:08,320 --> 00:11:11,000
which breaks the single source of truth immediately.

336
00:11:11,000 --> 00:11:13,080
Total time to get the proposal to the client

337
00:11:13,080 --> 00:11:14,920
using the design system.

338
00:11:14,920 --> 00:11:16,400
45 minutes to an hour.

339
00:11:16,400 --> 00:11:18,920
Most of that time is navigating permissions,

340
00:11:18,920 --> 00:11:20,800
waiting for systems to respond,

341
00:11:20,800 --> 00:11:22,520
and dealing with the collaboration lag

342
00:11:22,520 --> 00:11:25,040
that comes from being too focused on control.

343
00:11:25,040 --> 00:11:27,480
Creating a proposal the actual way, open word,

344
00:11:27,480 --> 00:11:28,760
find an old proposal.

345
00:11:28,760 --> 00:11:31,200
Copy it, edit it, attach it to an email, send it.

346
00:11:31,200 --> 00:11:32,560
The client gets it in three minutes.

347
00:11:32,560 --> 00:11:34,160
The client reads it in seven.

348
00:11:34,160 --> 00:11:35,840
The client responds with feedback in an email

349
00:11:35,840 --> 00:11:37,160
reply by minute 12.

350
00:11:37,160 --> 00:11:39,120
The official system takes an hour for the client

351
00:11:39,120 --> 00:11:40,040
to see the proposal.

352
00:11:40,040 --> 00:11:41,720
The actual system takes 12 minutes.

353
00:11:41,720 --> 00:11:43,000
Speed isn't an abstraction.

354
00:11:43,000 --> 00:11:44,280
It's a competitive advantage.

355
00:11:44,280 --> 00:11:45,120
It's a close rate.

356
00:11:45,120 --> 00:11:46,560
It's the difference between winning a deal

357
00:11:46,560 --> 00:11:48,520
and losing it to someone who moved faster.

358
00:11:48,520 --> 00:11:49,520
The rep knows this.

359
00:11:49,520 --> 00:11:51,680
The rep's compensation is tied to closing deals,

360
00:11:51,680 --> 00:11:53,280
not to keeping the CRM current.

361
00:11:53,280 --> 00:11:56,040
So the rep, acting rationally, chooses speed.

362
00:11:56,040 --> 00:11:57,760
This isn't a defect in the rep's character.

363
00:11:57,760 --> 00:11:59,400
It's not laziness, it's optimization.

364
00:11:59,400 --> 00:12:02,080
The rep optimized for the metric they're actually measured on.

365
00:12:02,080 --> 00:12:03,200
And the system lets them,

366
00:12:03,200 --> 00:12:05,600
because there's no enforcement at the moment of decision.

367
00:12:05,600 --> 00:12:07,440
The rep isn't blocked from sending email.

368
00:12:07,440 --> 00:12:09,040
The rep isn't forced to use teams.

369
00:12:09,040 --> 00:12:11,520
The rep isn't prevented from creating local files.

370
00:12:11,520 --> 00:12:14,320
The system creates friction, but it doesn't create a barrier.

371
00:12:14,320 --> 00:12:17,160
So the path of least resistance becomes the actual path.

372
00:12:17,160 --> 00:12:19,240
Now multiply this across an organization.

373
00:12:19,240 --> 00:12:20,200
Every rep does this.

374
00:12:20,200 --> 00:12:22,600
Every hiring manager maintains a spreadsheet of candidates

375
00:12:22,600 --> 00:12:24,960
because the HRS is too slow to update.

376
00:12:24,960 --> 00:12:27,080
Every finance person keeps a local reconciliation

377
00:12:27,080 --> 00:12:29,560
because the GL doesn't talk to the subsidiary ledgers

378
00:12:29,560 --> 00:12:30,440
the way it should.

379
00:12:30,440 --> 00:12:32,760
Every project manager uses a personal trellaboard

380
00:12:32,760 --> 00:12:35,000
because teams channel management is a hassle.

381
00:12:35,000 --> 00:12:36,480
Every engineer has local documentation

382
00:12:36,480 --> 00:12:38,480
because the wiki takes too long to search.

383
00:12:38,480 --> 00:12:39,360
These aren't failures.

384
00:12:39,360 --> 00:12:41,120
These are rational responses to systems

385
00:12:41,120 --> 00:12:43,160
that prioritize control over usability.

386
00:12:43,160 --> 00:12:44,720
And here's the architectural trap.

387
00:12:44,720 --> 00:12:48,000
Once the workaround exists, removing it breaks the business.

388
00:12:48,000 --> 00:12:49,840
The rep can't suddenly stop using email

389
00:12:49,840 --> 00:12:51,640
because the deal won't close fast enough.

390
00:12:51,640 --> 00:12:54,080
The hiring manager can't suddenly throw away the spreadsheet

391
00:12:54,080 --> 00:12:56,200
because the HRS won't give them the visibility

392
00:12:56,200 --> 00:12:57,360
they need to make decisions.

393
00:12:57,360 --> 00:12:59,520
The finance person can't suddenly stop maintaining

394
00:12:59,520 --> 00:13:01,480
the shadow system because the official system

395
00:13:01,480 --> 00:13:02,680
doesn't actually reconcile.

396
00:13:02,680 --> 00:13:04,800
The workarounds become load-bearing.

397
00:13:04,800 --> 00:13:06,000
They're no longer optional.

398
00:13:06,000 --> 00:13:07,000
They're infrastructure.

399
00:13:07,000 --> 00:13:08,480
This is what invisibility means.

400
00:13:08,480 --> 00:13:12,120
The design system is visible to IT, to compliance, to leadership.

401
00:13:12,120 --> 00:13:14,720
It's documented, it's auditable, it's reported on.

402
00:13:14,720 --> 00:13:16,400
The actual system is invisible.

403
00:13:16,400 --> 00:13:19,880
It operates inside personal email accounts, local hard drives

404
00:13:19,880 --> 00:13:22,240
and spreadsheets that exist in a single person's mind.

405
00:13:22,240 --> 00:13:24,880
But the actual system is also the one that delivers results.

406
00:13:24,880 --> 00:13:26,600
It's the one the business actually depends on.

407
00:13:26,600 --> 00:13:29,000
This gap between the system that's documented

408
00:13:29,000 --> 00:13:31,080
and the system that works is not solved

409
00:13:31,080 --> 00:13:32,680
by better governance policy.

410
00:13:32,680 --> 00:13:34,400
It's not solved by more training.

411
00:13:34,400 --> 00:13:36,960
It's solved by understanding that the actual system

412
00:13:36,960 --> 00:13:38,120
exists for a reason.

413
00:13:38,120 --> 00:13:39,880
It exists because it delivers speed.

414
00:13:39,880 --> 00:13:41,600
It exists because it reduces friction.

415
00:13:41,600 --> 00:13:44,040
It exists because it lets people do their jobs.

416
00:13:44,040 --> 00:13:45,840
The moment you understand this, you stop asking,

417
00:13:45,840 --> 00:13:48,240
how do we force people to use the official system?

418
00:13:48,240 --> 00:13:50,160
You start asking, why did we create a system

419
00:13:50,160 --> 00:13:51,600
that people have to work around?

420
00:13:51,600 --> 00:13:54,440
That's the question that maps the real infrastructure,

421
00:13:54,440 --> 00:13:55,640
the governance illusion.

422
00:13:55,640 --> 00:13:57,280
Now watch what happens when the organization

423
00:13:57,280 --> 00:13:58,720
tries to govern this infrastructure.

424
00:13:58,720 --> 00:13:59,960
Leadership sees the risk.

425
00:13:59,960 --> 00:14:02,360
Customer proposals contain pricing information

426
00:14:02,360 --> 00:14:03,680
that data should be protected.

427
00:14:03,680 --> 00:14:05,280
Compliance requires it.

428
00:14:05,280 --> 00:14:06,560
So they write a policy.

429
00:14:06,560 --> 00:14:09,040
All proposals must be stored in SharePoint.

430
00:14:09,040 --> 00:14:12,120
All customer proposals must be classified as confidential.

431
00:14:12,120 --> 00:14:15,160
External sharing requires explicit approval.

432
00:14:15,160 --> 00:14:17,600
The policy is written for the designed infrastructure.

433
00:14:17,600 --> 00:14:19,480
It assumes proposals will be in SharePoint.

434
00:14:19,480 --> 00:14:21,800
It assumes there will be a classification moment

435
00:14:21,800 --> 00:14:23,400
where someone applies a label.

436
00:14:23,400 --> 00:14:25,880
It assumes external sharing will be gated by a system

437
00:14:25,880 --> 00:14:26,760
that enforces it.

438
00:14:26,760 --> 00:14:28,960
The policy is correct for the imagined system.

439
00:14:28,960 --> 00:14:30,200
The real system doesn't see it.

440
00:14:30,200 --> 00:14:33,640
The rep still creates the proposal in word on their laptop.

441
00:14:33,640 --> 00:14:35,240
They still email it to the customer.

442
00:14:35,240 --> 00:14:36,720
The customer still gets the document.

443
00:14:36,720 --> 00:14:39,400
The proposal is unclassified because it never entered SharePoint.

444
00:14:39,400 --> 00:14:40,200
There was no gate.

445
00:14:40,200 --> 00:14:41,720
There was no classification moment.

446
00:14:41,720 --> 00:14:43,280
There was no system to enforce it.

447
00:14:43,280 --> 00:14:44,960
The policy exists in a document.

448
00:14:44,960 --> 00:14:46,880
The actual infrastructure operates in email.

449
00:14:46,880 --> 00:14:50,120
The organization not seeing this gap adds more policies.

450
00:14:50,120 --> 00:14:52,520
All client data must be classified and labeled.

451
00:14:52,520 --> 00:14:54,160
Sensitivity labels are configured.

452
00:14:54,160 --> 00:14:55,240
Training is created.

453
00:14:55,240 --> 00:14:56,480
The message is reinforced.

454
00:14:56,480 --> 00:14:58,920
If you handle customer data, you must label it.

455
00:14:58,920 --> 00:15:01,720
But the training is delivered to the system that doesn't need it.

456
00:15:01,720 --> 00:15:03,680
The rep already knows the data is sensitive.

457
00:15:03,680 --> 00:15:05,720
They're not keeping it secret out of negligence.

458
00:15:05,720 --> 00:15:08,720
They're moving it through email because email is faster.

459
00:15:08,720 --> 00:15:11,640
A sensitivity label would slow them down and would lock the file,

460
00:15:11,640 --> 00:15:13,440
preventing the customer from editing it.

461
00:15:13,440 --> 00:15:16,400
The policy creates friction without creating compliance.

462
00:15:16,400 --> 00:15:19,600
The rep doesn't suddenly start using SharePoint because there's a policy.

463
00:15:19,600 --> 00:15:21,000
The rep works around it.

464
00:15:21,000 --> 00:15:23,080
They create a shared one-Drive folder instead,

465
00:15:23,080 --> 00:15:26,080
which feels collaborative without the bureaucracy of SharePoint.

466
00:15:26,080 --> 00:15:29,160
Or they use a cloud storage tool that sinks to their desktop.

467
00:15:29,160 --> 00:15:32,120
So they can work locally while technically being in the cloud.

468
00:15:32,120 --> 00:15:34,280
No, or they do exactly what they were already doing,

469
00:15:34,280 --> 00:15:36,520
but now they feel like they're breaking a rule.

470
00:15:36,520 --> 00:15:40,240
The organization, still not seeing the actual infrastructure, escalates.

471
00:15:40,240 --> 00:15:42,160
Data loss prevention policies are deployed.

472
00:15:42,160 --> 00:15:44,800
The email system now scans outbound messages for patterns

473
00:15:44,800 --> 00:15:46,400
that look like sensitive data.

474
00:15:46,400 --> 00:15:49,520
If it detects something, it blocks the send or requires approval.

475
00:15:49,520 --> 00:15:50,800
Now the rep hits a barrier.

476
00:15:50,800 --> 00:15:52,320
They draft an email with the proposal

477
00:15:52,320 --> 00:15:54,240
and customer pricing information.

478
00:15:54,240 --> 00:15:55,200
They hit send.

479
00:15:55,200 --> 00:15:56,520
The email is stopped.

480
00:15:56,520 --> 00:15:57,800
A message appears.

481
00:15:57,800 --> 00:15:59,760
This message contains sensitive data.

482
00:15:59,760 --> 00:16:01,800
Please reclassify or obtain approval.

483
00:16:01,800 --> 00:16:03,320
The rep now has three options.

484
00:16:03,320 --> 00:16:05,200
Option one, go through the approval workflow,

485
00:16:05,200 --> 00:16:07,120
wait for compliance to clear the send,

486
00:16:07,120 --> 00:16:10,800
and lose the speed advantage that made email attractive in the first place.

487
00:16:10,800 --> 00:16:14,280
Option two, revert the message to obscure the sensitive information

488
00:16:14,280 --> 00:16:16,160
so the DLP engine doesn't detect it.

489
00:16:16,160 --> 00:16:18,240
Option three, work around the system entirely.

490
00:16:18,240 --> 00:16:19,680
Most reps choose option three.

491
00:16:19,680 --> 00:16:22,760
They copy the customer pricing into a shared folder in Google Drive

492
00:16:22,760 --> 00:16:24,840
because the organization's DLP policy

493
00:16:24,840 --> 00:16:29,320
doesn't inspect outbound messages to Google Drive the way it inspects email.

494
00:16:29,320 --> 00:16:31,240
Or they take a screenshot of the proposal

495
00:16:31,240 --> 00:16:33,160
and send the screenshot as an image,

496
00:16:33,160 --> 00:16:35,720
which DLP engines typically can't scan.

497
00:16:35,720 --> 00:16:38,160
Or they paste the information into a team's message,

498
00:16:38,160 --> 00:16:40,520
which lives inside the tenant and therefore feels safer

499
00:16:40,520 --> 00:16:43,200
even though it actually bypassed the email security layer.

500
00:16:43,200 --> 00:16:45,600
The policy was designed to enforce compliance.

501
00:16:45,600 --> 00:16:48,480
What it actually did was push the data into channels

502
00:16:48,480 --> 00:16:51,160
that are harder to audit and easier to lose control of.

503
00:16:51,160 --> 00:16:53,160
Compliance ran a report six months later.

504
00:16:53,160 --> 00:16:55,520
They measured email that was blocked by DLP policies.

505
00:16:55,520 --> 00:16:57,880
The number was low, they reported success.

506
00:16:57,880 --> 00:17:01,160
DLP policies are effectively preventing data leakage.

507
00:17:01,160 --> 00:17:03,480
They didn't measure the data that was moved to Google Drive.

508
00:17:03,480 --> 00:17:04,960
They didn't count the screenshots.

509
00:17:04,960 --> 00:17:06,600
They didn't audit team's messages.

510
00:17:06,600 --> 00:17:08,640
They only counted what the system detected.

511
00:17:08,640 --> 00:17:09,840
The infrastructure adapted.

512
00:17:09,840 --> 00:17:12,000
The policies created the illusion of control

513
00:17:12,000 --> 00:17:14,400
while the actual infrastructure moved into the shadows.

514
00:17:14,400 --> 00:17:16,040
This is what governance illusion means.

515
00:17:16,040 --> 00:17:18,680
Policies are written for the system that's documented.

516
00:17:18,680 --> 00:17:21,960
Compliance is measured against metrics that apply to the system

517
00:17:21,960 --> 00:17:22,800
that's visible.

518
00:17:22,800 --> 00:17:24,480
Meanwhile, the business operates on a system

519
00:17:24,480 --> 00:17:25,840
that the policies never touched.

520
00:17:25,840 --> 00:17:27,080
The organization is not broken.

521
00:17:27,080 --> 00:17:27,840
It's working.

522
00:17:27,840 --> 00:17:30,080
The work is just happening where governance can't see it.

523
00:17:30,080 --> 00:17:31,800
Most organizations get stuck here.

524
00:17:31,800 --> 00:17:32,840
They increase policy.

525
00:17:32,840 --> 00:17:33,840
They tighten controls.

526
00:17:33,840 --> 00:17:35,800
They add more tools to enforce compliance.

527
00:17:35,800 --> 00:17:37,960
They implement AI to detect violations.

528
00:17:37,960 --> 00:17:39,960
They never question whether the policies

529
00:17:39,960 --> 00:17:42,160
are targeting the right system in the first place.

530
00:17:42,160 --> 00:17:43,000
They are not.

531
00:17:43,000 --> 00:17:45,160
The policies are targeting the imagined infrastructure.

532
00:17:45,160 --> 00:17:47,680
The actual infrastructure is adaptive, distributed,

533
00:17:47,680 --> 00:17:48,520
and invisible.

534
00:17:48,520 --> 00:17:49,480
You cannot govern something.

535
00:17:49,480 --> 00:17:50,480
You cannot see.

536
00:17:50,480 --> 00:17:52,880
You cannot control something you do not understand.

537
00:17:52,880 --> 00:17:55,400
That's the infrastructure illusion at its deepest level.

538
00:17:55,400 --> 00:17:58,840
The HR hiring story, part one, the chaos of permission.

539
00:17:58,840 --> 00:18:01,440
Let me show you a different kind of infrastructure collapse.

540
00:18:01,440 --> 00:18:02,560
This one happens in hiring.

541
00:18:02,560 --> 00:18:03,680
A company needs to hire.

542
00:18:03,680 --> 00:18:04,520
They post a job.

543
00:18:04,520 --> 00:18:06,600
Candidate supply, recruiters review resumes,

544
00:18:06,600 --> 00:18:08,680
hiring managers interview, offers are made,

545
00:18:08,680 --> 00:18:09,960
new employees join.

546
00:18:09,960 --> 00:18:12,280
This process touches multiple systems,

547
00:18:12,280 --> 00:18:15,360
multiple people and multiple layers of sensitive data.

548
00:18:15,360 --> 00:18:17,560
And it reveals something the sales process didn't.

549
00:18:17,560 --> 00:18:20,080
Not just shadow processes, but shadow permissions.

550
00:18:20,080 --> 00:18:22,720
A recruiter starts gathering candidate information.

551
00:18:22,720 --> 00:18:24,760
They need access to multiple places.

552
00:18:24,760 --> 00:18:25,680
They need email.

553
00:18:25,680 --> 00:18:27,960
They need teams to coordinate with hiring managers.

554
00:18:27,960 --> 00:18:30,080
They need SharePoint to store job descriptions

555
00:18:30,080 --> 00:18:31,240
and evaluation templates.

556
00:18:31,240 --> 00:18:33,760
They need one drive to collect resumes and interview notes.

557
00:18:33,760 --> 00:18:35,840
They need HR tools for candidate tracking.

558
00:18:35,840 --> 00:18:39,320
They need across the organization broad access to multiple systems

559
00:18:39,320 --> 00:18:40,400
so they can do their job.

560
00:18:40,400 --> 00:18:41,600
Permissions are granted.

561
00:18:41,600 --> 00:18:45,000
This happens quickly because onboarding a new hire is inefficient

562
00:18:45,000 --> 00:18:46,680
if you wait for permissions to catch up.

563
00:18:46,680 --> 00:18:48,440
So IT grants broad access.

564
00:18:48,440 --> 00:18:50,600
The recruiter gets access to the shared drive

565
00:18:50,600 --> 00:18:52,160
where all candidates are stored.

566
00:18:52,160 --> 00:18:53,880
They get access to the HR system.

567
00:18:53,880 --> 00:18:55,520
They get a Teams channel for recruiting.

568
00:18:55,520 --> 00:18:57,880
They get a SharePoint site for hiring materials.

569
00:18:57,880 --> 00:18:59,840
Then they get added to other Teams channels

570
00:18:59,840 --> 00:19:02,200
because they need to coordinate with different departments.

571
00:19:02,200 --> 00:19:05,440
Sales recruiting, engineering recruiting, finance recruiting.

572
00:19:05,440 --> 00:19:09,200
Each one is a channel with access to that department's hiring conversations,

573
00:19:09,200 --> 00:19:13,160
candidate evaluations and sometimes in the informal chats,

574
00:19:13,160 --> 00:19:17,280
salary expectations and internal concerns about other candidates.

575
00:19:17,280 --> 00:19:18,920
Access is granted and then forgotten.

576
00:19:18,920 --> 00:19:21,480
18 months later, the recruiter moves to a different role.

577
00:19:21,480 --> 00:19:22,840
They are no longer recruiting.

578
00:19:22,840 --> 00:19:24,120
They're in operations.

579
00:19:24,120 --> 00:19:26,920
The Teams channels they were added to still include them.

580
00:19:26,920 --> 00:19:29,880
The SharePoint sites they accessed still have their permissions.

581
00:19:29,880 --> 00:19:31,880
The HR system hasn't been updated.

582
00:19:31,880 --> 00:19:33,120
Nobody audited the access.

583
00:19:33,120 --> 00:19:36,720
Nobody asked, does this person still need to see candidate evaluations?

584
00:19:36,720 --> 00:19:38,640
Do they still need access to salary information?

585
00:19:38,640 --> 00:19:40,080
Do they still need to be in the channel

586
00:19:40,080 --> 00:19:42,480
where we discuss candidates from competing companies?

587
00:19:42,480 --> 00:19:43,200
They do not.

588
00:19:43,200 --> 00:19:44,680
But the system doesn't know this.

589
00:19:44,680 --> 00:19:47,560
The system is still configured for a person who is recruiting.

590
00:19:47,560 --> 00:19:49,080
The person is no longer recruiting.

591
00:19:49,080 --> 00:19:50,560
The architecture is now misaligned.

592
00:19:50,560 --> 00:19:52,800
Meanwhile, Newhires joined the recruiting team.

593
00:19:52,800 --> 00:19:56,600
They get a fresh set of permissions based on the template for that role.

594
00:19:56,600 --> 00:19:59,320
But the template was built for the way recruiting works now.

595
00:19:59,320 --> 00:20:00,920
Not for the way it should work.

596
00:20:00,920 --> 00:20:03,080
The template grants access to every recruiting channel

597
00:20:03,080 --> 00:20:05,200
because recruiting operates across multiple channels.

598
00:20:05,200 --> 00:20:07,440
But the Newhires doesn't need access to all of them yet.

599
00:20:07,440 --> 00:20:09,800
They need to see the candidates for the jobs they're working on.

600
00:20:09,800 --> 00:20:12,800
They don't need to see confidential salary negotiations

601
00:20:12,800 --> 00:20:14,600
for positions they are not filling.

602
00:20:14,600 --> 00:20:17,320
They don't need to see the internal notes about candidate weaknesses

603
00:20:17,320 --> 00:20:19,000
from last year's hiring cycle.

604
00:20:19,000 --> 00:20:21,040
The template doesn't distinguish between these.

605
00:20:21,040 --> 00:20:23,920
It grants broad access and assumes people will be professional enough

606
00:20:23,920 --> 00:20:25,880
to not look at things that aren't their business.

607
00:20:25,880 --> 00:20:26,520
Some will.

608
00:20:26,520 --> 00:20:27,200
Some won't.

609
00:20:27,200 --> 00:20:29,840
Some will forward a candidate's personal information to a friend

610
00:20:29,840 --> 00:20:32,120
because they thought the candidate was interesting.

611
00:20:32,120 --> 00:20:35,880
Some will mention another candidate salary expectations in a conversation,

612
00:20:35,880 --> 00:20:39,520
not realizing they were talking to someone from that candidate's current company.

613
00:20:39,520 --> 00:20:40,360
This isn't malice.

614
00:20:40,360 --> 00:20:41,920
This is permission without intent.

615
00:20:41,920 --> 00:20:43,200
The system granted access.

616
00:20:43,200 --> 00:20:46,240
The system didn't enforce a boundary around what the access was for.

617
00:20:46,240 --> 00:20:50,040
The system assumed that the person would understand the implicit limits of their role.

618
00:20:50,040 --> 00:20:52,000
Hiring managers maintain their own files.

619
00:20:52,000 --> 00:20:55,400
They get a folder in one drive to store candidate evaluations.

620
00:20:55,400 --> 00:20:58,720
The folder is set to allow everyone in the company to access it.

621
00:20:58,720 --> 00:21:01,680
Not because that's what they intended, but because that's the default.

622
00:21:01,680 --> 00:21:05,280
The company had a philosophy that collaboration means open access.

623
00:21:05,280 --> 00:21:07,880
So the default permission for new folders is broad.

624
00:21:07,880 --> 00:21:09,840
The hiring manager doesn't think about this.

625
00:21:09,840 --> 00:21:11,760
They're not thinking about information architecture.

626
00:21:11,760 --> 00:21:13,320
They're thinking about filling a role.

627
00:21:13,320 --> 00:21:16,800
They create a folder, dump resumes and notes into it, and move on.

628
00:21:16,800 --> 00:21:19,880
The folder is now searchable by anyone in the company who knows where to look.

629
00:21:19,880 --> 00:21:23,840
Candidate information is discoverable by people who have nothing to do with the hiring decision.

630
00:21:23,840 --> 00:21:27,480
Candidate data lives in multiple places with different permission levels.

631
00:21:27,480 --> 00:21:30,480
Some information is in the HR system, which is locked down.

632
00:21:30,480 --> 00:21:32,680
Some is in SharePoint, which is broadly shared.

633
00:21:32,680 --> 00:21:36,320
Some is in Teams messages, which inherit the permissions of the channel.

634
00:21:36,320 --> 00:21:40,920
Some is in email attachments that have been forwarded to hiring managers' personal emails

635
00:21:40,920 --> 00:21:43,160
because that's how feedback gets communicated.

636
00:21:43,160 --> 00:21:46,480
Some is in locally saved files on someone's laptop.

637
00:21:46,480 --> 00:21:50,640
The company has not deliberately created a system where candidate data is widely accessible.

638
00:21:50,640 --> 00:21:53,960
The company has created a system where permissions are granted broadly.

639
00:21:53,960 --> 00:21:56,840
Roles change faster than permissions are revoked.

640
00:21:56,840 --> 00:22:02,000
Defolds are permissive, and there's no ongoing audit of who actually needs access to what.

641
00:22:02,000 --> 00:22:03,600
This is what permission chaos looks like.

642
00:22:03,600 --> 00:22:07,800
Not intentional exposure, not deliberate neglect, intelligent people making rational decisions

643
00:22:07,800 --> 00:22:12,080
in a system where the defaults push toward oversharing and the overhead of maintaining accurate

644
00:22:12,080 --> 00:22:16,200
permissions exceeds the perceived risk of leaving permissions too broad.

645
00:22:16,200 --> 00:22:17,720
Access reflects history, not intent.

646
00:22:17,720 --> 00:22:21,560
The company doesn't actually know what candidate data is accessible to whom.

647
00:22:21,560 --> 00:22:23,920
They assume it's protected because they have access controls.

648
00:22:23,920 --> 00:22:25,600
They are wrong, the access controls are there.

649
00:22:25,600 --> 00:22:27,840
The intent behind those controls has drifted.

650
00:22:27,840 --> 00:22:32,200
The actual permission structure is now invisible, complex, and misaligned with how the business

651
00:22:32,200 --> 00:22:33,200
actually works.

652
00:22:33,200 --> 00:22:37,760
The HR hiring story, part two, access reflects history, not intent.

653
00:22:37,760 --> 00:22:41,800
Here's where it becomes visible, an organization runs an access review.

654
00:22:41,800 --> 00:22:44,040
This is required by governance frameworks.

655
00:22:44,040 --> 00:22:48,480
Once a year, managers review their teams access and certify that each person has the right

656
00:22:48,480 --> 00:22:49,800
permissions for their role.

657
00:22:49,800 --> 00:22:51,280
It's a checkbox exercise.

658
00:22:51,280 --> 00:22:53,960
It's also where the real infrastructure reveals itself.

659
00:22:53,960 --> 00:22:57,840
A hiring manager receives a list of people with access to their sharepoint site.

660
00:22:57,840 --> 00:22:59,920
The list includes the current recruiting team.

661
00:22:59,920 --> 00:23:02,440
It includes hiring managers from other departments.

662
00:23:02,440 --> 00:23:06,480
It includes two people from recruiting from 18 months ago who are no longer recruiting.

663
00:23:06,480 --> 00:23:10,560
It includes an executive who was involved in a special hiring project two years ago.

664
00:23:10,560 --> 00:23:13,280
It includes IT because IT always has access to everything.

665
00:23:13,280 --> 00:23:16,560
The hiring manager looks at the list and doesn't recognize half the names.

666
00:23:16,560 --> 00:23:19,000
They don't know if these people should still have access.

667
00:23:19,000 --> 00:23:20,800
They don't know what they're using the access for.

668
00:23:20,800 --> 00:23:22,760
They don't know if it's creating a security problem.

669
00:23:22,760 --> 00:23:25,760
The default choice is to approve the access without changing it.

670
00:23:25,760 --> 00:23:29,720
The alternative is to remove access, realize three weeks later that someone actually needed

671
00:23:29,720 --> 00:23:32,400
it, and spend time trying to restore permissions.

672
00:23:32,400 --> 00:23:36,040
The path of least resistance is to certify that the access is correct without actually

673
00:23:36,040 --> 00:23:37,040
verifying it.

674
00:23:37,040 --> 00:23:38,240
The access review is signed off.

675
00:23:38,240 --> 00:23:39,720
The permissions don't change.

676
00:23:39,720 --> 00:23:43,760
People who are no longer recruiting still have access to candidate evaluations.

677
00:23:43,760 --> 00:23:47,840
The executive who left the company two years ago still has access to a sharepoint site that

678
00:23:47,840 --> 00:23:49,800
contains salary negotiations.

679
00:23:49,800 --> 00:23:53,800
These permissions exist not because of a deliberate decision, but because nobody had the time

680
00:23:53,800 --> 00:23:55,800
or information to make a different decision.

681
00:23:55,800 --> 00:23:57,760
This is access reflecting history, not intent.

682
00:23:57,760 --> 00:23:59,480
The access was correct when it was granted.

683
00:23:59,480 --> 00:24:01,120
It made sense for the person's role.

684
00:24:01,120 --> 00:24:02,280
The person's role changed.

685
00:24:02,280 --> 00:24:03,280
The access didn't.

686
00:24:03,280 --> 00:24:07,360
Now it's a misalignment, nobody sees until something goes wrong, something goes wrong, a candidate

687
00:24:07,360 --> 00:24:11,240
applies for a job, that candidate works for a company that competes with the firm.

688
00:24:11,240 --> 00:24:15,680
During the recruiting process, the hiring manager creates a file with the candidate's interview,

689
00:24:15,680 --> 00:24:18,880
notes, their strengths and weaknesses, their salary expectations.

690
00:24:18,880 --> 00:24:22,160
The file is stored in the hiring folder with the default permissions.

691
00:24:22,160 --> 00:24:23,480
An old recruiter.

692
00:24:23,480 --> 00:24:26,720
Someone who moved into operations but still has access from when they were recruiting

693
00:24:26,720 --> 00:24:27,880
can see the file.

694
00:24:27,880 --> 00:24:30,920
They mentioned the candidate's availability to a friend in a coffee shop.

695
00:24:30,920 --> 00:24:32,880
That friend works at the competing company.

696
00:24:32,880 --> 00:24:36,200
The candidate's expectations are now known to their current employer.

697
00:24:36,200 --> 00:24:40,600
The organization doesn't find out this happened until the candidate withdraws their application.

698
00:24:40,600 --> 00:24:41,600
They don't say why?

699
00:24:41,600 --> 00:24:42,600
They just withdraw.

700
00:24:42,600 --> 00:24:44,320
The organization never connects the dots.

701
00:24:44,320 --> 00:24:46,960
They assume the candidate got another offer.

702
00:24:46,960 --> 00:24:50,840
Nobody traces the information exposure back to a permission that had drifted.

703
00:24:50,840 --> 00:24:52,400
But here's what actually happened.

704
00:24:52,400 --> 00:24:56,320
The system granted access to a person based on their historical role.

705
00:24:56,320 --> 00:24:57,840
The person no longer held that role.

706
00:24:57,840 --> 00:24:59,600
The access policy didn't know this.

707
00:24:59,600 --> 00:25:02,040
The hiring manager didn't verify who needed access.

708
00:25:02,040 --> 00:25:04,160
The access review didn't close the gap.

709
00:25:04,160 --> 00:25:06,680
The information flowed to someone who shouldn't have had it.

710
00:25:06,680 --> 00:25:09,720
And the organization never even knew they had a security incident.

711
00:25:09,720 --> 00:25:12,560
This is repeated hundreds of times across an organization.

712
00:25:12,560 --> 00:25:14,040
Group memberships are never pruned.

713
00:25:14,040 --> 00:25:16,800
Distribution lists grow with new members and never remove old ones.

714
00:25:16,800 --> 00:25:21,360
SharePoint sites accumulate permissions from old projects that nobody remembers.

715
00:25:21,360 --> 00:25:24,280
Teams channels inherit people from previous collaborations.

716
00:25:24,280 --> 00:25:26,200
Over time access becomes stratified.

717
00:25:26,200 --> 00:25:27,920
It reflects the history of the company.

718
00:25:27,920 --> 00:25:31,160
It reflects who used to be important, who used to work on what,

719
00:25:31,160 --> 00:25:34,720
who was added to what channel three organizational structures ago.

720
00:25:34,720 --> 00:25:37,480
It reflects decisions made by people who no longer work here.

721
00:25:37,480 --> 00:25:39,320
Under circumstances that no longer exist.

722
00:25:39,320 --> 00:25:42,800
The current access structure is a sedimentary layer of historical decisions.

723
00:25:42,800 --> 00:25:43,800
And it's invisible.

724
00:25:43,800 --> 00:25:45,080
Nobody sees all of it at once.

725
00:25:45,080 --> 00:25:47,920
Compliance sees that access reviews are being conducted.

726
00:25:47,920 --> 00:25:49,760
They see that the organization has a process.

727
00:25:49,760 --> 00:25:51,560
They see sign-offs and documentation.

728
00:25:51,560 --> 00:25:54,320
What they don't see is that the reviews are rubber stamped.

729
00:25:54,320 --> 00:25:59,720
What they don't see is that the actual access is a fossil record of organizational change.

730
00:25:59,720 --> 00:26:01,840
The company believes they have governed access.

731
00:26:01,840 --> 00:26:02,840
They have a process.

732
00:26:02,840 --> 00:26:03,840
They have documentation.

733
00:26:03,840 --> 00:26:05,600
They have compliance confirmation.

734
00:26:05,600 --> 00:26:09,520
What they actually have is a system where permissions drift continuously,

735
00:26:09,520 --> 00:26:13,240
where access reviews don't catch the drift and where nobody has full visibility

736
00:26:13,240 --> 00:26:15,000
into who can actually see what.

737
00:26:15,000 --> 00:26:17,360
This is the second signal of real infrastructure.

738
00:26:17,360 --> 00:26:19,120
Access reflects history, not intent.

739
00:26:19,120 --> 00:26:20,120
The system is functioning.

740
00:26:20,120 --> 00:26:21,320
Data is being accessed.

741
00:26:21,320 --> 00:26:22,680
The company is operating.

742
00:26:22,680 --> 00:26:25,480
But the access path doesn't match the deliberate design.

743
00:26:25,480 --> 00:26:28,200
It matches the accumulated decisions that nobody questioned

744
00:26:28,200 --> 00:26:31,920
because the business was moving too fast to stop and audit permissions.

745
00:26:31,920 --> 00:26:33,680
The data classification gap.

746
00:26:33,680 --> 00:26:35,680
Now we have the permission chaos.

747
00:26:35,680 --> 00:26:37,120
We have the shadow processes.

748
00:26:37,120 --> 00:26:40,080
We have the work-arounds embedded in email and spreadsheets.

749
00:26:40,080 --> 00:26:41,120
On top of all of this,

750
00:26:41,120 --> 00:26:43,040
sits another layer of invisibility.

751
00:26:43,040 --> 00:26:44,360
Data classification.

752
00:26:44,360 --> 00:26:46,480
In theory, data classification is simple.

753
00:26:46,480 --> 00:26:48,000
Sensitive data should be labeled.

754
00:26:48,000 --> 00:26:49,640
Candidate information is sensitive.

755
00:26:49,640 --> 00:26:51,560
Salary expectations are sensitive.

756
00:26:51,560 --> 00:26:52,880
Medical histories are sensitive.

757
00:26:52,880 --> 00:26:55,400
Once data is labeled, the system knows what it is.

758
00:26:55,400 --> 00:26:56,920
Policies can enforce protection.

759
00:26:56,920 --> 00:27:00,480
Compliance can verify that sensitive data is being handled correctly.

760
00:27:00,480 --> 00:27:03,600
The company can understand what it knows and where it knows it.

761
00:27:03,600 --> 00:27:07,120
In reality, the same candidate salary expectation

762
00:27:07,120 --> 00:27:10,040
lives in three different places with three different classifications.

763
00:27:10,040 --> 00:27:13,160
One instance is in the HR system marked as confidential.

764
00:27:13,160 --> 00:27:15,520
Another is in a hiring manager's one-drive folder

765
00:27:15,520 --> 00:27:17,520
that defaulted to general classification.

766
00:27:17,520 --> 00:27:20,000
Another is in a Teams message in a recruiting channel

767
00:27:20,000 --> 00:27:21,920
where no classification was applied

768
00:27:21,920 --> 00:27:24,680
because Teams messages don't automatically get classified.

769
00:27:24,680 --> 00:27:27,160
The same data point, three different risk profiles.

770
00:27:27,160 --> 00:27:28,800
The company has no mechanism to know

771
00:27:28,800 --> 00:27:31,160
that these three instances are the same thing.

772
00:27:31,160 --> 00:27:32,280
This isn't intentional.

773
00:27:32,280 --> 00:27:33,800
It's not because people are careless.

774
00:27:33,800 --> 00:27:36,240
It's because classification is a moment in time.

775
00:27:36,240 --> 00:27:37,280
Someone creates a file.

776
00:27:37,280 --> 00:27:40,320
They have to choose confidential or general or internal.

777
00:27:40,320 --> 00:27:42,600
They make a choice based on what they understand the file

778
00:27:42,600 --> 00:27:43,840
to be at that moment.

779
00:27:43,840 --> 00:27:44,840
Then the file moves.

780
00:27:44,840 --> 00:27:46,440
It gets copied to another location.

781
00:27:46,440 --> 00:27:47,920
It gets embedded in another document.

782
00:27:47,920 --> 00:27:51,040
It gets mentioned in an email and pasted into a Teams message.

783
00:27:51,040 --> 00:27:53,760
Each time it moves, the classification doesn't move with it.

784
00:27:53,760 --> 00:27:56,960
Or it moves to a system that doesn't have a classification schema at all.

785
00:27:56,960 --> 00:27:58,320
The result is inconsistency.

786
00:27:58,320 --> 00:28:00,360
The same data is classified differently

787
00:28:00,360 --> 00:28:02,120
depending on where it's stored.

788
00:28:02,120 --> 00:28:03,560
Not because the data changed,

789
00:28:03,560 --> 00:28:05,120
because the storage system changed.

790
00:28:05,120 --> 00:28:08,280
A salary expectation is marked confidential in the HR system

791
00:28:08,280 --> 00:28:10,360
because the HR team understands it's sensitive.

792
00:28:10,360 --> 00:28:12,440
The hiring manager copies it into a spreadsheet

793
00:28:12,440 --> 00:28:14,480
because they want to analyze compensation bands

794
00:28:14,480 --> 00:28:15,720
across open positions.

795
00:28:15,720 --> 00:28:17,280
The spreadsheet doesn't get classified

796
00:28:17,280 --> 00:28:18,520
because it's a local file.

797
00:28:18,520 --> 00:28:20,200
The hiring manager shares the spreadsheet

798
00:28:20,200 --> 00:28:22,920
with the department head to discuss budget allocation.

799
00:28:22,920 --> 00:28:25,880
The department head thinks it's internal information, not confidential,

800
00:28:25,880 --> 00:28:27,480
so they forward it to finance.

801
00:28:27,480 --> 00:28:29,960
Finance receives it as an unclassified attachment

802
00:28:29,960 --> 00:28:33,040
and stores it in their shared drive with a general classification.

803
00:28:33,040 --> 00:28:35,400
The same data has now been reclassified four times.

804
00:28:35,400 --> 00:28:36,560
It started as confidential.

805
00:28:36,560 --> 00:28:39,000
It was unclassified when it moved to a spreadsheet.

806
00:28:39,000 --> 00:28:41,520
It was treated as internal when it was forwarded.

807
00:28:41,520 --> 00:28:43,720
It ended up as general in the finance folder.

808
00:28:43,720 --> 00:28:45,480
None of these reclassifications happened

809
00:28:45,480 --> 00:28:48,920
because someone deliberately changed how sensitive the information is.

810
00:28:48,920 --> 00:28:52,600
It happened because each system has its own classification logic

811
00:28:52,600 --> 00:28:55,040
and data doesn't carry its classification with it

812
00:28:55,040 --> 00:28:56,440
when it moves between systems.

813
00:28:56,440 --> 00:28:57,800
Compliance wants to audit this.

814
00:28:57,800 --> 00:29:00,960
They want to verify that sensitive data is being protected.

815
00:29:00,960 --> 00:29:04,640
So they search the tenant for files marked with sensitivity labels

816
00:29:04,640 --> 00:29:06,560
that indicate candidate information.

817
00:29:06,560 --> 00:29:07,720
They find files.

818
00:29:07,720 --> 00:29:09,720
They verify that access is restricted.

819
00:29:09,720 --> 00:29:10,720
They run a report.

820
00:29:10,720 --> 00:29:13,680
Candidate data is properly classified and protected.

821
00:29:13,680 --> 00:29:15,960
The report is correct for the files that are labeled.

822
00:29:15,960 --> 00:29:18,480
It's completely invisible for the files that aren't labeled,

823
00:29:18,480 --> 00:29:19,640
which is most of them.

824
00:29:19,640 --> 00:29:21,560
The company now has a compliance checkbox

825
00:29:21,560 --> 00:29:23,520
that says classification is working.

826
00:29:23,520 --> 00:29:27,480
But the actual data is widely distributed across classification states.

827
00:29:27,480 --> 00:29:29,280
Some is protected, some is unprotected,

828
00:29:29,280 --> 00:29:32,360
some is protected in one location and unprotected in another.

829
00:29:32,360 --> 00:29:34,520
The company has no mechanism to see this.

830
00:29:34,520 --> 00:29:36,000
The company doesn't know what it doesn't know.

831
00:29:36,000 --> 00:29:37,200
This is the key inside.

832
00:29:37,200 --> 00:29:38,640
This is not a compliance problem.

833
00:29:38,640 --> 00:29:39,720
This is a knowledge problem.

834
00:29:39,720 --> 00:29:41,600
The company doesn't actually know what it knows.

835
00:29:41,600 --> 00:29:43,360
It doesn't know where sensitive data lives.

836
00:29:43,360 --> 00:29:45,080
It doesn't know how many copies exist.

837
00:29:45,080 --> 00:29:47,120
It doesn't know what classification each copy carries.

838
00:29:47,120 --> 00:29:48,440
It doesn't know who can see it.

839
00:29:48,440 --> 00:29:51,520
Compliance frameworks assume that one's data is classified.

840
00:29:51,520 --> 00:29:53,520
The system becomes the source of truth.

841
00:29:53,520 --> 00:29:55,360
The system will enforce protection.

842
00:29:55,360 --> 00:29:58,880
Compliance can audit the system and verify that controls are in place.

843
00:29:58,880 --> 00:30:02,080
What they don't account for is that the data has become distributed

844
00:30:02,080 --> 00:30:04,960
across multiple systems with different classification logic.

845
00:30:04,960 --> 00:30:08,520
The control point, the moment when sensitivity is determined, is invisible.

846
00:30:08,520 --> 00:30:09,920
The data has already scattered.

847
00:30:09,920 --> 00:30:13,280
This matters because it's the foundation for everything that comes next.

848
00:30:13,280 --> 00:30:15,520
The company cannot govern what it cannot see.

849
00:30:15,520 --> 00:30:17,920
The company cannot see what it hasn't classified.

850
00:30:17,920 --> 00:30:23,920
And classification fails the moment data moves into a system that doesn't carry the classification with it.

851
00:30:23,920 --> 00:30:27,320
The finance month and story, part one, the controlled chaos.

852
00:30:27,320 --> 00:30:29,120
Finance is where control should exist.

853
00:30:29,120 --> 00:30:31,120
Finance is where every transaction is recorded.

854
00:30:31,120 --> 00:30:32,720
Every journal entry is approved.

855
00:30:32,720 --> 00:30:34,120
Every balance is reconciled.

856
00:30:34,120 --> 00:30:35,520
Every variance is explained.

857
00:30:35,520 --> 00:30:37,120
Finance operates in systems.

858
00:30:37,120 --> 00:30:39,120
The general ledger is the system of record.

859
00:30:39,120 --> 00:30:41,720
Accounting software is the single source of truth.

860
00:30:41,720 --> 00:30:44,920
Month and closing is a defined process with gates and approvals.

861
00:30:44,920 --> 00:30:48,520
Leadership believes finance is locked down because finance looks locked down.

862
00:30:48,520 --> 00:30:49,520
The controls are visible.

863
00:30:49,520 --> 00:30:50,920
The process is documented.

864
00:30:50,920 --> 00:30:52,520
The reconciliation is auditable.

865
00:30:52,520 --> 00:30:53,520
None of this is true.

866
00:30:53,520 --> 00:30:55,120
Finance operates on two systems.

867
00:30:55,120 --> 00:30:58,720
The official one and the real one and the real one is where the actual numbers live.

868
00:30:58,720 --> 00:31:00,720
Month and closing starts with forecasting.

869
00:31:00,720 --> 00:31:02,320
The company needs to close the books.

870
00:31:02,320 --> 00:31:04,520
Transactions have flowed through the general ledger.

871
00:31:04,520 --> 00:31:05,920
Receivables have been recorded.

872
00:31:05,920 --> 00:31:07,320
Payables are sitting in the system.

873
00:31:07,320 --> 00:31:08,720
Inventory has been counted.

874
00:31:08,720 --> 00:31:10,520
Everything should be in the accounting software,

875
00:31:10,520 --> 00:31:12,920
ready to be summarized, reconciled and reported.

876
00:31:12,920 --> 00:31:14,520
So the controller runs a report?

877
00:31:14,520 --> 00:31:16,120
The balance sheet comes out.

878
00:31:16,120 --> 00:31:17,320
The revenue looks reasonable.

879
00:31:17,320 --> 00:31:18,720
The expenses look on track.

880
00:31:18,720 --> 00:31:20,120
The cash position looks correct.

881
00:31:20,120 --> 00:31:21,720
The system shows clean numbers.

882
00:31:21,720 --> 00:31:23,920
The controller shows the numbers to the CFO.

883
00:31:23,920 --> 00:31:26,920
The CFO looks at them and asks the question, "Does this feel right?"

884
00:31:26,920 --> 00:31:28,920
The controller doesn't say yes immediately.

885
00:31:28,920 --> 00:31:32,320
Because the controller knows something the CFO is asking without saying it.

886
00:31:32,320 --> 00:31:33,920
The system shows the numbers.

887
00:31:33,920 --> 00:31:35,120
But are they the true numbers?

888
00:31:35,120 --> 00:31:36,720
Are they what actually happened?

889
00:31:36,720 --> 00:31:38,320
Or are they what the system recorded?

890
00:31:38,320 --> 00:31:40,320
Are there transactions that didn't make it in?

891
00:31:40,320 --> 00:31:42,320
Are there adjustments that should have been made?

892
00:31:42,320 --> 00:31:44,920
Is the system of record actually the source of truth?

893
00:31:44,920 --> 00:31:48,520
Or is it just a recording device that happens to be accurate some of the time?

894
00:31:48,520 --> 00:31:50,120
The controller opens a different system.

895
00:31:50,120 --> 00:31:51,120
This is the real system.

896
00:31:51,120 --> 00:31:52,520
It's an Excel spreadsheet.

897
00:31:52,520 --> 00:31:54,520
The spreadsheet is not in the accounting software.

898
00:31:54,520 --> 00:31:55,520
It's not in SharePoint.

899
00:31:55,520 --> 00:31:56,720
It's not in a shared repository.

900
00:31:56,720 --> 00:31:58,320
It lives on the controller's desktop.

901
00:31:58,320 --> 00:32:02,520
It's named something like Month-End 2026 or Actuals or Real Numbers.

902
00:32:02,520 --> 00:32:04,520
The controller built the spreadsheet years ago.

903
00:32:04,520 --> 00:32:05,920
It started as a single tab.

904
00:32:05,920 --> 00:32:06,920
Now it's 30 tabs.

905
00:32:06,920 --> 00:32:08,320
Each tab is a reconciliation.

906
00:32:08,320 --> 00:32:11,520
Each reconciliation pulls data from the accounting software

907
00:32:11,520 --> 00:32:14,320
and then adjusts it based on things the system doesn't know.

908
00:32:14,320 --> 00:32:17,120
The controller opens the spreadsheet and starts reconciling.

909
00:32:17,120 --> 00:32:20,120
The GL shows accounts receivable at a certain number.

910
00:32:20,120 --> 00:32:23,520
But the controller knows that three invoices were issued at the very end of the month.

911
00:32:23,520 --> 00:32:25,720
And the system might not have recorded them correctly

912
00:32:25,720 --> 00:32:27,720
or might have recorded them in the next period

913
00:32:27,720 --> 00:32:29,520
or might not have recorded them at all,

914
00:32:29,520 --> 00:32:31,520
depending on when the data load ran.

915
00:32:31,520 --> 00:32:34,120
So the controller checks the invoice system separately.

916
00:32:34,120 --> 00:32:36,120
The controller manually counts the invoices.

917
00:32:36,120 --> 00:32:37,720
The controller adds them to the spreadsheet.

918
00:32:37,720 --> 00:32:41,320
Now the spreadsheet shows accounts receivable at a different number than the GL.

919
00:32:41,320 --> 00:32:43,320
The GL shows inventory at cost.

920
00:32:43,320 --> 00:32:46,320
But the controller knows that inventory was counted last week

921
00:32:46,320 --> 00:32:49,320
and the results haven't fully flowed through the system yet.

922
00:32:49,320 --> 00:32:52,720
Or the results flowed through partially, or the system is showing old counts.

923
00:32:52,720 --> 00:32:55,520
So the controller pulls the physical inventory count report

924
00:32:55,520 --> 00:32:57,520
and manually reconciles it to the GL.

925
00:32:57,520 --> 00:32:59,520
The spreadsheet now shows adjusted inventory.

926
00:32:59,520 --> 00:33:01,920
The GL shows depreciation.

927
00:33:01,920 --> 00:33:04,120
But depreciation is calculated by the system

928
00:33:04,120 --> 00:33:07,520
and the system was updated last quarter with new fixed assets.

929
00:33:07,520 --> 00:33:10,920
But the depreciation schedule might not have been updated correctly

930
00:33:10,920 --> 00:33:15,520
so the controller recalculates depreciation manually based on the fixed asset listing

931
00:33:15,520 --> 00:33:18,720
and the capital policy and adds the correction to the spreadsheet.

932
00:33:18,720 --> 00:33:21,120
Intercompany transactions are supposed to eliminate.

933
00:33:21,120 --> 00:33:24,520
But transactions between divisions flow through different systems.

934
00:33:24,520 --> 00:33:27,720
Some are recorded by division A, some are recorded by division B.

935
00:33:27,720 --> 00:33:30,520
Sometimes they don't match. The system shows an imbalance.

936
00:33:30,520 --> 00:33:32,120
The controller chases the variance.

937
00:33:32,120 --> 00:33:35,720
Then email goes to the division controllers asking them to find the discrepancy.

938
00:33:35,720 --> 00:33:36,720
Emails come back.

939
00:33:36,720 --> 00:33:38,720
The controller manually reconciles them.

940
00:33:38,720 --> 00:33:43,320
The controller adds a note to the spreadsheet explaining the variance and the adjustment that was made.

941
00:33:43,320 --> 00:33:44,320
Hours pass.

942
00:33:44,320 --> 00:33:45,320
The spreadsheet grows.

943
00:33:45,320 --> 00:33:47,520
It becomes a living document of reconciliation.

944
00:33:47,520 --> 00:33:48,920
It's where the real close happens.

945
00:33:48,920 --> 00:33:50,520
It's where the actual numbers come from.

946
00:33:50,520 --> 00:33:52,520
The system of record is just a starting point.

947
00:33:52,520 --> 00:33:54,520
The spreadsheet is the truth engine.

948
00:33:54,520 --> 00:33:56,520
The CFO asks another question.

949
00:33:56,520 --> 00:33:57,920
What does the spreadsheet say?

950
00:33:57,920 --> 00:33:59,520
Or not what does the system say?

951
00:33:59,520 --> 00:34:01,520
The CFO knows to ask about the spreadsheet.

952
00:34:01,520 --> 00:34:02,920
The spreadsheet is what matters.

953
00:34:02,920 --> 00:34:05,520
The spreadsheet is where finance trusts the numbers.

954
00:34:05,520 --> 00:34:07,920
The controller gives the CFO the spreadsheet.

955
00:34:07,920 --> 00:34:08,920
The CFO reviews it.

956
00:34:08,920 --> 00:34:10,120
The numbers now look right.

957
00:34:10,120 --> 00:34:11,720
Month and closing can proceed.

958
00:34:11,720 --> 00:34:13,320
Financial statements are issued.

959
00:34:13,320 --> 00:34:14,520
Earnings are reported.

960
00:34:14,520 --> 00:34:19,120
All based on a spreadsheet that lives on one person's computer is emailed around for review.

961
00:34:19,120 --> 00:34:21,720
Has multiple versions floating through the organization.

962
00:34:21,720 --> 00:34:26,120
And represents the actual truth about what the company's financial state is.

963
00:34:26,120 --> 00:34:27,520
The system shows one thing.

964
00:34:27,520 --> 00:34:28,920
The spreadsheet shows another.

965
00:34:28,920 --> 00:34:30,920
Finance closes based on the spreadsheet.

966
00:34:30,920 --> 00:34:31,920
The system is reporting.

967
00:34:31,920 --> 00:34:33,320
The spreadsheet is reality.

968
00:34:33,320 --> 00:34:34,920
The finance month ends story.

969
00:34:34,920 --> 00:34:35,720
Part two.

970
00:34:35,720 --> 00:34:36,920
Trust gaps in data.

971
00:34:36,920 --> 00:34:39,120
Why doesn't finance trust the system?

972
00:34:39,120 --> 00:34:40,320
That's the real question.

973
00:34:40,320 --> 00:34:42,320
Because the system was designed to be trustworthy.

974
00:34:42,320 --> 00:34:43,320
It has audit trails.

975
00:34:43,320 --> 00:34:44,520
It has approval workflows.

976
00:34:44,520 --> 00:34:45,920
It has access controls.

977
00:34:45,920 --> 00:34:47,920
Transactions flow in defined directions.

978
00:34:47,920 --> 00:34:49,320
Everything should be traceable.

979
00:34:49,320 --> 00:34:50,720
Everything should be reconcilable.

980
00:34:50,720 --> 00:34:51,720
Everything should add up.

981
00:34:51,720 --> 00:34:52,720
But it doesn't.

982
00:34:52,720 --> 00:34:53,520
Not reliably.

983
00:34:53,520 --> 00:34:54,520
Not without the spreadsheet.

984
00:34:54,520 --> 00:34:55,520
The reason is subtle.

985
00:34:55,520 --> 00:34:57,920
The accounting system is accurate for what it records.

986
00:34:57,920 --> 00:35:00,520
The problem is that it doesn't record everything that matters.

987
00:35:00,520 --> 00:35:03,120
Transactions that should have been recorded didn't get recorded.

988
00:35:03,120 --> 00:35:05,720
Transactions that were recorded landed in the wrong period.

989
00:35:05,720 --> 00:35:08,520
Transactions that were recorded landed in the wrong account.

990
00:35:08,520 --> 00:35:10,520
The system is working exactly as design.

991
00:35:10,520 --> 00:35:13,320
It's receiving data and processing it according to its rules.

992
00:35:13,320 --> 00:35:16,520
The issue is that the data is messy, incomplete and inconsistent.

993
00:35:16,520 --> 00:35:18,720
Manual transactions get entered incorrectly.

994
00:35:18,720 --> 00:35:21,920
A clock enters a three-digit number as a four-digit number.

995
00:35:21,920 --> 00:35:25,520
Nobody catches it until the balance is off by a magnitude of ten.

996
00:35:25,520 --> 00:35:29,320
Or a division controller manually records a month's transactions at the end of the month.

997
00:35:29,320 --> 00:35:32,520
But the manual entry doesn't match the source system's timeline.

998
00:35:32,520 --> 00:35:35,320
So reconciliation requires a manual adjustment.

999
00:35:35,320 --> 00:35:39,520
Or a system integration that was supposed to automatically post transactions

1000
00:35:39,520 --> 00:35:41,720
from one system to another fails silently.

1001
00:35:41,720 --> 00:35:43,320
The system shows no error.

1002
00:35:43,320 --> 00:35:47,720
The transactions simply don't appear in the GL until someone manually traces them.

1003
00:35:47,720 --> 00:35:49,520
These are not failures of the system.

1004
00:35:49,520 --> 00:35:52,320
These are failures of the data quality that feeds the system.

1005
00:35:52,320 --> 00:35:54,520
And the system has no mechanism to know this.

1006
00:35:54,520 --> 00:35:57,320
The system processes the data it receives and reports on it.

1007
00:35:57,320 --> 00:36:00,520
If the data is incomplete, the system reports incomplete numbers.

1008
00:36:00,520 --> 00:36:05,120
If the data is late, the system reports last periods transactions in this period's close.

1009
00:36:05,120 --> 00:36:08,320
If the data is wrong, the system reports wrong numbers correctly.

1010
00:36:08,320 --> 00:36:10,720
The system is doing exactly what it's supposed to do.

1011
00:36:10,720 --> 00:36:13,520
It's just that what it's supposed to do doesn't guarantee accuracy.

1012
00:36:13,520 --> 00:36:14,320
Finance knows this.

1013
00:36:14,320 --> 00:36:17,920
Finance doesn't trust the GL because finance has been burned by the GL.

1014
00:36:17,920 --> 00:36:20,720
Finance has closed the books based on the system.

1015
00:36:20,720 --> 00:36:22,120
Finance has reported numbers.

1016
00:36:22,120 --> 00:36:25,520
Then finance has discovered weeks later that a transaction didn't post.

1017
00:36:25,520 --> 00:36:28,320
Or posted twice or posted to the wrong account.

1018
00:36:28,320 --> 00:36:33,520
Finance has had to restate earnings because of a data quality issue that the system didn't catch.

1019
00:36:33,520 --> 00:36:35,120
So finance built the spreadsheet.

1020
00:36:35,120 --> 00:36:37,320
The spreadsheet is where finance validates the system.

1021
00:36:37,320 --> 00:36:40,720
The spreadsheet is where finance asks, does this number make sense?

1022
00:36:40,720 --> 00:36:43,520
Is this reasonable given what we know about the business?

1023
00:36:43,520 --> 00:36:46,720
Has anything unusual happened that the system might not know about?

1024
00:36:46,720 --> 00:36:50,120
The spreadsheet is the layer of human judgment on top of the automated system.

1025
00:36:50,120 --> 00:36:51,320
This is not inefficiency.

1026
00:36:51,320 --> 00:36:52,320
This is necessary.

1027
00:36:52,320 --> 00:36:53,720
The system cannot audit itself.

1028
00:36:53,720 --> 00:36:55,920
The system cannot ask if the numbers feel right.

1029
00:36:55,920 --> 00:36:59,720
The system cannot catch data quality issues that don't violate any rule.

1030
00:36:59,720 --> 00:37:01,120
Only a human can do that.

1031
00:37:01,120 --> 00:37:06,720
Only someone who understands the business can say, the system shows revenue declined 15% this month.

1032
00:37:06,720 --> 00:37:08,720
But we know we signed three major contracts.

1033
00:37:08,720 --> 00:37:10,520
The system has a data lag problem.

1034
00:37:10,520 --> 00:37:15,720
Finance has to maintain the spreadsheet because the system of record is not trustworthy enough to close on alone.

1035
00:37:15,720 --> 00:37:18,720
The system is accurate for what it records, but it's not complete.

1036
00:37:18,720 --> 00:37:20,120
It doesn't know what it's missing.

1037
00:37:20,120 --> 00:37:22,120
Finance has to fill the gaps manually.

1038
00:37:22,120 --> 00:37:24,720
Now imagine what happens when leadership looks at this infrastructure.

1039
00:37:24,720 --> 00:37:26,320
Leadership sees the accounting system.

1040
00:37:26,320 --> 00:37:28,720
Leadership assumes that's the system of record.

1041
00:37:28,720 --> 00:37:32,320
Leadership assumes that's what the company's financial state actually is.

1042
00:37:32,320 --> 00:37:33,120
Finance knows better.

1043
00:37:33,120 --> 00:37:35,320
Finance knows the real numbers live in a spreadsheet.

1044
00:37:35,320 --> 00:37:36,320
The system is useful.

1045
00:37:36,320 --> 00:37:37,520
The system is necessary.

1046
00:37:37,520 --> 00:37:39,120
The system is not the source of truth.

1047
00:37:39,120 --> 00:37:41,920
This is the third signal of real infrastructure.

1048
00:37:41,920 --> 00:37:44,920
Processes don't match how work gets done.

1049
00:37:44,920 --> 00:37:50,920
The process is supposed to be record transaction, post to GL, close books, report.

1050
00:37:50,920 --> 00:37:54,520
The actual process is record transaction, post to GL.

1051
00:37:54,520 --> 00:37:56,720
Discover that GL is incomplete or wrong.

1052
00:37:56,720 --> 00:38:00,520
Adjust in spreadsheet, validate with human judgment, close books, report.

1053
00:38:00,520 --> 00:38:02,520
The system is invisible to this process.

1054
00:38:02,520 --> 00:38:04,120
The system looks like it's the foundation.

1055
00:38:04,120 --> 00:38:06,320
The system is actually just a data collection point.

1056
00:38:06,320 --> 00:38:07,720
The foundation is the spreadsheet.

1057
00:38:07,720 --> 00:38:09,520
The foundation is the reconciliation.

1058
00:38:09,520 --> 00:38:14,120
The foundation is the human being who understands the business well enough to catch what the system missed.

1059
00:38:14,120 --> 00:38:16,720
And this infrastructure is now invisible to compliance.

1060
00:38:16,720 --> 00:38:18,120
Compliance audits the system.

1061
00:38:18,120 --> 00:38:20,920
Compliance verifies that the GL was close properly.

1062
00:38:20,920 --> 00:38:23,520
Compliance confirms that transactions were approved.

1063
00:38:23,520 --> 00:38:24,920
Compliance doesn't see the spreadsheet.

1064
00:38:24,920 --> 00:38:30,320
Compliance doesn't know that the numbers they're verifying came from a system that finance doesn't actually trust.

1065
00:38:30,320 --> 00:38:32,520
The company has a control structure that looks locked down.

1066
00:38:32,520 --> 00:38:36,920
The company has a reality where controls depend on manual reconciliation and human judgment.

1067
00:38:36,920 --> 00:38:41,120
These are not the same thing, but they look the same when you only look at the system.

1068
00:38:41,120 --> 00:38:43,320
The pattern, conditional chaos.

1069
00:38:43,320 --> 00:38:44,520
Look at what we've just mapped.

1070
00:38:44,520 --> 00:38:46,720
The sales rep doesn't follow the design process.

1071
00:38:46,720 --> 00:38:49,520
The hiring manager doesn't enforce permission boundaries.

1072
00:38:49,520 --> 00:38:51,720
The finance controller doesn't trust the system.

1073
00:38:51,720 --> 00:38:54,920
Each of these is a different workflow. Each operates in a different domain.

1074
00:38:54,920 --> 00:38:57,920
Yet they're all responding to the same underlying logic.

1075
00:38:57,920 --> 00:38:59,720
They're all adapting in the same direction.

1076
00:38:59,720 --> 00:39:00,920
And that direction is not random.

1077
00:39:00,920 --> 00:39:02,720
Every organization has two infrastructures.

1078
00:39:02,720 --> 00:39:04,120
There's the one in the diagram.

1079
00:39:04,120 --> 00:39:05,520
That's the designed infrastructure.

1080
00:39:05,520 --> 00:39:06,920
That's what was built intentionally.

1081
00:39:06,920 --> 00:39:08,120
That's what the diagrams show.

1082
00:39:08,120 --> 00:39:09,520
What the documentation describes.

1083
00:39:09,520 --> 00:39:11,120
What compliance audits against.

1084
00:39:11,120 --> 00:39:11,920
It's stable.

1085
00:39:11,920 --> 00:39:12,520
It's recorded.

1086
00:39:12,520 --> 00:39:14,920
It's supposed to be the system that runs the business.

1087
00:39:14,920 --> 00:39:15,920
Then there's the other one.

1088
00:39:15,920 --> 00:39:17,320
That's the real infrastructure.

1089
00:39:17,320 --> 00:39:18,720
That's what actually runs the business.

1090
00:39:18,720 --> 00:39:19,720
It's adaptive.

1091
00:39:19,720 --> 00:39:20,720
It's distributed.

1092
00:39:20,720 --> 00:39:21,520
It's invisible.

1093
00:39:21,520 --> 00:39:24,320
And it emerges from a single principle, pressure.

1094
00:39:24,320 --> 00:39:26,520
Under normal conditions, people follow the process.

1095
00:39:26,520 --> 00:39:29,120
The sales rep uses the tools they're supposed to use.

1096
00:39:29,120 --> 00:39:31,520
The hiring manager maintains proper permissions.

1097
00:39:31,520 --> 00:39:33,520
The finance controller trusts the system.

1098
00:39:33,520 --> 00:39:34,720
When there's no pressure.

1099
00:39:34,720 --> 00:39:36,920
When the deadline is flexible, when speed doesn't matter.

1100
00:39:36,920 --> 00:39:38,920
When the risk feels manageable, people conform.

1101
00:39:38,920 --> 00:39:40,720
They use the system that was designed for them.

1102
00:39:40,720 --> 00:39:42,120
But pressure changes everything.

1103
00:39:42,120 --> 00:39:43,920
Pressure is not an abstract concept.

1104
00:39:43,920 --> 00:39:47,720
Pressure is a customer on the phone asking when they'll see the proposal.

1105
00:39:47,720 --> 00:39:49,920
Pressure is a hiring deadline that can't slip.

1106
00:39:49,920 --> 00:39:54,920
Pressure is a month and close that has to happen on the 16th regardless of whether the data is clean.

1107
00:39:54,920 --> 00:39:58,920
Pressure is a competitive moment where the organization that moves fastest wins.

1108
00:39:58,920 --> 00:40:01,320
Under pressure, people don't optimize for governance.

1109
00:40:01,320 --> 00:40:02,520
They optimize for speed.

1110
00:40:02,520 --> 00:40:04,320
They don't optimize for controls.

1111
00:40:04,320 --> 00:40:05,520
They optimize for results.

1112
00:40:05,520 --> 00:40:09,120
And the system that delivers results fastest is not the designed system.

1113
00:40:09,120 --> 00:40:10,520
It's the one they build themselves.

1114
00:40:10,520 --> 00:40:12,120
The sales rep emails the proposal.

1115
00:40:12,120 --> 00:40:14,120
Email is faster under normal conditions.

1116
00:40:14,120 --> 00:40:15,720
The rep might use SharePoint.

1117
00:40:15,720 --> 00:40:18,520
Under deadline pressure, the rep uses what works.

1118
00:40:18,520 --> 00:40:21,520
The hiring manager maintains a spreadsheet of candidates.

1119
00:40:21,520 --> 00:40:24,920
Under normal conditions, the manager might enter them in the HRIS.

1120
00:40:24,920 --> 00:40:27,920
Under hiring pressure, the manager uses what they can control immediately.

1121
00:40:27,920 --> 00:40:30,720
The finance controller maintains a reconciliation spreadsheet.

1122
00:40:30,720 --> 00:40:33,320
Under normal conditions, the controller might trust the GL.

1123
00:40:33,320 --> 00:40:36,520
Under close deadline pressure, the controller uses what they know is accurate.

1124
00:40:36,520 --> 00:40:37,520
These aren't exceptions.

1125
00:40:37,520 --> 00:40:40,520
These are the actual operating procedures of the organization.

1126
00:40:40,520 --> 00:40:41,920
They kick in when it matters.

1127
00:40:41,920 --> 00:40:43,120
They activate under pressure.

1128
00:40:43,120 --> 00:40:45,120
And once they exist, they become permanent.

1129
00:40:45,120 --> 00:40:46,320
Here's the critical part.

1130
00:40:46,320 --> 00:40:47,720
These workarounds compound.

1131
00:40:47,720 --> 00:40:49,720
The sales reps email workaround works.

1132
00:40:49,720 --> 00:40:51,520
The rep does it again, next deal.

1133
00:40:51,520 --> 00:40:52,520
And again, and again.

1134
00:40:52,520 --> 00:40:53,920
The workaround becomes normal.

1135
00:40:53,920 --> 00:40:55,520
It becomes the way deals are closed.

1136
00:40:55,520 --> 00:40:56,520
New reps learn it.

1137
00:40:56,520 --> 00:40:58,320
It becomes the team's standard process.

1138
00:40:58,320 --> 00:40:59,720
The design system receipts.

1139
00:40:59,720 --> 00:41:00,520
It's still there.

1140
00:41:00,520 --> 00:41:01,520
It's still documented.

1141
00:41:01,520 --> 00:41:04,120
But it's no longer the way work actually happens.

1142
00:41:04,120 --> 00:41:05,720
The same thing happens with permissions.

1143
00:41:05,720 --> 00:41:07,520
The hiring manager needs quick access.

1144
00:41:07,520 --> 00:41:09,320
So access is granted broadly.

1145
00:41:09,320 --> 00:41:10,320
It stays granted.

1146
00:41:10,320 --> 00:41:11,120
New projects come.

1147
00:41:11,120 --> 00:41:11,920
New access is added.

1148
00:41:11,920 --> 00:41:13,120
The access never shrinks.

1149
00:41:13,120 --> 00:41:13,920
It compounds.

1150
00:41:13,920 --> 00:41:15,720
Over time, access becomes stratified.

1151
00:41:15,720 --> 00:41:16,720
It reflects history.

1152
00:41:16,720 --> 00:41:17,520
Not intent.

1153
00:41:17,520 --> 00:41:19,120
The same thing happens with the spreadsheet.

1154
00:41:19,120 --> 00:41:21,320
Finance needs it for one reconciliation.

1155
00:41:21,320 --> 00:41:23,320
Finance adds another, another, another.

1156
00:41:23,320 --> 00:41:24,320
The spreadsheet grows.

1157
00:41:24,320 --> 00:41:25,320
It becomes indispensable.

1158
00:41:25,320 --> 00:41:27,320
It becomes the system people depend on.

1159
00:41:27,320 --> 00:41:29,920
The GL becomes a reporting layer, not a decision layer.

1160
00:41:29,920 --> 00:41:31,320
Leadership doesn't see this.

1161
00:41:31,320 --> 00:41:33,120
Leadership sees the official metrics.

1162
00:41:33,120 --> 00:41:34,720
The CRM shows deals are closing.

1163
00:41:34,720 --> 00:41:36,720
The HRIS shows people are being hired.

1164
00:41:36,720 --> 00:41:38,520
The GL shows the books are balanced.

1165
00:41:38,520 --> 00:41:39,520
The systems are working.

1166
00:41:39,520 --> 00:41:40,520
The metrics look good.

1167
00:41:40,520 --> 00:41:42,520
The infrastructure appears to be functioning.

1168
00:41:42,520 --> 00:41:45,320
What leadership doesn't see is that the actual infrastructure,

1169
00:41:45,320 --> 00:41:46,720
the one delivering those results,

1170
00:41:46,720 --> 00:41:48,120
is operating invisibly.

1171
00:41:48,120 --> 00:41:49,120
It's in email threads.

1172
00:41:49,120 --> 00:41:50,120
It's in spreadsheets.

1173
00:41:50,120 --> 00:41:51,520
It's in inherited permissions.

1174
00:41:51,520 --> 00:41:53,720
It's in shadow processes that are now so embedded

1175
00:41:53,720 --> 00:41:54,920
that they've become standard.

1176
00:41:54,920 --> 00:41:56,320
This is conditional chaos.

1177
00:41:56,320 --> 00:41:58,920
The infrastructure is stable under normal conditions.

1178
00:41:58,920 --> 00:41:59,920
It adapts under pressure.

1179
00:41:59,920 --> 00:42:01,320
It compounds over time.

1180
00:42:01,320 --> 00:42:04,520
It becomes invisible because the designed infrastructure is still there.

1181
00:42:04,520 --> 00:42:06,320
Still running, still reporting.

1182
00:42:06,320 --> 00:42:10,720
The real infrastructure is just operating alongside it, doing the actual work.

1183
00:42:10,720 --> 00:42:13,320
Every organization is running two systems simultaneously.

1184
00:42:13,320 --> 00:42:14,320
One is documented.

1185
00:42:14,320 --> 00:42:15,320
One is invisible.

1186
00:42:15,320 --> 00:42:16,120
One is audited.

1187
00:42:16,120 --> 00:42:16,720
One is not.

1188
00:42:16,720 --> 00:42:17,920
One looks locked down.

1189
00:42:17,920 --> 00:42:19,920
One is actually delivering the results.

1190
00:42:19,920 --> 00:42:23,120
The distance between these two systems is where all the risk lives.

1191
00:42:23,120 --> 00:42:24,520
Not in what you don't control.

1192
00:42:24,520 --> 00:42:27,120
In what you think you control, but don't.

1193
00:42:27,120 --> 00:42:28,520
The co-pilot collision.

1194
00:42:28,520 --> 00:42:29,320
Part one.

1195
00:42:29,320 --> 00:42:30,920
AI meets reality.

1196
00:42:30,920 --> 00:42:34,120
Now imagine what happens when you put AI on top of this infrastructure.

1197
00:42:34,120 --> 00:42:35,920
Microsoft 365 co-pilot launches.

1198
00:42:35,920 --> 00:42:37,520
The value proposition is compelling.

1199
00:42:37,520 --> 00:42:39,320
Co-pilot will summarize emails.

1200
00:42:39,320 --> 00:42:40,720
Co-pilot will draft documents.

1201
00:42:40,720 --> 00:42:41,920
Co-pilot will analyze data.

1202
00:42:41,920 --> 00:42:43,520
Co-pilot will understand your business.

1203
00:42:43,520 --> 00:42:45,320
Co-pilot will make you faster.

1204
00:42:45,320 --> 00:42:46,520
Leadership sees the potential.

1205
00:42:46,520 --> 00:42:47,520
This is the future.

1206
00:42:47,520 --> 00:42:49,520
This is how work gets done in 2026.

1207
00:42:49,520 --> 00:42:50,920
The company rolls out co-pilot.

1208
00:42:50,920 --> 00:42:51,720
They license it.

1209
00:42:51,720 --> 00:42:52,520
They enable it.

1210
00:42:52,520 --> 00:42:53,520
Reps start using it.

1211
00:42:53,520 --> 00:42:55,120
Hiring managers start using it.

1212
00:42:55,120 --> 00:42:56,520
Finance teams start using it.

1213
00:42:56,520 --> 00:42:59,920
The AI is now operating inside the real infrastructure.

1214
00:42:59,920 --> 00:43:01,320
Here's what actually happens.

1215
00:43:01,320 --> 00:43:04,720
The sales rep opens co-pilot and asks it to draft a proposal.

1216
00:43:04,720 --> 00:43:06,720
Co-pilot has access to the rep's email.

1217
00:43:06,720 --> 00:43:08,520
Co-pilot has access to the rep's files.

1218
00:43:08,520 --> 00:43:10,520
Co-pilot has access to the customer record.

1219
00:43:10,520 --> 00:43:13,720
Co-pilot has permission to see everything the rep can see.

1220
00:43:13,720 --> 00:43:16,920
So co-pilot looks at the rep's context and generates a proposal.

1221
00:43:16,920 --> 00:43:18,320
The proposal looks professional.

1222
00:43:18,320 --> 00:43:19,320
It has the right structure.

1223
00:43:19,320 --> 00:43:20,320
It has reasonable language.

1224
00:43:20,320 --> 00:43:22,320
It sounds like something a proposal should sound like.

1225
00:43:22,320 --> 00:43:23,320
The rep reads it.

1226
00:43:23,320 --> 00:43:26,120
The proposal is based on the rep's last three proposals

1227
00:43:26,120 --> 00:43:28,320
plus an average of what similar proposals look like

1228
00:43:28,320 --> 00:43:29,720
across the organization.

1229
00:43:29,720 --> 00:43:32,320
Co-pilot has learned patterns from the rep's history

1230
00:43:32,320 --> 00:43:34,120
and from organizational data.

1231
00:43:34,120 --> 00:43:36,520
The problem is that co-pilot has learned from all of it.

1232
00:43:36,520 --> 00:43:38,320
The old proposals that didn't work.

1233
00:43:38,320 --> 00:43:39,720
The proposals that one deals.

1234
00:43:39,720 --> 00:43:42,120
The proposals that lost because the pricing was wrong.

1235
00:43:42,120 --> 00:43:44,720
The proposals that won because the rep offered a discount

1236
00:43:44,720 --> 00:43:45,920
that wasn't authorized.

1237
00:43:45,920 --> 00:43:48,320
Co-pilot learned from all of these and averaged them.

1238
00:43:48,320 --> 00:43:51,320
The output is statistically typical of what the rep has done before.

1239
00:43:51,320 --> 00:43:53,320
It is not necessarily what the rep should do next.

1240
00:43:53,320 --> 00:43:54,520
But the rep uses it.

1241
00:43:54,520 --> 00:43:55,920
It's faster than writing from scratch.

1242
00:43:55,920 --> 00:43:57,720
The rep sends the proposal to the customer.

1243
00:43:57,720 --> 00:44:00,320
Now watch what co-pilot does with the customer's response.

1244
00:44:00,320 --> 00:44:01,920
The customer replies with feedback.

1245
00:44:01,920 --> 00:44:03,520
The customer wants different pricing.

1246
00:44:03,520 --> 00:44:05,520
The customer wants the language changed.

1247
00:44:05,520 --> 00:44:07,120
The customer has objections.

1248
00:44:07,120 --> 00:44:10,320
The rep asks co-pilot to incorporate the feedback into the revision.

1249
00:44:10,320 --> 00:44:12,120
Co-pilot looks at the customer's email.

1250
00:44:12,120 --> 00:44:13,920
Co-pilot looks at the previous proposal.

1251
00:44:13,920 --> 00:44:16,320
Co-pilot looks at the entire email conversation.

1252
00:44:16,320 --> 00:44:19,920
Here's where the real infrastructure collides with artificial intelligence.

1253
00:44:19,920 --> 00:44:22,320
Co-pilot has permission to see the customer's email.

1254
00:44:22,320 --> 00:44:23,920
The customer email contains information.

1255
00:44:23,920 --> 00:44:25,520
The customer shared in confidence.

1256
00:44:25,520 --> 00:44:28,720
The customer said the company is considering switching vendors,

1257
00:44:28,720 --> 00:44:30,920
which is sensitive, competitive information.

1258
00:44:30,920 --> 00:44:34,720
The customer mentioned budget constraints that are confidential to their organization.

1259
00:44:34,720 --> 00:44:37,320
The customer said they're unhappy with their current vendor,

1260
00:44:37,320 --> 00:44:41,720
which is information that could damage the customer's negotiating position if it leaked.

1261
00:44:41,720 --> 00:44:45,520
Co-pilot has access to this information because the rep has access to this information.

1262
00:44:45,520 --> 00:44:48,520
The rep needed to see the customer email to understand the feedback.

1263
00:44:48,520 --> 00:44:51,120
So the customer email went into the system.

1264
00:44:51,120 --> 00:44:52,320
Now co-pilot can see it.

1265
00:44:52,320 --> 00:44:56,320
Co-pilot is now aware of things the customer didn't intend to tell an AI system.

1266
00:44:56,320 --> 00:44:59,520
Co-pilot processes this information and generates a revised proposal.

1267
00:44:59,520 --> 00:45:01,720
The revision addresses the customer's objections.

1268
00:45:01,720 --> 00:45:03,120
It incorporates the feedback.

1269
00:45:03,120 --> 00:45:03,920
It's thoughtful.

1270
00:45:03,920 --> 00:45:06,320
It shows that the rep heard what the customer said.

1271
00:45:06,320 --> 00:45:07,920
The customer receives it and is pleased.

1272
00:45:07,920 --> 00:45:11,120
But the AI has now seen information it shouldn't have had access to.

1273
00:45:11,120 --> 00:45:12,520
Not because of a security failure,

1274
00:45:12,520 --> 00:45:14,520
because the rep needed to see it to do their job.

1275
00:45:14,520 --> 00:45:15,920
The access was legitimate.

1276
00:45:15,920 --> 00:45:19,520
The AI piggybacked on legitimate access and gained visibility into things

1277
00:45:19,520 --> 00:45:20,720
it had no business knowing.

1278
00:45:20,720 --> 00:45:22,120
Now multiply this.

1279
00:45:22,120 --> 00:45:25,720
A hiring manager asks co-pilot to summarize candidates based on email threats

1280
00:45:25,720 --> 00:45:27,120
from recruiting conversations.

1281
00:45:27,120 --> 00:45:29,320
Co-pilot has access to the recruiting emails.

1282
00:45:29,320 --> 00:45:32,320
The recruiting emails contain information about other candidates.

1283
00:45:32,320 --> 00:45:33,920
They're salary expectations.

1284
00:45:33,920 --> 00:45:36,720
They're concerns about the role, their questions about the company.

1285
00:45:36,720 --> 00:45:38,720
Co-pilot synthesizes this into a summary.

1286
00:45:38,720 --> 00:45:39,720
The summary is useful.

1287
00:45:39,720 --> 00:45:43,720
It's also now aware of confidential information about candidates who didn't get the job.

1288
00:45:43,720 --> 00:45:48,120
A finance controller asks co-pilot to analyze month and reconciliation issues.

1289
00:45:48,120 --> 00:45:50,120
Co-pilot has access to the spreadsheet.

1290
00:45:50,120 --> 00:45:53,920
The spreadsheet contains notes about which divisions are missing transactions.

1291
00:45:53,920 --> 00:45:56,520
Which managers haven't provided required documentation,

1292
00:45:56,520 --> 00:45:58,320
which accounting teams made mistakes.

1293
00:45:58,320 --> 00:45:59,720
Co-pilot sees this pattern.

1294
00:45:59,720 --> 00:46:02,920
Co-pilot generates an analysis that flags the specific issues

1295
00:46:02,920 --> 00:46:04,320
and recommends solutions.

1296
00:46:04,320 --> 00:46:05,720
The analysis is insightful.

1297
00:46:05,720 --> 00:46:09,520
It's also aware of internal accountability issues that now exist in the system.

1298
00:46:09,520 --> 00:46:10,520
This is the collision.

1299
00:46:10,520 --> 00:46:12,720
Co-pilot is operating on the real infrastructure.

1300
00:46:12,720 --> 00:46:17,320
The real infrastructure contains information that's sensitive, confidential, or incomplete.

1301
00:46:17,320 --> 00:46:20,320
The system gave the rep legitimate access to that information

1302
00:46:20,320 --> 00:46:21,920
so the rep could do their job.

1303
00:46:21,920 --> 00:46:25,320
The system gave the hiring manager legitimate access so they could hire.

1304
00:46:25,320 --> 00:46:28,720
The system gave the controller legitimate access so they could close the books.

1305
00:46:28,720 --> 00:46:30,520
Co-pilot inherited that access.

1306
00:46:30,520 --> 00:46:35,120
Co-pilot is now seeing information across the organization with a clarity that no human sees.

1307
00:46:35,120 --> 00:46:39,120
Co-pilot is connecting patterns that exist in emails, files, and conversations.

1308
00:46:39,120 --> 00:46:44,520
Co-pilot is generating insights based on information that was never meant to be aggregated.

1309
00:46:44,520 --> 00:46:46,120
The company hasn't had a security breach.

1310
00:46:46,120 --> 00:46:48,720
Nobody hacked anything, nobody violated a rule.

1311
00:46:48,720 --> 00:46:52,120
The company deployed an AI system that operates on their real infrastructure

1312
00:46:52,120 --> 00:46:57,920
and the real infrastructure contains more information, more sensitivity, and more chaos than the company realized.

1313
00:46:58,720 --> 00:46:59,920
The Co-pilot collision.

1314
00:46:59,920 --> 00:47:00,720
Part two.

1315
00:47:00,720 --> 00:47:02,320
Exposure through intelligence.

1316
00:47:02,320 --> 00:47:06,320
Now watch what happens when the organization actually tries to use co-pilot at scale.

1317
00:47:06,320 --> 00:47:12,120
A hiring manager asks co-pilot to summarize all candidate evaluations for the current hiring cycle.

1318
00:47:12,120 --> 00:47:15,920
Co-pilot reads through dozens of email threads, interview notes, and feedback documents.

1319
00:47:15,920 --> 00:47:17,520
Co-pilot generates a summary.

1320
00:47:17,520 --> 00:47:18,320
The summary is clear.

1321
00:47:18,320 --> 00:47:19,320
It ranks candidates.

1322
00:47:19,320 --> 00:47:21,320
It highlights strengths and weaknesses.

1323
00:47:21,320 --> 00:47:22,920
It recommends who should move forward.

1324
00:47:22,920 --> 00:47:26,320
The summary is also now aware of every candidate who wasn't selected.

1325
00:47:26,320 --> 00:47:27,520
Why they weren't selected?

1326
00:47:27,520 --> 00:47:29,720
What the hiring team said about them privately?

1327
00:47:29,720 --> 00:47:32,920
Confidential feedback that was never meant to be aggregated.

1328
00:47:32,920 --> 00:47:40,520
The hiring manager didn't intend to ask co-pilot to synthesize all of this into a single, coherent narrative about candidate rankings.

1329
00:47:40,520 --> 00:47:42,520
The hiring manager just asked for a summary.

1330
00:47:42,520 --> 00:47:44,120
Co-pilot did what it was designed to do.

1331
00:47:44,120 --> 00:47:47,320
It connected the information that was available and generated an insight.

1332
00:47:47,320 --> 00:47:49,920
Now that insight exists, it's a co-pilot output.

1333
00:47:49,920 --> 00:47:50,720
It can be searched.

1334
00:47:50,720 --> 00:47:51,720
It can be forwarded.

1335
00:47:51,720 --> 00:47:53,120
It can be referenced in meetings.

1336
00:47:53,120 --> 00:48:00,720
Information that was scattered across emails and files is now consolidated in a single document that says explicitly why each candidate was rejected.

1337
00:48:00,720 --> 00:48:04,320
The sales manager asks co-pilot to analyze why deals are stalling.

1338
00:48:04,320 --> 00:48:05,720
Co-pilot looks at the pipeline.

1339
00:48:05,720 --> 00:48:08,520
Co-pilot looks at email threads about the stalled deals.

1340
00:48:08,520 --> 00:48:11,320
Co-pilot looks at notes in the CRM about customer objections.

1341
00:48:11,320 --> 00:48:13,320
But most of the truth is not in the CRM.

1342
00:48:13,320 --> 00:48:14,520
The truth is in the email.

1343
00:48:14,520 --> 00:48:19,320
The sales rep said the customer is unhappy because our price is higher than the competitors.

1344
00:48:19,320 --> 00:48:22,920
The sales rep said the customer's CFO is skeptical about the ROI.

1345
00:48:22,920 --> 00:48:27,520
The sales rep said the customer is negotiating with two other vendors and we are not the preferred option.

1346
00:48:27,520 --> 00:48:28,920
Co-pilot reads all of this.

1347
00:48:28,920 --> 00:48:30,320
Co-pilot synthesizes it.

1348
00:48:30,320 --> 00:48:32,120
Co-pilot generates a report.

1349
00:48:32,120 --> 00:48:36,120
Stalled deals are primarily due to price sensitivity and competitive threats.

1350
00:48:36,120 --> 00:48:36,920
Recommendation.

1351
00:48:36,920 --> 00:48:41,120
Adjust pricing or increase customer confidence through implementation case studies.

1352
00:48:41,120 --> 00:48:42,520
The report is insightful.

1353
00:48:42,520 --> 00:48:46,920
The report is also now aware of information that was never meant to be in a formal document.

1354
00:48:46,920 --> 00:48:48,320
Customer skepticism.

1355
00:48:48,320 --> 00:48:49,520
Competitive threats.

1356
00:48:49,520 --> 00:48:51,320
Internal doubts about the solution.

1357
00:48:51,320 --> 00:48:56,120
A finance manager asks Co-pilot to help understand why the month end close is taking longer.

1358
00:48:56,120 --> 00:48:58,320
Co-pilot looks at the reconciliation spreadsheet.

1359
00:48:58,320 --> 00:49:00,720
Co-pilot looks at email threads about the close.

1360
00:49:00,720 --> 00:49:04,320
Co-pilot sees the controller asking divisions for missing documentation.

1361
00:49:04,320 --> 00:49:09,920
Co-pilot sees the division controllers responding with explanations of why the data wasn't ready.

1362
00:49:09,920 --> 00:49:13,720
Co-pilot sees notes about which teams missed deadlines, which systems had issues,

1363
00:49:13,720 --> 00:49:15,720
which manual workarounds had to be deployed.

1364
00:49:15,720 --> 00:49:18,720
Co-pilot synthesizes this into a root cause analysis.

1365
00:49:18,720 --> 00:49:21,720
The analysis identifies specific teams that are chronically unprepared.

1366
00:49:21,720 --> 00:49:24,120
The analysis points out which systems are unreliable.

1367
00:49:24,120 --> 00:49:28,520
The analysis surfaces patterns that the controller knew about but never documented formally.

1368
00:49:28,520 --> 00:49:30,520
Now the analysis is a Co-pilot output.

1369
00:49:30,520 --> 00:49:31,520
It's shareable.

1370
00:49:31,520 --> 00:49:32,520
It's reportable.

1371
00:49:32,520 --> 00:49:35,920
It exists as formal documentation of internal problems.

1372
00:49:35,920 --> 00:49:37,920
This is exposure through intelligence.

1373
00:49:37,920 --> 00:49:38,920
Not data leakage.

1374
00:49:38,920 --> 00:49:39,920
Not a security breach.

1375
00:49:39,920 --> 00:49:40,920
Exposure.

1376
00:49:40,920 --> 00:49:47,520
Information that existed in scattered informal private contexts is now being synthesized into coherent narratives that make the implicit explicit.

1377
00:49:47,520 --> 00:49:49,520
Regulated industries are hitting pause.

1378
00:49:49,520 --> 00:49:55,520
73% of regulated organizations have paused enterprise-wide Co-pilot rollouts because they understand what's happening.

1379
00:49:55,520 --> 00:49:58,320
The risk isn't that Co-pilot is stealing data.

1380
00:49:58,320 --> 00:50:00,720
The risk is that Co-pilot is revealing data.

1381
00:50:00,720 --> 00:50:04,520
Co-pilot is surfacing information that was confidential when it was private and scattered

1382
00:50:04,520 --> 00:50:08,120
but becomes a compliance violation when it synthesized and documented.

1383
00:50:08,120 --> 00:50:12,120
The company didn't intend to create formal documentation of internal accountability problems.

1384
00:50:12,120 --> 00:50:16,120
The company didn't intend to synthesize candidate rankings into a permanent record.

1385
00:50:16,120 --> 00:50:21,120
The company didn't intend to generate formal analysis of customer skepticism and competitive threats.

1386
00:50:21,120 --> 00:50:26,520
Co-pilot did this automatically because it was designed to synthesize information and generate insights.

1387
00:50:26,520 --> 00:50:28,920
The real infrastructure contained all of this information.

1388
00:50:28,920 --> 00:50:29,720
It was an email.

1389
00:50:29,720 --> 00:50:30,520
It was in notes.

1390
00:50:30,520 --> 00:50:31,720
It was in spreadsheets.

1391
00:50:31,720 --> 00:50:34,720
It was visible to the people who needed it to do their jobs.

1392
00:50:34,720 --> 00:50:36,520
It was not visible as a complete picture.

1393
00:50:36,520 --> 00:50:37,520
It was not permanent.

1394
00:50:37,520 --> 00:50:38,520
It was not documented.

1395
00:50:38,520 --> 00:50:40,120
It was not a compliance violation.

1396
00:50:40,120 --> 00:50:41,720
Co-pilot made it all of those things.

1397
00:50:41,720 --> 00:50:43,120
This is the second collision.

1398
00:50:43,120 --> 00:50:44,120
Not permission failure.

1399
00:50:44,120 --> 00:50:45,120
Intelligence failure.

1400
00:50:45,120 --> 00:50:49,320
Co-pilot is operating on infrastructure that's too messy, too inconsistent,

1401
00:50:49,320 --> 00:50:53,120
and too sensitive for AI to process without creating exposure.

1402
00:50:53,120 --> 00:50:54,520
This is not a co-pilot problem.

1403
00:50:54,520 --> 00:50:57,120
This is an infrastructure problem that co-pilot revealed.

1404
00:50:57,120 --> 00:50:58,720
The visibility paradox.

1405
00:50:58,720 --> 00:51:01,920
Here's the uncomfortable truth that most organizations never face.

1406
00:51:01,920 --> 00:51:03,520
They don't have a visibility problem.

1407
00:51:03,520 --> 00:51:05,120
They have a misinterpretation problem.

1408
00:51:05,120 --> 00:51:06,120
The data is visible.

1409
00:51:06,120 --> 00:51:08,520
Most companies can see what's happening in their systems.

1410
00:51:08,520 --> 00:51:10,720
The company can measure external sharing.

1411
00:51:10,720 --> 00:51:14,320
The company can count how many files are shared with anyone with the link.

1412
00:51:14,320 --> 00:51:16,120
The company can track permission inheritance.

1413
00:51:16,120 --> 00:51:18,520
The company can see email volume in the CRM.

1414
00:51:18,520 --> 00:51:20,120
The company can run reports on all of it.

1415
00:51:20,120 --> 00:51:21,520
The visibility exists.

1416
00:51:21,520 --> 00:51:23,920
The problem is that the company is looking at the visibility

1417
00:51:23,920 --> 00:51:25,720
and drawing the wrong conclusions.

1418
00:51:25,720 --> 00:51:30,720
A compliance report shows that external sharing in SharePoint is higher than policy allows.

1419
00:51:30,720 --> 00:51:34,320
The organization sees this metric and assumes it means governance is working.

1420
00:51:34,320 --> 00:51:35,320
We detected a problem.

1421
00:51:35,320 --> 00:51:36,120
We're measuring it.

1422
00:51:36,120 --> 00:51:37,320
Therefore, we're managing it.

1423
00:51:37,320 --> 00:51:38,520
The report is correct.

1424
00:51:38,520 --> 00:51:41,720
External sharing is indeed higher than policy allows.

1425
00:51:41,720 --> 00:51:44,520
But the organization interprets this as a solvable problem.

1426
00:51:44,520 --> 00:51:46,520
We just need to enforce the policy harder.

1427
00:51:46,520 --> 00:51:49,520
What the organization doesn't see is that external sharing is high

1428
00:51:49,520 --> 00:51:52,520
because the designed workflow is slow and people optimized for speed.

1429
00:51:52,520 --> 00:51:53,920
Enforcement doesn't fix this.

1430
00:51:53,920 --> 00:51:56,920
It just makes people work around it in ways that are harder to see.

1431
00:51:56,920 --> 00:52:00,120
A permission review shows that groups have hundreds of members.

1432
00:52:00,120 --> 00:52:02,920
Many of those members have no active role in those groups.

1433
00:52:02,920 --> 00:52:04,120
Access has drifted.

1434
00:52:04,120 --> 00:52:06,920
The organization sees this and assumes it's a data quality problem.

1435
00:52:06,920 --> 00:52:08,520
We need to clean up the group membership.

1436
00:52:08,520 --> 00:52:10,320
We need to remove inactive members.

1437
00:52:10,320 --> 00:52:12,120
We need to keep the groups tidy.

1438
00:52:12,120 --> 00:52:14,520
The organization is correct that the groups are messy.

1439
00:52:14,520 --> 00:52:16,320
The organization misses why they're messy.

1440
00:52:16,320 --> 00:52:19,920
The groups are messy because access is granted dynamically when people need it.

1441
00:52:19,920 --> 00:52:23,720
But access is revoked only if someone explicitly remembers to remove it.

1442
00:52:23,720 --> 00:52:25,320
The mess is not a bug in the system.

1443
00:52:25,320 --> 00:52:30,320
It's the inevitable outcome of a system where granting is easy and revoking is hard.

1444
00:52:30,320 --> 00:52:34,320
A system report shows that most external sharing is actually controlled.

1445
00:52:34,320 --> 00:52:37,120
The organization looks at this and assumes the policy is working.

1446
00:52:37,120 --> 00:52:39,920
Most external sharing is through authenticated connections.

1447
00:52:39,920 --> 00:52:41,520
Not anonymous links.

1448
00:52:41,520 --> 00:52:43,920
Most external sharing has an approval process.

1449
00:52:43,920 --> 00:52:45,920
Therefore most external sharing is intentional.

1450
00:52:45,920 --> 00:52:47,920
The organization is reading the data correctly.

1451
00:52:47,920 --> 00:52:49,920
The organization is interpreting it wrong.

1452
00:52:49,920 --> 00:52:54,720
Most external sharing is controlled because the organization enforced controls on the system.

1453
00:52:54,720 --> 00:52:57,720
But the controls exist only on the system that was designed.

1454
00:52:57,720 --> 00:53:00,520
The sharing that matters, the sharing that actually happens,

1455
00:53:00,520 --> 00:53:05,520
is happening in email and in cloud storage services that weren't part of the control infrastructure.

1456
00:53:05,520 --> 00:53:07,320
The visible sharing is controlled.

1457
00:53:07,320 --> 00:53:08,520
The invisible sharing is not.

1458
00:53:08,520 --> 00:53:11,720
An adoption report shows high usage of Microsoft 365.

1459
00:53:11,720 --> 00:53:12,720
People are using teams.

1460
00:53:12,720 --> 00:53:13,720
People are using SharePoint.

1461
00:53:13,720 --> 00:53:14,720
People are using email.

1462
00:53:14,720 --> 00:53:15,720
The numbers are strong.

1463
00:53:15,720 --> 00:53:18,720
The organization sees this and assumes adoption is successful.

1464
00:53:18,720 --> 00:53:20,320
The design system is being used.

1465
00:53:20,320 --> 00:53:23,320
Therefore the design system is how work actually happens.

1466
00:53:23,320 --> 00:53:26,320
The organization misinterprets this as validation.

1467
00:53:26,320 --> 00:53:29,520
High usage of the system means the system is the actual infrastructure.

1468
00:53:29,520 --> 00:53:30,120
It doesn't.

1469
00:53:30,120 --> 00:53:34,320
High usage of the system just means the system is one of the places where work is happening.

1470
00:53:34,320 --> 00:53:35,920
It doesn't mean it's the primary place.

1471
00:53:35,920 --> 00:53:39,120
It doesn't mean work stops when the system is unavailable.

1472
00:53:39,120 --> 00:53:41,120
It just means the system is part of the picture.

1473
00:53:41,120 --> 00:53:44,120
The DLP system reports blocked attempts to share sensitive data.

1474
00:53:44,120 --> 00:53:46,520
The organization sees this as a success metric.

1475
00:53:46,520 --> 00:53:47,520
The policy is working.

1476
00:53:47,520 --> 00:53:48,720
We're preventing data loss.

1477
00:53:48,720 --> 00:53:53,320
The organization is correct that the policy is working on the messages that the policy can see.

1478
00:53:53,320 --> 00:53:56,920
The organization doesn't see the data that left the organization through channels.

1479
00:53:56,920 --> 00:53:58,720
The DLP system can't inspect.

1480
00:53:58,720 --> 00:54:02,320
Screen shot sent as an image copied into a personal cloud storage account.

1481
00:54:02,320 --> 00:54:03,920
Forwarded through a personal email.

1482
00:54:03,920 --> 00:54:07,720
Pasted into a team's message that DLP treats as internal and doesn't scan.

1483
00:54:07,720 --> 00:54:09,520
The DLP system is working.

1484
00:54:09,520 --> 00:54:10,920
The actual data is elsewhere.

1485
00:54:10,920 --> 00:54:12,520
This is the visibility paradox.

1486
00:54:12,520 --> 00:54:13,720
The company has the data.

1487
00:54:13,720 --> 00:54:15,120
The company can see the metrics.

1488
00:54:15,120 --> 00:54:16,520
The company can run the reports.

1489
00:54:16,520 --> 00:54:19,720
The company has perfect visibility into what the system is detecting.

1490
00:54:19,720 --> 00:54:22,720
The company has no visibility into what the system isn't detecting.

1491
00:54:22,720 --> 00:54:26,520
The company interprets the visible data as proof that everything is under control.

1492
00:54:26,520 --> 00:54:27,720
The company is wrong.

1493
00:54:27,720 --> 00:54:29,120
The organization isn't blind.

1494
00:54:29,120 --> 00:54:31,520
The organization is misinterpreting what it's looking at.

1495
00:54:31,520 --> 00:54:36,120
The organization is like a person reading medical test results and seeing glucose at normal levels

1496
00:54:36,120 --> 00:54:41,120
and concluding that health is fine without noticing that the test didn't include a diabetes screening.

1497
00:54:41,120 --> 00:54:42,320
The test results are visible.

1498
00:54:42,320 --> 00:54:43,320
The test gaps are not.

1499
00:54:43,320 --> 00:54:44,720
The interpretation is confident.

1500
00:54:44,720 --> 00:54:45,920
The accuracy is unknown.

1501
00:54:45,920 --> 00:54:48,720
This is the infrastructure illusion at its deepest level.

1502
00:54:48,720 --> 00:54:51,320
Not just that the real infrastructure is invisible.

1503
00:54:51,320 --> 00:54:55,320
But that the company is confident in its interpretation of what it can see.

1504
00:54:55,320 --> 00:54:57,120
Without understanding what it's not seeing,

1505
00:54:57,120 --> 00:55:01,320
the company believes it understands its infrastructure because it has metrics and reports.

1506
00:55:01,320 --> 00:55:04,320
The company has confused visibility with understanding.

1507
00:55:04,320 --> 00:55:06,320
Per view as the nervous system.

1508
00:55:06,320 --> 00:55:11,720
Now here's where the story changes direction because there is a tool that actually shows you the real infrastructure.

1509
00:55:11,720 --> 00:55:13,320
It's not a tool designed to fix anything.

1510
00:55:13,320 --> 00:55:16,320
It's designed to observe and observation is where change begins.

1511
00:55:16,320 --> 00:55:19,520
Microsoft Per view is not a governance tool in the traditional sense.

1512
00:55:19,520 --> 00:55:20,720
Governance implies control.

1513
00:55:20,720 --> 00:55:22,120
Per view doesn't control anything.

1514
00:55:22,120 --> 00:55:23,120
Per view observes.

1515
00:55:23,120 --> 00:55:26,520
Per view watches how data actually moves through the organization.

1516
00:55:26,520 --> 00:55:28,720
Per view sees what's classified and what isn't.

1517
00:55:28,720 --> 00:55:34,520
Per view reveals where sensitive information is sitting, who can access it and what paths it takes when it moves.

1518
00:55:34,520 --> 00:55:36,920
Per view is the nervous system of your organization.

1519
00:55:36,920 --> 00:55:39,920
It's the sensory apparatus that tells you what's actually happening.

1520
00:55:39,920 --> 00:55:42,720
Most organizations enable Per view and then ignore the findings.

1521
00:55:42,720 --> 00:55:46,520
They enable it because compliance requires it or because a consultant recommended it

1522
00:55:46,520 --> 00:55:48,920
or because the CTO heard about it at a conference.

1523
00:55:48,920 --> 00:55:50,320
So Per view gets turned on.

1524
00:55:50,320 --> 00:55:51,920
The system starts collecting data.

1525
00:55:51,920 --> 00:55:56,720
The dashboards light up and then the organization looks at the dashboards and doesn't like what it sees.

1526
00:55:56,720 --> 00:56:00,320
The dashboards show that most files in SharePoint are not classified.

1527
00:56:00,320 --> 00:56:03,920
The dashboards show that sensitive data is accessible to people who don't need it.

1528
00:56:03,920 --> 00:56:06,920
The dashboards show that external sharing is higher than expected.

1529
00:56:06,920 --> 00:56:10,320
The dashboards show patterns of data movement that seem risky.

1530
00:56:10,320 --> 00:56:14,320
The dashboards reveal that the real infrastructure is messier than the designed one.

1531
00:56:14,320 --> 00:56:16,320
The organization's response is predictable.

1532
00:56:16,320 --> 00:56:17,920
The findings are uncomfortable.

1533
00:56:17,920 --> 00:56:19,720
So the organization doesn't act on them.

1534
00:56:19,720 --> 00:56:21,120
The dashboards exist.

1535
00:56:21,120 --> 00:56:22,920
The organization has visibility.

1536
00:56:22,920 --> 00:56:24,720
The organization chooses not to see it.

1537
00:56:24,720 --> 00:56:25,720
This is not stupidity.

1538
00:56:25,720 --> 00:56:28,320
This is rational response to an overwhelming problem.

1539
00:56:28,320 --> 00:56:34,920
If Per view is revealing that most data is unclassified, the implication is that the organization needs to classify most data.

1540
00:56:34,920 --> 00:56:36,120
That's a massive undertaking.

1541
00:56:36,120 --> 00:56:43,520
If Per view is showing that sensitive data is overshared, the implication is that the organization needs to audit and remediate thousands of permissions.

1542
00:56:43,520 --> 00:56:44,720
That's years of work.

1543
00:56:44,720 --> 00:56:49,720
If Per view is showing that the real infrastructure is fundamentally misaligned with the designed one,

1544
00:56:49,720 --> 00:56:54,120
the implication is that the organization has a much bigger problem than anyone wants to admit.

1545
00:56:54,120 --> 00:56:56,720
So organizations look at Per view and then look away.

1546
00:56:56,720 --> 00:57:00,720
They keep the tool running because governance requires it, but they don't act on what it reveals.

1547
00:57:00,720 --> 00:57:03,320
They don't treat the findings as a mandate for change.

1548
00:57:03,320 --> 00:57:05,320
They treat them as a compliance checkbox.

1549
00:57:05,320 --> 00:57:06,720
Per view runs, Per view reports.

1550
00:57:06,720 --> 00:57:09,920
The organization acknowledges that data classification is incomplete.

1551
00:57:09,920 --> 00:57:10,920
Nothing changes.

1552
00:57:10,920 --> 00:57:12,120
But here's what's important.

1553
00:57:12,120 --> 00:57:16,720
Per view is showing you the truth, not your interpretation of the truth, not the metrics you want to see.

1554
00:57:16,720 --> 00:57:18,320
The actual state of your data.

1555
00:57:18,320 --> 00:57:21,520
Per view is saying, "This is what's classified. This is what's not.

1556
00:57:21,520 --> 00:57:25,320
This is who can see what? This is how data actually moves. Per view is not an opinion.

1557
00:57:25,320 --> 00:57:26,720
Per view is an observation.

1558
00:57:26,720 --> 00:57:29,520
The observation is uncomfortable because the observation is real.

1559
00:57:29,520 --> 00:57:32,320
And the question, "Per view forces you to answer is not,

1560
00:57:32,320 --> 00:57:34,320
do we have a data classification problem?"

1561
00:57:34,320 --> 00:57:38,720
The question is, "Are we willing to see what the real infrastructure actually looks like?"

1562
00:57:38,720 --> 00:57:41,720
Because once you see it through Per view, you can't unsee it.

1563
00:57:41,720 --> 00:57:44,920
You can't go back to believing that your infrastructure matches your diagram.

1564
00:57:44,920 --> 00:57:47,520
You can't go back to assuming that your policies are working.

1565
00:57:47,520 --> 00:57:50,320
You can't go back to thinking that governance is under control.

1566
00:57:50,320 --> 00:57:53,720
What you see through Per view is that your real infrastructure is observable.

1567
00:57:53,720 --> 00:57:55,120
It's trackable. It's knowable.

1568
00:57:55,120 --> 00:57:59,320
You can actually understand how data flows if you're willing to look at what Per view is showing you.

1569
00:57:59,320 --> 00:58:00,920
Most organizations are not willing.

1570
00:58:00,920 --> 00:58:04,920
The discomfort of seeing the real infrastructure is greater than the motivation to fix it.

1571
00:58:04,920 --> 00:58:09,320
So Per view becomes a tool that runs in the background, generating reports that nobody acts on,

1572
00:58:09,320 --> 00:58:11,720
providing visibility that nobody wants to have.

1573
00:58:11,720 --> 00:58:14,920
But there's a subset of organizations that does something different.

1574
00:58:14,920 --> 00:58:16,320
This subset looks at Per view.

1575
00:58:16,320 --> 00:58:19,720
This subset reads what Per view is saying about their real infrastructure.

1576
00:58:19,720 --> 00:58:23,320
This subset asks, "If this is what's actually happening, what does that tell us?"

1577
00:58:23,320 --> 00:58:25,520
"What does it mean that our data is unclassified?"

1578
00:58:25,520 --> 00:58:28,320
"What does it mean that sensitive information is overshared?"

1579
00:58:28,320 --> 00:58:32,120
"What does it mean that the actual flow of data doesn't match the design flow?"

1580
00:58:32,120 --> 00:58:35,120
This subset doesn't use Per view to feel better about governance.

1581
00:58:35,120 --> 00:58:38,920
This subset uses Per view as a starting point for understanding reality.

1582
00:58:38,920 --> 00:58:41,320
And understanding reality is where change begins.

1583
00:58:41,320 --> 00:58:43,120
Not from policies imposed from above.

1584
00:58:43,120 --> 00:58:45,320
Not from frameworks adopted because they sound good.

1585
00:58:45,320 --> 00:58:47,920
Change begins from seeing the actual infrastructure

1586
00:58:47,920 --> 00:58:51,120
and deciding deliberately what to do about it.

1587
00:58:51,120 --> 00:58:53,720
The four signals of real infrastructure.

1588
00:58:53,720 --> 00:58:56,320
So what does the real infrastructure actually look like?

1589
00:58:56,320 --> 00:59:00,720
Not the theory. The observable reality Per view is showing it to you if you're willing to see it.

1590
00:59:00,720 --> 00:59:03,720
And if you watch what Per view reveals you start to recognize a pattern.

1591
00:59:03,720 --> 00:59:04,920
There are four signals.

1592
00:59:04,920 --> 00:59:07,720
Four ways the real infrastructure tells you it exists.

1593
00:59:07,720 --> 00:59:10,720
Once you know what to look for, you can't miss them.

1594
00:59:10,720 --> 00:59:13,720
Signal one, sharing and access reality.

1595
00:59:13,720 --> 00:59:15,520
Control is assumed not enforced.

1596
00:59:15,520 --> 00:59:18,320
SharePoint external sharing is higher than policy allows.

1597
00:59:18,320 --> 00:59:20,720
The policy says external sharing requires approval.

1598
00:59:20,720 --> 00:59:24,120
The reality is that files are being shared with anyone with the link constantly.

1599
00:59:24,120 --> 00:59:28,720
Not because people are malicious, because anyone with the link works faster than waiting for approval.

1600
00:59:28,720 --> 00:59:32,320
The approval process takes hours, sending a link takes seconds.

1601
00:59:32,320 --> 00:59:33,920
Under deadline pressure the link wins.

1602
00:59:33,920 --> 00:59:35,320
This creates a second problem.

1603
00:59:35,320 --> 00:59:37,120
People don't trust shared repositories.

1604
00:59:37,120 --> 00:59:40,320
If they did, they'd share through SharePoint and let the approval process handle it.

1605
00:59:40,320 --> 00:59:41,320
But they don't trust it.

1606
00:59:41,320 --> 00:59:42,520
So they share through email.

1607
00:59:42,520 --> 00:59:45,920
They copy files to personal cloud storage and share the link from there.

1608
00:59:45,920 --> 00:59:47,120
They maintain local copies.

1609
00:59:47,120 --> 00:59:48,320
The application becomes rampant.

1610
00:59:48,320 --> 00:59:51,320
The same file exists in five places with different versions.

1611
00:59:51,320 --> 00:59:52,920
The company has control mechanisms.

1612
00:59:52,920 --> 00:59:54,920
The mechanisms are slower than the workaround.

1613
00:59:54,920 --> 00:59:57,320
So the workaround compound, the signal is simple.

1614
00:59:57,320 --> 01:00:00,720
If external sharing in your tenant is higher than your policy allows,

1615
01:00:00,720 --> 01:00:02,720
you don't have a policy enforcement problem.

1616
01:00:02,720 --> 01:00:04,120
You have a process design problem.

1617
01:00:04,120 --> 01:00:05,120
The policy is correct.

1618
01:00:05,120 --> 01:00:06,320
The process is too slow.

1619
01:00:06,320 --> 01:00:11,920
The real infrastructure roots around the process because the process doesn't match the speed the business requires.

1620
01:00:11,920 --> 01:00:14,720
Signal 2. Identity and access drift.

1621
01:00:14,720 --> 01:00:16,320
Access reflects history.

1622
01:00:16,320 --> 01:00:17,320
Not intent.

1623
01:00:17,320 --> 01:00:18,520
Run and access review.

1624
01:00:18,520 --> 01:00:19,320
Watch what happens.

1625
01:00:19,320 --> 01:00:22,120
Managers receive lists of people with access to their systems.

1626
01:00:22,120 --> 01:00:23,720
They don't recognize half the names.

1627
01:00:23,720 --> 01:00:25,520
They don't have time to verify each one.

1628
01:00:25,520 --> 01:00:27,120
They approve the list without changing it.

1629
01:00:27,120 --> 01:00:34,120
Access reviews are rubber stamped because the alternative actually verifying each permission is hours of work that nobody has time for.

1630
01:00:34,120 --> 01:00:35,520
Group membership never shrinks.

1631
01:00:35,520 --> 01:00:36,320
People are added.

1632
01:00:36,320 --> 01:00:37,520
People are never removed.

1633
01:00:37,520 --> 01:00:41,120
Stay-al-accounts still have access months after the person left the company.

1634
01:00:41,120 --> 01:00:42,520
Distribution lists grow.

1635
01:00:42,520 --> 01:00:44,520
Security groups accumulate members.

1636
01:00:44,520 --> 01:00:46,920
EntraID group membership becomes a historical record.

1637
01:00:46,920 --> 01:00:50,120
It reflects who used to be important, who used to work on what,

1638
01:00:50,120 --> 01:00:52,720
who was added to what distribution list years ago.

1639
01:00:52,720 --> 01:00:53,520
The signal is this.

1640
01:00:53,520 --> 01:00:55,520
If your access reviews are being completed quickly,

1641
01:00:55,520 --> 01:00:57,520
your access structure is not being maintained.

1642
01:00:57,520 --> 01:00:58,720
It's being ignored.

1643
01:00:58,720 --> 01:01:01,320
And ignored access becomes a historical artifact.

1644
01:01:01,320 --> 01:01:04,520
The access structure no longer reflects your organizational intent.

1645
01:01:04,520 --> 01:01:06,320
It reflects organizational history.

1646
01:01:06,320 --> 01:01:08,920
Signal 3. DLP and policy friction.

1647
01:01:08,920 --> 01:01:11,320
Processes don't match how work gets done.

1648
01:01:11,320 --> 01:01:13,920
Policy violations spike at specific times.

1649
01:01:13,920 --> 01:01:16,520
Not randomly distributed, not proportional to volume.

1650
01:01:16,520 --> 01:01:18,120
They spike when pressure spikes.

1651
01:01:18,120 --> 01:01:19,120
Quarter end.

1652
01:01:19,120 --> 01:01:20,320
Deadline periods.

1653
01:01:20,320 --> 01:01:21,520
High-stakes deals.

1654
01:01:21,520 --> 01:01:24,320
When the organization is under pressure to move fast,

1655
01:01:24,320 --> 01:01:25,720
policy violations increase.

1656
01:01:25,720 --> 01:01:26,120
Why?

1657
01:01:26,120 --> 01:01:30,720
Because the process that satisfies the policy is slower than the process that violates it.

1658
01:01:30,720 --> 01:01:32,920
If people violated policy out of negligence,

1659
01:01:32,920 --> 01:01:34,320
violations would be random.

1660
01:01:34,320 --> 01:01:36,520
If people violated policy out of intention,

1661
01:01:36,520 --> 01:01:37,920
violations would be consistent.

1662
01:01:37,920 --> 01:01:40,320
But violations cluster during deadline periods.

1663
01:01:40,320 --> 01:01:41,320
That's the signal.

1664
01:01:41,320 --> 01:01:45,120
That's evidence that people are choosing between policy compliance and business results.

1665
01:01:45,120 --> 01:01:46,520
They're choosing business results.

1666
01:01:46,520 --> 01:01:47,720
The workaround is faster.

1667
01:01:47,720 --> 01:01:48,720
The workaround works.

1668
01:01:48,720 --> 01:01:50,320
The policy gets violated.

1669
01:01:50,320 --> 01:01:52,120
Signal 4. Classification gaps.

1670
01:01:52,120 --> 01:01:53,920
The company doesn't know what matters.

1671
01:01:53,920 --> 01:01:55,520
Run a classification report.

1672
01:01:55,520 --> 01:01:56,920
Most files are unclassified.

1673
01:01:56,920 --> 01:01:59,920
The files that are classified are often overclassified.

1674
01:01:59,920 --> 01:02:03,320
Sensitive data sits next to general data with no distinction between them.

1675
01:02:03,320 --> 01:02:05,520
The company has not deliberately created a system

1676
01:02:05,520 --> 01:02:08,320
where sensitive and general information are treated the same.

1677
01:02:08,320 --> 01:02:11,720
The company has created a system where classification is optional,

1678
01:02:11,720 --> 01:02:13,320
time-consuming and low priority.

1679
01:02:13,320 --> 01:02:15,520
So most files flow through unclassified.

1680
01:02:15,520 --> 01:02:16,520
The signal is this.

1681
01:02:16,520 --> 01:02:18,920
If your classified data percentage is low,

1682
01:02:18,920 --> 01:02:20,720
you don't know what your company knows.

1683
01:02:20,720 --> 01:02:22,720
You don't know where sensitive information lives.

1684
01:02:22,720 --> 01:02:24,320
You don't know what data actually matters.

1685
01:02:24,320 --> 01:02:25,720
The company thinks it knows.

1686
01:02:25,720 --> 01:02:27,320
The company has a data governance policy.

1687
01:02:27,320 --> 01:02:29,120
The company assumes data is classified.

1688
01:02:29,120 --> 01:02:30,920
In reality, most data is unclassified

1689
01:02:30,920 --> 01:02:34,720
because classification was treated as a secondary task when work was under pressure.

1690
01:02:34,720 --> 01:02:36,920
These four signals are observable.

1691
01:02:36,920 --> 01:02:38,120
They're not opinions.

1692
01:02:38,120 --> 01:02:39,320
They're not interpretations.

1693
01:02:39,320 --> 01:02:41,120
They're patterns that perv you can show you

1694
01:02:41,120 --> 01:02:45,120
that your audit logs can reveal that your actual behavior demonstrates.

1695
01:02:45,120 --> 01:02:47,320
Once you see these signals, you understand.

1696
01:02:47,320 --> 01:02:50,920
You have a real infrastructure that's different from your designed one

1697
01:02:50,920 --> 01:02:54,120
and that real infrastructure is running your business.

1698
01:02:54,120 --> 01:02:55,320
Mapping reality.

1699
01:02:55,320 --> 01:02:56,720
The three dimensions.

1700
01:02:56,720 --> 01:02:58,920
The four signals tell you something is wrong.

1701
01:02:58,920 --> 01:03:00,920
They tell you the real infrastructure exists.

1702
01:03:00,920 --> 01:03:02,120
But signals are not maps.

1703
01:03:02,120 --> 01:03:03,520
Signals point at a problem.

1704
01:03:03,520 --> 01:03:05,720
Maps show you what the problem actually is.

1705
01:03:05,720 --> 01:03:09,920
And mapping the real infrastructure requires observing three dimensions simultaneously.

1706
01:03:09,920 --> 01:03:11,520
Most organizations observe one.

1707
01:03:11,520 --> 01:03:13,120
That's why they keep missing the story.

1708
01:03:13,120 --> 01:03:14,920
Dimension one is where work happens.

1709
01:03:14,920 --> 01:03:15,920
Not theoretically.

1710
01:03:15,920 --> 01:03:18,920
Actually, its teams and SharePoint and email and one drive.

1711
01:03:18,920 --> 01:03:21,320
But it's also the local files that live on laptops.

1712
01:03:21,320 --> 01:03:23,720
It's the personal cloud storage accounts people use.

1713
01:03:23,720 --> 01:03:26,720
It's the tools outside the M365 ecosystem,

1714
01:03:26,720 --> 01:03:30,320
the Google docs, the notion databases, the Slack channels, the Figma files.

1715
01:03:30,320 --> 01:03:32,520
It's where people actually spend their time doing work.

1716
01:03:32,520 --> 01:03:36,120
This is the easiest dimension to see because it's the one most visible to the system.

1717
01:03:36,120 --> 01:03:39,120
You can count teams, channels, you can measure email volume.

1718
01:03:39,120 --> 01:03:41,320
You can see how many files are in SharePoint.

1719
01:03:41,320 --> 01:03:43,720
Most organizations map only this dimension.

1720
01:03:43,720 --> 01:03:45,520
They see that people are using the tools.

1721
01:03:45,520 --> 01:03:46,920
They conclude that the tools are working.

1722
01:03:46,920 --> 01:03:49,320
They missed that people are using other tools too.

1723
01:03:49,320 --> 01:03:51,920
Local files, personal storage, workarounds.

1724
01:03:51,920 --> 01:03:54,320
The real work happens across multiple dimensions.

1725
01:03:54,320 --> 01:03:56,320
The organization sees only the official tools.

1726
01:03:56,320 --> 01:03:58,120
Dimension tool is how data moves.

1727
01:03:58,120 --> 01:04:00,520
Not how it's supposed to move, how it actually moves.

1728
01:04:00,520 --> 01:04:01,720
It's the sharing patterns.

1729
01:04:01,720 --> 01:04:05,520
It's the way files get duplicated when people don't trust a shared repository.

1730
01:04:05,520 --> 01:04:08,720
It's the way data transforms as it moves between systems.

1731
01:04:08,720 --> 01:04:11,920
A proposal starts in the CRM, the rep copies it into Word to edit it.

1732
01:04:11,920 --> 01:04:14,920
The rep emails the Word document, the customer responds with feedback.

1733
01:04:14,920 --> 01:04:16,720
The feedback is pasted back into the CRM.

1734
01:04:16,720 --> 01:04:21,320
The data has moved from CRM to Word to email to the customers email to the CRM again.

1735
01:04:21,320 --> 01:04:22,720
It's been transformed each time.

1736
01:04:22,720 --> 01:04:24,320
It exists in multiple versions.

1737
01:04:24,320 --> 01:04:26,120
Nobody knows which version is current.

1738
01:04:26,120 --> 01:04:28,320
The data has taken a path that nobody designed.

1739
01:04:28,320 --> 01:04:29,520
It's the actual path.

1740
01:04:29,520 --> 01:04:34,120
Most organizations don't see dimension two because dimension two requires looking at behavior, not systems.

1741
01:04:34,120 --> 01:04:37,120
You can't see data movement by counting emails or files.

1742
01:04:37,120 --> 01:04:40,720
You have to trace what actually happens when a person does work.

1743
01:04:40,720 --> 01:04:42,120
You have to follow the file.

1744
01:04:42,120 --> 01:04:43,520
You have to understand the transformation.

1745
01:04:43,520 --> 01:04:47,320
Organizations that only map dimension one see that email is being used.

1746
01:04:47,320 --> 01:04:48,920
They don't see why it's being used.

1747
01:04:48,920 --> 01:04:50,320
They don't see the workaround.

1748
01:04:50,320 --> 01:04:51,720
They don't see the data path.

1749
01:04:51,720 --> 01:04:53,320
Dimension three is how people behave.

1750
01:04:53,320 --> 01:04:56,120
Not what they're supposed to do, what they actually do under pressure.

1751
01:04:56,120 --> 01:04:58,120
Under deadline, under uncertainty.

1752
01:04:58,120 --> 01:04:59,720
It's the shortcuts they take.

1753
01:04:59,720 --> 01:05:01,320
It's the trust decisions they make.

1754
01:05:01,320 --> 01:05:04,320
It's the reason a sales rep uses email instead of the CRM.

1755
01:05:04,320 --> 01:05:08,320
It's the reason a hiring manager maintains a spreadsheet instead of using the HR is.

1756
01:05:08,320 --> 01:05:12,320
It's the reason a finance controller reconciles in Excel instead of trusting the GL.

1757
01:05:12,320 --> 01:05:13,720
These aren't random choices.

1758
01:05:13,720 --> 01:05:15,920
These are intentional adaptations to pressure.

1759
01:05:15,920 --> 01:05:18,520
People are optimizing for what matters to them in the moment.

1760
01:05:18,520 --> 01:05:20,120
Speed control accuracy trust.

1761
01:05:20,120 --> 01:05:22,120
These decisions compound into behaviors.

1762
01:05:22,120 --> 01:05:23,720
Behaviors become standard.

1763
01:05:23,720 --> 01:05:26,320
Standard practices become the real infrastructure.

1764
01:05:26,320 --> 01:05:30,520
Most organizations don't see dimension three because it requires understanding motivation.

1765
01:05:30,520 --> 01:05:33,320
You can't see behavior by reading a policy document.

1766
01:05:33,320 --> 01:05:34,720
You have to watch what people do.

1767
01:05:34,720 --> 01:05:36,320
You have to understand why they do it.

1768
01:05:36,320 --> 01:05:39,320
You have to recognize that the choices people make are rational,

1769
01:05:39,320 --> 01:05:41,120
given the constraints they face.

1770
01:05:41,120 --> 01:05:44,520
Organizations that only map dimension one see that people are doing work.

1771
01:05:44,520 --> 01:05:46,920
They don't understand why people are doing it the way they do.

1772
01:05:46,920 --> 01:05:50,520
Mapping reality means observing all three dimensions simultaneously.

1773
01:05:50,520 --> 01:05:51,520
Where is the work happening?

1774
01:05:51,520 --> 01:05:53,920
How is data actually moving between these places?

1775
01:05:53,920 --> 01:05:56,120
Why are people choosing the paths they're choosing?

1776
01:05:56,120 --> 01:05:57,320
These questions are connected.

1777
01:05:57,320 --> 01:05:59,520
The answer to one informs the answer to the next.

1778
01:05:59,520 --> 01:06:03,720
The sales rep uses email because email is where the work is happening for that task.

1779
01:06:03,720 --> 01:06:07,720
Data moves through email because people don't trust the system it's supposed to move through.

1780
01:06:07,720 --> 01:06:12,720
People don't trust the system because the system is slow and the reps job requires speed.

1781
01:06:12,720 --> 01:06:14,920
Most organizations map only dimension one.

1782
01:06:14,920 --> 01:06:16,520
They count users in teams.

1783
01:06:16,520 --> 01:06:17,920
They measure email volume.

1784
01:06:17,920 --> 01:06:19,320
They see SharePoint adoption.

1785
01:06:19,320 --> 01:06:21,320
They conclude that the infrastructure is working.

1786
01:06:21,320 --> 01:06:22,720
They miss dimensions two and three.

1787
01:06:22,720 --> 01:06:24,320
They miss the actual paths data takes.

1788
01:06:24,320 --> 01:06:26,920
They miss why people are making the choices they make.

1789
01:06:26,920 --> 01:06:28,920
They miss the real infrastructure entirely.

1790
01:06:28,920 --> 01:06:30,120
They see the official tools.

1791
01:06:30,120 --> 01:06:31,520
They don't see the actual work.

1792
01:06:31,520 --> 01:06:34,520
This is where the understanding begins from systems to flows.

1793
01:06:34,520 --> 01:06:37,920
Most organizations think about infrastructure in terms of systems.

1794
01:06:37,920 --> 01:06:39,920
The CRM is a system teams is a system.

1795
01:06:39,920 --> 01:06:44,920
SharePoint is a system email is a system finance has a system HR has a system each system has an owner.

1796
01:06:44,920 --> 01:06:47,320
The CRM owner ensures the CRM is working.

1797
01:06:47,320 --> 01:06:52,720
The team's owner ensures teams is running the SharePoint owner maintains SharePoint each system has a purpose.

1798
01:06:52,720 --> 01:06:53,720
Clear boundaries.

1799
01:06:53,720 --> 01:06:55,520
Define data structures.

1800
01:06:55,520 --> 01:06:57,120
Intended workflows.

1801
01:06:57,120 --> 01:07:02,120
The organization is understood as a collection of systems each distinct each owned each purposeful.

1802
01:07:02,120 --> 01:07:05,520
This is a comfortable way to think it's how organizational structures are built.

1803
01:07:05,520 --> 01:07:06,920
It's how budgets are allocated.

1804
01:07:06,920 --> 01:07:13,320
It's how technology decisions are made by a system assign an owner to find the workflow measure adoption report on metrics.

1805
01:07:13,320 --> 01:07:17,320
This model works until you actually try to do work that crosses system boundaries.

1806
01:07:17,320 --> 01:07:20,320
Because work doesn't respect system boundaries work is a flow.

1807
01:07:20,320 --> 01:07:23,120
A flow is how something actually moves through the organization.

1808
01:07:23,120 --> 01:07:26,720
Not how it's supposed to move how it actually moves a sales opportunity is a flow.

1809
01:07:26,720 --> 01:07:34,520
It starts as a lead the lead comes from somewhere a website form a phone call and email inquiry the lead goes into the CRM if someone remembers to put it there

1810
01:07:34,520 --> 01:07:38,320
Sometimes it doesn't sometimes it stays in emails sometimes it gets copied into a spreadsheet.

1811
01:07:38,320 --> 01:07:41,120
The flow is not led CRM the flow is messier.

1812
01:07:41,120 --> 01:07:50,920
It's lead somewhere CRM maybe email definitely teams possibly local file probably CRM again if we're lucky a hiring process is a flow a job opening exists.

1813
01:07:50,920 --> 01:08:00,520
The opening is posted candidates apply applications come through email through the applicant tracking system through LinkedIn messages through referral sent to hiring managers directly.

1814
01:08:00,520 --> 01:08:08,120
The applications are scattered across channels they're consolidated into a spreadsheet because the spreadsheet is easier to work with than checking five different systems.

1815
01:08:08,120 --> 01:08:15,320
The spreadsheet becomes the system of record candidates move through the spreadsheet the spreadsheet is forwarded to interviewers interviewers add notes in email.

1816
01:08:15,320 --> 01:08:35,320
Those notes may or may not make it back to the spreadsheet some candidates are tracked in the ATS some are tracked in the spreadsheet some exist only in hiring manager email threads the flow is not linear the flow is adaptive it's where work actually happens a month and closes a flow transactions are supposed to flow into the GL from the GL they flow to the balance sheet from the balance sheet they flow to financial statements.

1817
01:08:35,320 --> 01:08:44,520
But between GL and statements lives a spreadsheet the spreadsheet is where transactions are reconciled adjusted corrected and validated the design system is GL statements.

1818
01:08:44,520 --> 01:08:59,720
The actual flow is GL spreadsheet judgment statements flows are the actual infrastructure not systems flows and flows have characteristics that systems don't have flows cross system boundaries a single flow touches CRM email teams share point and local files.

1819
01:08:59,720 --> 01:09:14,320
The flow doesn't care that these are separate systems the flow needs what it needs from each system the organization built the systems assuming they'd be used independently the organization uses them as a connected flow flows include workarounds workarounds are not failures workarounds are adaptable.

1820
01:09:14,320 --> 01:09:44,120
Adaptations a flow includes not just the official system path but the email path the spreadsheet path the communication path that bypasses the system because the system is slow or doesn't do what the flow needs the work around becomes part of the flow it becomes permanent it becomes standard flows include informal channels hiring manager talks to appear about an open position the peer refers a candidate the candidate is hired that referral channel is invisible to the ATS it's part of the flow anyway it's how hiring actually happens the organization has an applicant tracking system the organization also has a

1821
01:09:44,120 --> 01:09:58,320
referral flow that bypasses it entirely both flows are real flows are resilient if one path is blocked the flow finds another the organization blocks external sharing and share point the flow moves to email the organization restricts email attachments the flow moves to personal

1822
01:09:58,320 --> 01:10:12,240
cloud storage the organization disables personal cloud storage the flow find something else flows adapt systems break this is the conceptual shift infrastructure is not a collection of systems with owners and boundaries infrastructure is a collection of flows with

1823
01:10:12,240 --> 01:10:27,680
purposes and adaptations once you stop thinking about systems and start thinking about flows you see the real infrastructure you see where data actually moves you see where people actually work you see the organization as it actually operates and once you see flows you can map them

1824
01:10:27,680 --> 01:10:41,160
the honest audit three workflows here's where theory becomes practice here's how you actually find the real infrastructure you don't need a consultant you don't need a framework you need to pick a work flow any workflow that matters to your business follow it document what you find

1825
01:10:41,160 --> 01:11:05,560
repeat with two more workflows the pattern will emerge this is not a technical exercise this is a business discovery you're not auditing systems your observing behavior you're not checking compliance your understanding how work actually happens pick the first workflow sales closing a deal not theoretically pick an actual deal that closed in the last month find the person who closed it asked them to walk you through what happened not the design process what actually happened

1826
01:11:05,560 --> 01:11:22,560
the rep says the deal started as an email inquiry from a prospect the prospect was referred by an existing customer the email was forwarded to the rep the rep added the prospect to the CRM then the rep opened a folder on their laptop called active deals and created a subfolder for this prospect the rep started a team's channel with the prospect's name

1827
01:11:22,560 --> 01:11:30,560
the rep collected the prospect's questions in a word document the rep drafted a proposal in word based on a template the rep modified three years ago

1828
01:11:30,560 --> 01:11:47,560
sent the proposal through email not through the CRM because email is faster and the prospect can see it immediately now document each tool the deal touched email for initial contact CRM for tracking local folder on the laptop for organizing teams for internal discussion word for the proposal email for delivery the prospect responded with questions

1829
01:11:47,560 --> 01:11:59,560
the response came through email not through the CRM the rep copied the questions into the word document the rep marked them up the rep center revised proposal now document every work around the prospect's requirements didn't fit the standard proposal template

1830
01:11:59,560 --> 01:12:20,560
so the rep customized it manually the prospect asked for a legal review which is supposed to go through procurement but that process takes two weeks and the prospect needed the answer in three days the rep forwarded the proposal to legal via email asking for an expedited review legal responded with a marked up version the rep incorporated the changes manually back into word the pricing was supposed to come from the pricing system

1831
01:12:20,560 --> 01:12:44,560
but the system didn't have a configuration that matched this customer's needs so the rep called the pricing team they discussed it over the phone the rep manually entered the pricing into the proposal the deal was supposed to go through a sales review to ensure margin and risk but the deal was moving fast and the review would slow it down so the rep disclosed it in an email to the manager with a summary of the key terms and the manager approved it informally

1832
01:12:44,560 --> 01:13:13,560
the rep was supposed to enter all customer communications into the CRM the rep didn't the communications stayed in email the rep was supposed to use the standard proposal template the rep used the modified version the rep was supposed to route the legal review through procurement the rep didn't the legal review happened informally through email the pricing was supposed to come from the pricing system it came from a phone call the deal was supposed to be reviewed formally it was approved via email now follow the deal to close the prospect approved the deal the rep center contract the contract was going to be approved

1833
01:13:13,560 --> 01:13:42,560
the contract went back and forth via email the final contract was signed the rep forwarded it to the contract team the rep also copied it into the CRM now the deal is marked closed what happened a deal moved through the organization the design process says lead CRM proposal from system legal review through procurement pricing from system sales review contract close the actual process was messier it touched more tools it included work around a deviated from policy at multiple points but the deal closed the customer got what they did

1834
01:13:42,560 --> 01:14:09,560
the customer got what they needed the organization got the revenue now pick the second workflow HR hiring follow a hire from job opening to offer acceptance document the tools document the work around document the policy deviations you'll see a similar pattern official process meets the real process the real process wins pick the third workflow finance month and close follow a transaction from initial recording to final statement document everything you'll see the same thing again official process real process spreadsheet judgment close

1835
01:14:09,560 --> 01:14:39,520
now look at the three workflows look at the patterns in each one the official process exists but doesn't determine the outcome the real process delivers the outcome the real process is faster the real process is more flexible the real process is more responsive to the actual constraints of the business the real process is the infrastructure that matters once you see this pattern you can't unsee it this is the real infrastructure this is not a problem to fix this is a reality to understand the strategic reframe here is the reframe that changes everything your biggest infrastructure risk is not what you don't

1836
01:14:39,520 --> 01:15:09,480
control it's what you think you control but don't this is not semantics this is the difference between actionable understanding and false confidence organizations obsess over what they can't see they install tools to detect shadow it they implement dlp to block data ex filtration they enforce MFA to prevent unauthorized access they build controls around the unknown all of this assumes the unknown is the primary threat the unknown is not the known threat is the gap between what you believe is happening and what's actually happening the threat is not what you haven't measured the threat.

1837
01:15:09,480 --> 01:15:14,060
Threat is what you've misinterpreted, look at what we've mapped. Sales doesn't follow the designed process,

1838
01:15:14,060 --> 01:15:20,860
not because the designed process is unknown. The rep knows the designed process. The rep chooses not to follow it because speed wins over compliance.

1839
01:15:20,860 --> 01:15:27,240
Hiring doesn't follow the designed process. Not because it's hidden. The manager knows the designed process and chooses this spreadsheet instead.

1840
01:15:27,240 --> 01:15:33,940
Finance doesn't trust the designed process, not because they haven't been trained on it. The controller knows the GL and chooses the spreadsheet anyway.

1841
01:15:33,940 --> 01:15:41,400
In each case, the organization understands the designed process. The organization doesn't follow it. The organization sees this and draws the wrong conclusion.

1842
01:15:41,400 --> 01:15:48,440
The organization says we have a compliance problem. We need stronger controls. We need to enforce the process. We need to make people follow the design system.

1843
01:15:48,440 --> 01:15:52,780
This is the wrong diagnosis. The problem is not that people don't know the designed process.

1844
01:15:52,780 --> 01:15:59,820
The problem is that the designed process doesn't match how work actually happens. Enforcement doesn't fix this. Enforcement makes people hide the work around.

1845
01:15:59,820 --> 01:16:06,920
Enforcement doesn't change the underlying reality that the designed process is slower, less flexible or less responsive than the actual process.

1846
01:16:06,920 --> 01:16:10,320
Here's the reframe. You don't have a control problem. You have a design problem.

1847
01:16:10,320 --> 01:16:15,660
The process was designed for ideal conditions. The business operates under pressure. Under pressure, the design fails.

1848
01:16:15,660 --> 01:16:21,000
The solution is not to enforce the design more strictly. The solution is to redesign the process to work under pressure.

1849
01:16:21,000 --> 01:16:30,000
But redesigning requires admitting that the design process is not how work actually happens. Admitting this is uncomfortable. Leadership built the design process.

1850
01:16:30,000 --> 01:16:38,700
Leadership approved the design process. Leadership is confident in the design process. Admitting the design process doesn't work is admitting that leadership's design was incomplete.

1851
01:16:38,700 --> 01:16:43,200
So organizations don't admit it. Instead, organizations treat the gap as a compliance problem.

1852
01:16:43,200 --> 01:16:52,800
Organizations install more controls. Organizations push harder on enforcement. Organizations assume that if they just make the design process mandatory, the design process will work. It won't.

1853
01:16:52,800 --> 01:17:00,800
Pressure will override the mandate. The workaround will persist. The real infrastructure will continue operating invisible to the leadership that thinks it's controlling it.

1854
01:17:00,800 --> 01:17:11,100
Now apply this to AI. Organizations deploy co-pilot. They expect co-pilot to work on the designed infrastructure. They expect the designed process to be the foundation that co-pilot operates on.

1855
01:17:11,100 --> 01:17:17,200
This assumption is wrong. Co-pilot doesn't operate on the designed infrastructure. Co-pilot operates on the real infrastructure.

1856
01:17:17,200 --> 01:17:22,400
The real infrastructure is messier, less classified, more overshared, more chaotic than the designed one.

1857
01:17:22,400 --> 01:17:31,200
Organizations see co-pilot surfacing unclassified data and say, "We have a co-pilot problem. We need to restrict co-pilot. We need to prevent co-pilot from accessing sensitive information.

1858
01:17:31,200 --> 01:17:35,200
We need to prevent the exposure that co-pilot is revealing. This is the wrong diagnosis."

1859
01:17:35,200 --> 01:17:42,100
You don't have a co-pilot problem. You have an infrastructure problem. Co-pilot is just the first system intelligent enough to expose it comprehensively.

1860
01:17:42,100 --> 01:17:47,800
The reframe is this. Your infrastructure is not what you designed. Your infrastructure is what your business actually uses.

1861
01:17:47,800 --> 01:17:56,600
Your policies were written for the designed infrastructure. Your policies don't work on the real infrastructure. Your controls are enforced on systems that are not where work actually happens.

1862
01:17:56,600 --> 01:18:02,400
The solution is not better tools. The solution is an honest map. An honest map starts with observing the real infrastructure.

1863
01:18:02,400 --> 01:18:10,100
An honest map acknowledges the gap between designed and actual. An honest map makes explicit the work-arounds, the work-arounds, the pressures that drive them.

1864
01:18:10,100 --> 01:18:18,900
Once you have an honest map, you can make strategic choices. You can say, "This gap exists because the designed process is slower than the business requires. We'll redesign the process."

1865
01:18:18,900 --> 01:18:23,300
Or you can say, "This gap is acceptable. This is the trade-off we make for speed. We'll accept the risk."

1866
01:18:23,300 --> 01:18:27,800
Or you can say, "This gap is unacceptable and we'll invest in eliminating it. Any of these choices is valid."

1867
01:18:27,800 --> 01:18:33,500
None of them are possible without acknowledging the gap exists. That acknowledgment is the reframe.

1868
01:18:33,500 --> 01:18:36,600
The question before the fix. Here's what happens next.

1869
01:18:36,600 --> 01:18:43,200
The organization has done the honest audit. The organization has followed three workflows. The organization has seen the gap between designed and real.

1870
01:18:43,200 --> 01:18:50,200
The organization has acknowledged that the infrastructure is messier than the diagram. The organization has accepted that this is the reality.

1871
01:18:50,200 --> 01:18:56,100
Now comes the moment when the organization wants to fix it. The organization wants to act. The organization wants to implement controls.

1872
01:18:56,100 --> 01:19:03,300
The organization wants to deploy governance. The organization wants to move forward. This impulse is natural. You've identified a problem. The next step is to solve it.

1873
01:19:03,300 --> 01:19:08,800
But before you solve it, you need to answer a question. This question is not about tools. This question is about foundation.

1874
01:19:08,800 --> 01:19:15,300
This question determines whether any fix will work. The question is simple. Before you automate your business, you need to know how it actually works.

1875
01:19:15,300 --> 01:19:18,500
This sounds obvious. Of course, you know how your business works. You run it every day.

1876
01:19:18,500 --> 01:19:23,400
Your people executed. Your processes are documented. Your systems are deployed. You know how your business works.

1877
01:19:23,400 --> 01:19:28,900
You don't. Not really. You know how your business is supposed to work. You know the designed process. You know the official workflows.

1878
01:19:28,900 --> 01:19:35,100
You know what the org chart says. You don't know how your business actually works. You know this now because you followed the workflows. You saw the gap.

1879
01:19:35,100 --> 01:19:41,200
But you haven't answered the second half of the question. You haven't asked why. Why does the sales rep use email instead of the CRM?

1880
01:19:41,200 --> 01:19:47,100
It's faster. Why is it faster? The CRM requires more data entry. Why? The CRM was designed for a different sales process.

1881
01:19:47,100 --> 01:19:52,500
Why hasn't it been redesigned? Because nobody asked. Because the gap between designed and actual was invisible.

1882
01:19:52,500 --> 01:19:58,900
Because the organization assumed the CRM was working because people were using it. Why does the hiring manager use a spreadsheet instead of the atris?

1883
01:19:58,900 --> 01:20:04,400
The spreadsheet is easier to manage. Why? The HRS doesn't integrate with the email where most candidate communication happens.

1884
01:20:04,400 --> 01:20:08,500
Why hasn't it been integrated? Because the HRIS team and the email team don't talk.

1885
01:20:08,500 --> 01:20:13,300
Because the workflows cross system boundaries that the organization built and then didn't bridge.

1886
01:20:13,300 --> 01:20:17,100
Because the gap between designed and actual was so normal that nobody noticed it.

1887
01:20:17,100 --> 01:20:25,000
Why does the finance controller use a spreadsheet instead of the GL? Because the controller doesn't trust the GL data. Why? Because the GL has failed before.

1888
01:20:25,000 --> 01:20:32,200
Because the controller has seen the GL mistransactions. Because the controller has discovered errors in the GL by reconciling it against source documents.

1889
01:20:32,200 --> 01:20:38,200
Because the controller's job is to ensure the books are accurate and the GL is not the system that gives the controller confidence.

1890
01:20:38,200 --> 01:20:42,800
Understanding how your business actually works means understanding not just the gap but the reason for the gap.

1891
01:20:42,800 --> 01:20:48,600
It means asking why people make the choices they make. It means recognizing that the choices are not random or negligent.

1892
01:20:48,600 --> 01:20:53,700
The choices are rational responses to constraints. Before you secure it, you need to understand what you're securing.

1893
01:20:53,700 --> 01:20:59,200
Per view can tell you that data is unclassified. Per view can show you that sensitive information is overshared.

1894
01:20:59,200 --> 01:21:04,500
But per view can't tell you why. Why is data unclassified? Is it because people don't understand the classification scheme?

1895
01:21:04,500 --> 01:21:09,600
Is it because classification is two-time consuming? Is it because nobody has been held accountable for classification?

1896
01:21:09,600 --> 01:21:15,700
Is it because the classification system doesn't match how people actually think about data? Before you fix the classification problem,

1897
01:21:15,700 --> 01:21:20,900
you need to understand why the problem exists. Otherwise your fix will address the symptom, not the cause.

1898
01:21:20,900 --> 01:21:27,000
Before you scale it with AI, you need to know what data the AI will touch. Copilot will access whatever data the user can access.

1899
01:21:27,000 --> 01:21:33,900
Copilot will synthesize information across files, emails and conversations. Copilot will generate insights based on the data it can see.

1900
01:21:33,900 --> 01:21:38,800
What data can copilot see? Whatever the user has permission to see. What data should copilot see?

1901
01:21:38,800 --> 01:21:44,400
That's a different question. That's a question that requires understanding what data matters, why it matters, who should have access to it?

1902
01:21:44,400 --> 01:21:50,400
And what should happen when AI systems see it? You can't answer these questions without understanding the real infrastructure.

1903
01:21:50,400 --> 01:21:54,900
You can't understand the real infrastructure without asking why it looks the way it looks.

1904
01:21:54,900 --> 01:21:59,700
Most organizations skip this step. Most organizations see the gap and assume they know the reason.

1905
01:21:59,700 --> 01:22:04,800
The reason is that people aren't following the process. The reason is that people don't understand the importance of governance.

1906
01:22:04,800 --> 01:22:09,700
The reason is that people need better training or stronger enforcement. These assumptions are wrong.

1907
01:22:09,700 --> 01:22:13,700
The reason is that the designed process doesn't match how the business actually needs to operate.

1908
01:22:13,700 --> 01:22:16,700
The reason is that people are making rational choices under pressure.

1909
01:22:16,700 --> 01:22:22,200
The reason is that the gap between designed and actual is not a problem of understanding. It's a problem of design.

1910
01:22:22,200 --> 01:22:28,500
But admitting this requires saying that the design was incomplete. That the assumption about how the business works was wrong.

1911
01:22:28,500 --> 01:22:31,800
That the infrastructure that was built is not the infrastructure that's being used.

1912
01:22:31,800 --> 01:22:36,800
This is uncomfortable. Most organizations don't like being uncomfortable. So most organizations skip the question.

1913
01:22:36,800 --> 01:22:43,200
Most organizations implement controls on top of chaos. Most organizations deploy AI onto broken foundations.

1914
01:22:43,200 --> 01:22:48,500
The question is this, do we actually understand how our business works? The answer for most organizations is no.

1915
01:22:48,500 --> 01:22:52,700
The path forward. The answer changes what comes next. And what comes next is not complex.

1916
01:22:52,700 --> 01:22:58,500
Start with observation, not intervention. You don't fix the infrastructure by imposing new rules. You fix it by understanding it first.

1917
01:22:58,500 --> 01:23:03,400
Pick those three workflows, document them, don't change anything. Just watch. Watch where the work actually happens.

1918
01:23:03,400 --> 01:23:08,500
Watch what tools people use. Watch where data moves. Watch the work around. Watch why people make the choices they make.

1919
01:23:08,500 --> 01:23:14,200
This takes time. It takes maybe a month for each workflow. Three workflows. Three months. You now have an honest map.

1920
01:23:14,200 --> 01:23:19,700
Not a guess. Not an assumption. An actual map of how your business operates. Name the gaps.

1921
01:23:19,700 --> 01:23:23,900
For each workflow, write down the difference between the designed process and the actual process.

1922
01:23:23,900 --> 01:23:28,900
Don't judge it. Don't say the actual process is wrong. Just name it. Sales uses email instead of CRM.

1923
01:23:28,900 --> 01:23:33,800
Hiring users a spreadsheet instead of the ATS. Finance reconciles in Excel instead of trusting the GL.

1924
01:23:33,800 --> 01:23:39,800
These gaps are now explicit. They're not hidden. They're not assumed. They're documented. Identify which gaps create risk.

1925
01:23:39,800 --> 01:23:44,900
Not all gaps are problems. Some gaps are acceptable tradeoffs. The sales rep uses email because email is faster.

1926
01:23:44,900 --> 01:23:50,400
That's a tradeoff. Speed for visibility is the tradeoff worth it. That's a business decision. Some gaps create real risk.

1927
01:23:50,400 --> 01:23:56,400
Finance doesn't trust the GL because the GL has failed before. That's not a tradeoff. That's a broken system that creates liability.

1928
01:23:56,400 --> 01:24:01,300
Identify which gaps matter. Which gaps create compliance risk. Which gaps create operational risk.

1929
01:24:01,300 --> 01:24:08,300
Which gaps undermine decision making. Identify which gaps create opportunity. The sales reps email work around is fast but invisible.

1930
01:24:08,300 --> 01:24:13,200
What if you redesigned the CRM to match the speed of email. What if you remove the data entry burden.

1931
01:24:13,200 --> 01:24:19,200
What if the CRM adapted to how the rep actually works instead of forcing the rep to adapt to the CRM. That's an opportunity.

1932
01:24:19,200 --> 01:24:27,200
The hiring manager's spreadsheet is practical but disconnected. What if you integrated the spreadsheet into the ATS instead of asking the manager to choose between them.

1933
01:24:27,200 --> 01:24:35,100
What if you made the tools work together instead of forcing a choice. These are opportunities. Opportunities to redesign the infrastructure to match how work actually happens.

1934
01:24:35,100 --> 01:24:43,600
Now make strategic choices. For each gap decide do we change the business to match the design or do we change the design to match the business.

1935
01:24:43,600 --> 01:24:51,000
For the sales email gap the business requires speed. The design process is slow. Change the design. Redesign the CRM to reduce data entry.

1936
01:24:51,000 --> 01:24:56,500
Redesign the process to move faster. Align the design process with how sales actually needs to work.

1937
01:24:56,500 --> 01:25:02,600
For the hiring spreadsheet gap the business needs flexibility. The ATS is rigid. Change the design. Integrate the spreadsheet.

1938
01:25:02,600 --> 01:25:11,600
Adapt the ATS. Make the tools work together. For the finance GL gap the business requires trust. The GL is not trustworthy. Change the GL. Fix the data quality.

1939
01:25:11,600 --> 01:25:19,600
Implement controls that prevent the errors that force the controller to maintain a parallel system. Make the GL the system of record by making it actually reliable.

1940
01:25:19,600 --> 01:25:28,600
Notice what this is not. This is not enforce the policy harder. This is not make people follow the design process. This is not implement controls that prevent workarounds.

1941
01:25:28,600 --> 01:25:37,600
This is not punish people who deviate from policy. This is redirection. This is redesigned. This is acknowledging that the gap exists for a reason and eliminating the reason.

1942
01:25:37,600 --> 01:25:46,600
The governance is not a one time project. Governance is an operational discipline. Your infrastructure will drift. New tools will be added. New processes will emerge. New workarounds will develop.

1943
01:25:46,600 --> 01:25:53,600
The gap between design and actual is not something you fix once. It's something you observe continuously. You need a process for watching the infrastructure.

1944
01:25:53,600 --> 01:25:58,600
You need metrics that tell you when the gap is growing. You need the discipline to act when the gap exceeds your tolerance.

1945
01:25:58,600 --> 01:26:06,600
This means quarterly reviews of your key workflows. This means audits of your critical processes. This means conversations with the people doing the work about why they're doing it the way they do.

1946
01:26:06,600 --> 01:26:12,600
This means governance that's not a department. Governance is operational leadership paying attention to how work actually happens.

1947
01:26:12,600 --> 01:26:21,600
This changes everything about how you think about Microsoft 365 governance and AI. Because once you understand how your business actually works, you can make intelligent choices about tools.

1948
01:26:21,600 --> 01:26:30,600
You can deploy co-pilot on infrastructure. You can implement security controls that don't break the workflows that matter. You can scale AI on foundations that will hold it either.

1949
01:26:30,600 --> 01:26:40,600
The honest map. Your infrastructure is not what you built. It's what your people actually use. The distance between design and real is where your biggest problems and opportunities live.

1950
01:26:40,600 --> 01:26:49,600
Before you implement controls, deploy AI or scale automation, you need an honest map. That map comes from observing behavior, not reading architecture diagrams.

1951
01:26:49,600 --> 01:26:59,600
The question is whether you're willing to see what the real infrastructure actually looks like. Because once you see it, you have to decide, do you change the business to match the design or do you change the design to match the business?

1952
01:26:59,600 --> 01:27:12,600
Either way, you can't move forward until you know the truth. The first step. Starting small. You don't need to map your entire infrastructure at once. You don't need a consultant. You don't need a multi-month project. Start with one workflow.

1953
01:27:12,600 --> 01:27:19,600
Pick something that matters. Something where the gap between design and actual is costing you something. Time, visibility or risk.

1954
01:27:19,600 --> 01:27:33,600
Follow that workflow. Talk to the person executing it. Ask them to walk you through what actually happens versus what the process documentation says happens. Listen for the moments where they deviate. Listen for where they use workarounds. Listen for where they make judgment calls.

1955
01:27:33,600 --> 01:27:41,600
Take notes. Don't judge. Just observe. Then ask the question. Why is this happening this way? The answer will tell you something important about your real infrastructure.

1956
01:27:41,600 --> 01:27:53,600
The answer will tell you whether this is a design problem or a different kind of problem altogether. A design problem means the design process doesn't match how the business actually operates. Fix the design. Make the process faster, more flexible, more responsive.

1957
01:27:53,600 --> 01:28:06,600
Redesign the tool to match the work instead of asking the work to match the tool. A different problem means something else is wrong. Maybe it's a skill gap. Maybe it's a trust issue. Maybe it's a communication breakdown. Maybe it's a system that's genuinely broken and needs to be replaced.

1958
01:28:06,600 --> 01:28:22,600
Observe carefully. Understanding the real reason is more important than guessing the fix. Once you've done this for one workflow you've started mapping. You've seen the gap. You've understood why it exists. You've made at least one deliberate choice about whether to change the design or change the business. That's the foundation. Now do it for a second workflow.

1959
01:28:22,600 --> 01:28:34,600
A different part of your business. A different set of people. A different set of constraints. Watch the pattern emerge. Watch how different workflows solve similar problems in different ways. Watch how the real infrastructure is not monolithic.

1960
01:28:34,600 --> 01:28:50,600
It's adaptive. It's organic. It's alive in ways that design systems are not. Then pick one gap that you're going to change. Pick one place where the gap creates real risk or real opportunity. Change it. Not everything at once. One change, one workflow, one redesign. Make the process faster or more secure or more visible.

1961
01:28:50,600 --> 01:29:19,600
Then measure whether the change worked. Did the redesign process eliminate the work around? Did people adopt the new way? Did the risk decrease? If it worked, you've learned how to change your infrastructure. You've learned that redesign is possible. You've learned that the gap between design and actual can be closed. Then you can scale this to other workflows. This is how change actually happens. Not through policy, not through enforcement, through understanding, through redesign. Through meeting people where they actually work instead of demanding their work, where the design assumes. This is how you build an infrastructure that matches your reality.

1962
01:29:19,600 --> 01:29:25,600
This is how you prepare for AI. This is how you move forward. One workflow, one gap, one honest choice.