Your Sensitivity Labels Are A Lie: The Collaborative AI Silo Crisis

1
00:00:00,000 --> 00:00:02,640
You deploy co-pilot and wait for the productivity wave to hit,

2
00:00:02,640 --> 00:00:03,840
but instead of a breakthrough,

3
00:00:03,840 --> 00:00:06,960
you see a 300% spike in data loss prevention events.

4
00:00:06,960 --> 00:00:09,360
The assumption was that the AI would find our brilliance,

5
00:00:09,360 --> 00:00:12,360
but in reality, it is mostly finding our permission debt.

6
00:00:12,360 --> 00:00:14,320
The everyone group in your SharePoint environment

7
00:00:14,320 --> 00:00:17,320
is currently the largest security hole in your organization,

8
00:00:17,320 --> 00:00:19,800
and it acts like an open door that nobody bothered to close

9
00:00:19,800 --> 00:00:21,760
because the data was buried in the basement.

10
00:00:21,760 --> 00:00:23,360
Now that data is conversational.

11
00:00:23,360 --> 00:00:26,480
Your current sensitivity labeling strategy is not a shield.

12
00:00:26,480 --> 00:00:28,880
It is a data graveyard that hides information

13
00:00:28,880 --> 00:00:30,440
from the people who actually needed,

14
00:00:30,440 --> 00:00:32,600
while doing nothing to stop the AI from surfacing

15
00:00:32,600 --> 00:00:34,400
the wrong things to the wrong people.

16
00:00:34,400 --> 00:00:36,800
This is the collaborative AI-style or crisis.

17
00:00:36,800 --> 00:00:39,000
Today we are moving from containment to context,

18
00:00:39,000 --> 00:00:40,840
and we are going to save your AI investment

19
00:00:40,840 --> 00:00:42,760
by fixing the structural lie at the heart

20
00:00:42,760 --> 00:00:45,920
of your data governance model, the inheritance paradox.

21
00:00:45,920 --> 00:00:47,920
The fundamental flaw in most AI rollouts

22
00:00:47,920 --> 00:00:50,080
is a misunderstanding of how the machine thinks,

23
00:00:50,080 --> 00:00:52,440
and while you might assume that co-pilot makes decisions

24
00:00:52,440 --> 00:00:54,680
about who sees what, it actually does not.

25
00:00:54,680 --> 00:00:57,280
Co-pilot is a mirror that inherits your existing organizational

26
00:00:57,280 --> 00:00:59,040
entropy, so it does not create new access.

27
00:00:59,040 --> 00:01:02,520
It simply operationizes the access you already gave away years ago.

28
00:01:02,520 --> 00:01:04,280
Think of it as the spotlight effect.

29
00:01:04,280 --> 00:01:06,520
Before AI oversharing was latent,

30
00:01:06,520 --> 00:01:09,680
like a messy filing cabinet in a basement nobody visited,

31
00:01:09,680 --> 00:01:13,240
but AI makes that latent oversharing visible at machine speed.

32
00:01:13,240 --> 00:01:16,480
If a junior analyst asks for a summary of recent strategy shifts,

33
00:01:16,480 --> 00:01:18,560
and your M&A folder is set to internal,

34
00:01:18,560 --> 00:01:21,400
the AI will summarize the merger you have not announced yet.

35
00:01:21,400 --> 00:01:24,440
This is not a breach, it is a feature of your own architecture.

36
00:01:24,440 --> 00:01:26,240
The reality is that manual labeling coverage

37
00:01:26,240 --> 00:01:28,920
rarely exceeds 10% in the average enterprise,

38
00:01:28,920 --> 00:01:31,320
because we have spent a decade telling users

39
00:01:31,320 --> 00:01:34,000
to tag their files and they simply have not done it.

40
00:01:34,000 --> 00:01:37,440
We relied on a set it and forget it mentality for sensitivity tags,

41
00:01:37,440 --> 00:01:39,760
and assumed that once a file was marked public,

42
00:01:39,760 --> 00:01:41,600
it stayed that way forever.

43
00:01:41,600 --> 00:01:44,560
A data is fluid, which means a document that was public yesterday

44
00:01:44,560 --> 00:01:47,440
might contain a sensitive prompt response today.

45
00:01:47,440 --> 00:01:49,080
When we rely on static labels,

46
00:01:49,080 --> 00:01:52,480
we create invisible barriers to cross-departmental intelligence,

47
00:01:52,480 --> 00:01:54,960
and a highly confidential label on a project plan

48
00:01:54,960 --> 00:01:57,360
might stop the marketing team from seeing a launch date

49
00:01:57,360 --> 00:01:59,520
they actually need to do their jobs.

50
00:01:59,520 --> 00:02:01,400
It creates a silo, and these silos

51
00:02:01,400 --> 00:02:04,000
are the reason your AI feels less like an assistant

52
00:02:04,000 --> 00:02:05,640
and more like a restricted librarian.

53
00:02:05,640 --> 00:02:07,280
We have built a system based on the assumption

54
00:02:07,280 --> 00:02:09,520
that we can classify the world once and be done with it,

55
00:02:09,520 --> 00:02:11,920
but in a collaborative environment, that model breaks.

56
00:02:11,920 --> 00:02:14,080
If the labels are missing the AI sees too much,

57
00:02:14,080 --> 00:02:16,200
and if the labels are there, they are often too rigid,

58
00:02:16,200 --> 00:02:19,280
preventing the AI from connecting the dots between departments.

59
00:02:19,280 --> 00:02:21,360
We are currently seeing a massive gap between

60
00:02:21,360 --> 00:02:23,360
what the C-suite expects from AI,

61
00:02:23,360 --> 00:02:25,280
and what the data architecture allows,

62
00:02:25,280 --> 00:02:27,560
and you cannot have a high performing AI agent

63
00:02:27,560 --> 00:02:30,960
if your data is locked in 1990s style folder hierarchies.

64
00:02:30,960 --> 00:02:34,960
The inheritance paradox means the AI is only as secure

65
00:02:34,960 --> 00:02:37,960
as your worst SharePoint admins mistake from 2014.

66
00:02:37,960 --> 00:02:40,400
We have to admit that the current approach to classification

67
00:02:40,400 --> 00:02:44,360
is failing because it is static, manual, and treats data

68
00:02:44,360 --> 00:02:48,640
as an object to be locked away, rather than an asset to be used.

69
00:02:48,640 --> 00:02:51,080
Most organizations are currently in pilot purgatory

70
00:02:51,080 --> 00:02:54,480
because they realized six weeks in that their permissions are a mess.

71
00:02:54,480 --> 00:02:56,680
They try to fix it by adding more labels,

72
00:02:56,680 --> 00:02:58,560
but adding more labels to a broken system

73
00:02:58,560 --> 00:03:00,600
just creates more silos and does not solve

74
00:03:00,600 --> 00:03:02,640
the underlying problem of visibility.

75
00:03:02,640 --> 00:03:04,320
The shift we need is not about better tags,

76
00:03:04,320 --> 00:03:05,400
it is about a better model.

77
00:03:05,400 --> 00:03:08,560
We have been focusing on the what, which is the file itself,

78
00:03:08,560 --> 00:03:12,080
but we need to start focusing on the who, the where, and the why.

79
00:03:12,080 --> 00:03:14,200
The problem is not just that labels are missing,

80
00:03:14,200 --> 00:03:16,000
it is that the ones we have are static

81
00:03:16,000 --> 00:03:18,880
and do not account for the reality of how work happens today.

82
00:03:18,880 --> 00:03:21,800
Work is dynamic, so our security must be dynamic too.

83
00:03:21,800 --> 00:03:24,760
If we do not fix this, the AI will continue to hallucinate

84
00:03:24,760 --> 00:03:27,000
because it is looking at the wrong data or worse,

85
00:03:27,000 --> 00:03:30,000
it will tell the truth about data that should have been hidden.

86
00:03:30,000 --> 00:03:31,240
To fix the rework loop,

87
00:03:31,240 --> 00:03:34,480
we have to look at the underlying model of how we grant access,

88
00:03:34,480 --> 00:03:35,880
the high cost of rework.

89
00:03:35,880 --> 00:03:37,840
We talk about the productivity gains of AI

90
00:03:37,840 --> 00:03:39,280
as if they are a gross number

91
00:03:39,280 --> 00:03:41,600
and we see the nine hours saved per month

92
00:03:41,600 --> 00:03:43,200
and assume the job is done.

93
00:03:43,200 --> 00:03:45,520
But the reality is much messier because currently,

94
00:03:45,520 --> 00:03:48,400
about 40% of the time your employees saved by using AI

95
00:03:48,400 --> 00:03:51,040
is immediately lost to fixing what the AI got wrong.

96
00:03:51,040 --> 00:03:52,840
This is the hidden friction of the silo.

97
00:03:52,840 --> 00:03:55,400
When co-pilot doesn't have access to the good data,

98
00:03:55,400 --> 00:03:57,560
the finalized contract, the actual budget

99
00:03:57,560 --> 00:04:00,000
or the verified project plan, it doesn't stop.

100
00:04:00,000 --> 00:04:00,800
It guesses.

101
00:04:00,800 --> 00:04:02,440
It looks at the dark data it can see,

102
00:04:02,440 --> 00:04:04,160
like an old draft from a shared folder

103
00:04:04,160 --> 00:04:05,720
or speculative chat message

104
00:04:05,720 --> 00:04:07,720
and it builds a response based on that.

105
00:04:07,720 --> 00:04:11,280
The result is a rework loop that is quietly draining your ROI.

106
00:04:11,280 --> 00:04:13,320
We can actually quantify this digital debt.

107
00:04:13,320 --> 00:04:15,560
For your top performers, the power users

108
00:04:15,560 --> 00:04:17,600
who are leaning into these tools the most,

109
00:04:17,600 --> 00:04:20,280
this rework accounts for about one and a half weeks

110
00:04:20,280 --> 00:04:21,720
of lost time per year.

111
00:04:21,720 --> 00:04:22,560
Think about that.

112
00:04:22,560 --> 00:04:24,920
You are paying for a premium license to save time,

113
00:04:24,920 --> 00:04:26,520
but because your data is siloed,

114
00:04:26,520 --> 00:04:28,800
your best people are spending nearly two full work weeks

115
00:04:28,800 --> 00:04:31,080
just auditing machine generated errors.

116
00:04:31,080 --> 00:04:33,120
They are essentially acting as high paid proofreaders

117
00:04:33,120 --> 00:04:35,400
for a system that was supposed to be their co-pilot.

118
00:04:35,400 --> 00:04:38,400
This happens because rigid classification creates a vacuum.

119
00:04:38,400 --> 00:04:40,520
If the AI is barred from the system of record

120
00:04:40,520 --> 00:04:42,400
by an outdated sensitivity label,

121
00:04:42,400 --> 00:04:43,480
it will fill that vacuum

122
00:04:43,480 --> 00:04:46,280
with whatever system of convenience it can find.

123
00:04:46,280 --> 00:04:48,040
In departments like Finance and HR,

124
00:04:48,040 --> 00:04:51,080
this leads to outputs that are confidently wrong.

125
00:04:51,080 --> 00:04:54,000
A finance manager might ask for a summary of quarterly spend.

126
00:04:54,000 --> 00:04:56,320
If the actual ERP export is locked down,

127
00:04:56,320 --> 00:04:58,240
but a messy, unclassified working draft

128
00:04:58,240 --> 00:04:59,800
is sitting in a public teams channel,

129
00:04:59,800 --> 00:05:01,880
the AI will summarize the draft.

130
00:05:01,880 --> 00:05:04,960
The manager then spends 20 minutes finding the discrepancies.

131
00:05:04,960 --> 00:05:07,920
This is the friction between gross efficiency and net value.

132
00:05:07,920 --> 00:05:10,200
If it takes you two minutes to generate a report,

133
00:05:10,200 --> 00:05:12,080
but 20 minutes to verify the numbers,

134
00:05:12,080 --> 00:05:14,560
because the AI couldn't see the source of truth,

135
00:05:14,560 --> 00:05:16,240
you haven't actually gained anything.

136
00:05:16,240 --> 00:05:18,880
You've just shifted the labor from creation to correction.

137
00:05:18,880 --> 00:05:20,400
This rework isn't just a nuisance,

138
00:05:20,400 --> 00:05:22,440
it's a symptom of a structural failure.

139
00:05:22,440 --> 00:05:25,800
We've spent years building data silos to protect information,

140
00:05:25,800 --> 00:05:27,560
but in the age of generative AI,

141
00:05:27,560 --> 00:05:29,240
those silos act as blindfolds.

142
00:05:29,240 --> 00:05:31,400
When the AI is blindfolded, it hallucinates.

143
00:05:31,400 --> 00:05:33,320
It tries to please the user by connecting dots

144
00:05:33,320 --> 00:05:34,520
that shouldn't be connected.

145
00:05:34,520 --> 00:05:37,400
We are seeing organizations where the rework rate is so high

146
00:05:37,400 --> 00:05:40,040
that employees are starting to lose trust in the tool.

147
00:05:40,040 --> 00:05:42,240
They stop asking the AI for complex analysis

148
00:05:42,240 --> 00:05:44,800
and revert to using it for basic email drafting.

149
00:05:44,800 --> 00:05:47,520
The moment that happens, your AI strategy has failed.

150
00:05:47,520 --> 00:05:50,400
You are paying for an engine, but only using the headlights.

151
00:05:50,400 --> 00:05:52,920
To fix this rework loop, we have to stop looking at the AI

152
00:05:52,920 --> 00:05:54,360
and start looking at the plumbing.

153
00:05:54,360 --> 00:05:55,880
The good data exists.

154
00:05:55,880 --> 00:05:57,480
The brilliant insights are there.

155
00:05:57,480 --> 00:05:59,840
But they are trapped behind a wall of legacy permissions

156
00:05:59,840 --> 00:06:01,720
and static labels that were designed for a world

157
00:06:01,720 --> 00:06:03,280
where humans did all the searching.

158
00:06:03,280 --> 00:06:05,840
We need to move toward a model where the AI can see

159
00:06:05,840 --> 00:06:08,440
what it needs to see, exactly when it needs to see it,

160
00:06:08,440 --> 00:06:09,720
without compromising security.

161
00:06:09,720 --> 00:06:12,960
We have to look at the underlying model of how we grant access.

162
00:06:12,960 --> 00:06:15,680
Because as long as the AI is working with partial context,

163
00:06:15,680 --> 00:06:18,680
your employees will be working overtime to fix the results.

164
00:06:18,680 --> 00:06:21,680
That is a cost no organization can afford to ignore.

165
00:06:21,680 --> 00:06:24,240
From containment to context, we need to stop thinking

166
00:06:24,240 --> 00:06:25,760
about security as a wall.

167
00:06:25,760 --> 00:06:29,200
For decades, the industry relied on a hardened perimeter model.

168
00:06:29,200 --> 00:06:31,360
You were either inside the network or you were out,

169
00:06:31,360 --> 00:06:32,520
but that world is gone.

170
00:06:32,520 --> 00:06:34,200
Today, the perimeter is porous.

171
00:06:34,200 --> 00:06:35,160
People work from home.

172
00:06:35,160 --> 00:06:37,280
They use unmanaged devices and they collaborate

173
00:06:37,280 --> 00:06:38,720
with external vendors.

174
00:06:38,720 --> 00:06:41,240
In this environment, the old model of containment,

175
00:06:41,240 --> 00:06:43,760
where you lock data in a folder and assume it's safe

176
00:06:43,760 --> 00:06:46,760
because the folder is private is a dangerous illusion.

177
00:06:46,760 --> 00:06:49,680
It's dangerous because it assumes the threat is only outside.

178
00:06:49,680 --> 00:06:51,560
But the real threat in the age of co-pilot

179
00:06:51,560 --> 00:06:54,000
is the internal permission creep that has been accumulating

180
00:06:54,000 --> 00:06:54,680
for years.

181
00:06:54,680 --> 00:06:56,560
We need to move from a strategy of containment

182
00:06:56,560 --> 00:06:58,120
to a strategy of context.

183
00:06:58,120 --> 00:06:59,480
The old model was built for structure.

184
00:06:59,480 --> 00:07:02,840
It assumed that a file sensitivity was a fixed attribute.

185
00:07:02,840 --> 00:07:04,680
You tagged the document as confidential,

186
00:07:04,680 --> 00:07:06,160
and that was the end of the story.

187
00:07:06,160 --> 00:07:08,000
But in a collaborative AI environment,

188
00:07:08,000 --> 00:07:09,040
that tag is too blunt.

189
00:07:09,040 --> 00:07:10,080
It doesn't tell us enough.

190
00:07:10,080 --> 00:07:11,800
It doesn't account for who is asking,

191
00:07:11,800 --> 00:07:14,040
what device they are using, or where they are located.

192
00:07:14,040 --> 00:07:15,560
This is why we are seeing a massive shift

193
00:07:15,560 --> 00:07:18,560
toward dynamic access control or DAC.

194
00:07:18,560 --> 00:07:20,200
This isn't just a technical upgrade.

195
00:07:20,200 --> 00:07:21,440
It's a philosophical shift.

196
00:07:21,440 --> 00:07:23,680
It moves the decision-making process from the moment

197
00:07:23,680 --> 00:07:26,600
the file is created to the millisecond the data is requested.

198
00:07:26,600 --> 00:07:29,920
It's the difference between a static lock and a smart sensor.

199
00:07:29,920 --> 00:07:32,400
By 2026, the industry is mandating a shift

200
00:07:32,400 --> 00:07:35,360
toward attribute-based access control or ABAC.

201
00:07:35,360 --> 00:07:38,000
This is the foundation of the modern identity fabric.

202
00:07:38,000 --> 00:07:39,920
Instead of relying on a single static label,

203
00:07:39,920 --> 00:07:42,800
ABAC evaluates a dozen different risk signals in real time.

204
00:07:42,800 --> 00:07:44,480
It looks at the user's role, sure,

205
00:07:44,480 --> 00:07:46,320
but it also looks at the health of their laptop.

206
00:07:46,320 --> 00:07:48,040
It looks at their physical location.

207
00:07:48,040 --> 00:07:49,440
It even looks at their behavior.

208
00:07:49,440 --> 00:07:52,360
If a user who typically only accesses marketing files suddenly

209
00:07:52,360 --> 00:07:55,440
asks co-pilot to summarize the entire payroll database

210
00:07:55,440 --> 00:07:57,520
from a coffee shop in a different country,

211
00:07:57,520 --> 00:08:00,080
the system shouldn't just look at the sensitivity label.

212
00:08:00,080 --> 00:08:01,840
It should look at the context and say, no.

213
00:08:01,840 --> 00:08:04,160
This is how we move from, is this file labeled?

214
00:08:04,160 --> 00:08:06,360
Should this user see this data now?

215
00:08:06,360 --> 00:08:08,840
It's a subtle shift with massive implications.

216
00:08:08,840 --> 00:08:10,960
It allows us to be more permissive when the risk is low

217
00:08:10,960 --> 00:08:12,880
and more restrictive when the risk is high.

218
00:08:12,880 --> 00:08:16,520
It breaks the silos because it allows for just-in-time access.

219
00:08:16,520 --> 00:08:20,000
If the marketing team needs to see that highly confidential launch date,

220
00:08:20,000 --> 00:08:22,000
the system can grant them temporary,

221
00:08:22,000 --> 00:08:25,360
read-only access based on the context of their current project

222
00:08:25,360 --> 00:08:28,680
without permanently breaking the security of the file.

223
00:08:28,680 --> 00:08:31,720
This is the only way to enable the kind of cross-departmental

224
00:08:31,720 --> 00:08:34,760
intelligence that AI promises without turning your tenant

225
00:08:34,760 --> 00:08:37,040
into a data free for all.

226
00:08:37,040 --> 00:08:40,080
The ROI of these dynamic systems is already becoming clear.

227
00:08:40,080 --> 00:08:42,120
Organizations that move away from static labels

228
00:08:42,120 --> 00:08:45,680
to water context-aware model are seeing 15 to 30% reductions

229
00:08:45,680 --> 00:08:47,240
in their cyber insurance premiums.

230
00:08:47,240 --> 00:08:47,760
Why?

231
00:08:47,760 --> 00:08:50,960
Because insurers know that static labels are easy to bypass or ignore.

232
00:08:50,960 --> 00:08:53,960
Dynamic systems, on the other hand, are much harder to exploit.

233
00:08:53,960 --> 00:08:56,160
They provide a level of continuous verification

234
00:08:56,160 --> 00:08:58,120
that static models simply can't match.

235
00:08:58,120 --> 00:09:00,400
They reduce the blast radius of a compromised account

236
00:09:00,400 --> 00:09:03,760
because the attacker can't just inherit years of sloppy permissions.

237
00:09:03,760 --> 00:09:05,360
Every request is a new evaluation.

238
00:09:05,360 --> 00:09:08,520
Every interaction is a new opportunity to verify trust.

239
00:09:08,520 --> 00:09:11,200
This isn't just a theoretical shift for IT architects.

240
00:09:11,200 --> 00:09:14,520
It is a survival requirement for the next wave of a genetic AI.

241
00:09:14,520 --> 00:09:17,440
As we move toward agents that can take actions on our behalf,

242
00:09:17,440 --> 00:09:20,280
scheduling meetings, moving money, or updating records,

243
00:09:20,280 --> 00:09:23,080
we cannot rely on a "set it and forget it" security model.

244
00:09:23,080 --> 00:09:25,560
We need a system that understands the intent behind the action.

245
00:09:25,560 --> 00:09:28,840
We need security that is as smart as the AI it is protecting.

246
00:09:28,840 --> 00:09:30,800
This leads us to the technical roadmap.

247
00:09:30,800 --> 00:09:32,320
Because while the philosophy is changing,

248
00:09:32,320 --> 00:09:36,080
the tools to implement it are finally arriving in the purview ecosystem.

249
00:09:36,080 --> 00:09:40,240
The 2026 purview roadmap, the shift to what context-aware intelligence

250
00:09:40,240 --> 00:09:44,440
is finally showing up in the actual architecture of the Microsoft ecosystem.

251
00:09:44,440 --> 00:09:48,400
We are moving past the era where purview was just a tool for compliance reporting

252
00:09:48,400 --> 00:09:52,240
and by 2026 it has evolved into a real-time diagnostic engine.

253
00:09:52,240 --> 00:09:57,320
One of the most significant changes is the move to always on diagnostics for endpoint DLP.

254
00:09:57,320 --> 00:10:01,800
In the past, troubleshooting a policy failure meant a week of back-and-forth between IT and the user

255
00:10:01,800 --> 00:10:04,200
while they tried to reproduce a glitch that happened once.

256
00:10:04,200 --> 00:10:07,400
Now those diagnostic traces are stored locally on the device

257
00:10:07,400 --> 00:10:10,520
in a secure, compressed format for 90 days.

258
00:10:10,520 --> 00:10:13,560
This allows the system to analyze exactly why a specific file was blocked

259
00:10:13,560 --> 00:10:17,800
or why a label failed to apply without ever sending the actual sensitive content to the cloud.

260
00:10:17,800 --> 00:10:20,680
It is local visibility paired with global enforcement.

261
00:10:20,680 --> 00:10:24,760
This diagnostic power is being amplified by AI-powered explanation tools.

262
00:10:24,760 --> 00:10:28,440
We have reached a level of complexity where human admins can no longer manually track the difference

263
00:10:28,440 --> 00:10:30,600
between a dozen different DLP policies.

264
00:10:30,600 --> 00:10:34,520
When a policy changes, the system now generates a natural language summary

265
00:10:34,520 --> 00:10:38,280
to explain exactly what was modified and which user groups are affected.

266
00:10:38,280 --> 00:10:41,720
It also shows what the potential impact on collaborative workflows will be

267
00:10:41,720 --> 00:10:43,400
which reduces the risk of policy drift.

268
00:10:43,400 --> 00:10:47,160
This is when security rules become so tangled that they start blocking legitimate work.

269
00:10:47,160 --> 00:10:50,840
These tools allow the security team to act as enablers rather than gatekeepers

270
00:10:50,840 --> 00:10:52,120
by providing clarity.

271
00:10:52,120 --> 00:10:55,240
On the rules of the road in a language, the business can actually understand.

272
00:10:55,240 --> 00:10:59,880
A critical piece of this roadmap is the role of restricted SharePoint search or RSS.

273
00:10:59,880 --> 00:11:02,360
This is the emergency break for your AI deployment.

274
00:11:02,360 --> 00:11:05,480
It allows you to explicitly exclude high-risk sites like your board papers,

275
00:11:05,480 --> 00:11:09,960
your payroll data, or your legal strategy from being used as grounding for co-pilot.

276
00:11:09,960 --> 00:11:14,200
Before you even touch a sensitivity label, you can use RSS to ensure that the AI

277
00:11:14,200 --> 00:11:17,000
simply cannot see the most dangerous corners of your tenant.

278
00:11:17,000 --> 00:11:21,800
It is a foundational layer of protection that recognizes that not all data is created equal.

279
00:11:22,120 --> 00:11:24,440
This gives you the breathing room to fix your permission debt.

280
00:11:24,440 --> 00:11:27,320
Without having to shut down the entire AI experiment,

281
00:11:27,320 --> 00:11:30,680
we are also seeing a massive expansion in auto labeling capabilities.

282
00:11:30,680 --> 00:11:33,960
The goal for 2026 is to be secured by default.

283
00:11:33,960 --> 00:11:38,120
Your SharePoint libraries are no longer passive buckets because they are becoming active participants

284
00:11:38,120 --> 00:11:39,480
in your security posture.

285
00:11:39,480 --> 00:11:41,800
When a file is uploaded to a specific library,

286
00:11:41,800 --> 00:11:45,320
the default label of that library is applied at rest automatically.

287
00:11:45,320 --> 00:11:47,720
If that file contains sensitive information types,

288
00:11:47,720 --> 00:11:51,080
the system can now override lower priority manual labels.

289
00:11:51,080 --> 00:11:54,440
This closes the coverage gap that has plagued manual systems for years.

290
00:11:54,440 --> 00:11:58,840
It ensures that even if a user forgets to tag a document, the platform has their back.

291
00:11:58,840 --> 00:12:02,760
It is the move from a voluntary system to a mandatory automated infrastructure.

292
00:12:02,760 --> 00:12:04,040
To manage this at scale,

293
00:12:04,040 --> 00:12:08,200
we are increasingly relying on the Graph API for custom usage analytics.

294
00:12:08,200 --> 00:12:11,800
We can now look under the hood to see exactly which departments are siloed.

295
00:12:11,800 --> 00:12:16,760
If the R&D team has a 90% rework rate because they are blocked from seeing the engineering specs,

296
00:12:16,760 --> 00:12:17,960
the data will show it.

297
00:12:17,960 --> 00:12:21,800
We can identify the bottlenecks where rigid classification is killing productivity

298
00:12:21,800 --> 00:12:23,400
and adjust the policies in real time.

299
00:12:23,400 --> 00:12:27,720
This is how we move from a reactive security posture to a proactive governance strategy.

300
00:12:27,720 --> 00:12:31,160
We are using the data to tell us where the system is breaking rather than waiting for

301
00:12:31,160 --> 00:12:33,160
a user to complain or a breach to occur.

302
00:12:33,160 --> 00:12:34,680
But even with the best tools,

303
00:12:34,680 --> 00:12:37,160
the strategy fails without executive alignment.

304
00:12:37,160 --> 00:12:39,800
You can have the most advanced purview setup in the world,

305
00:12:39,800 --> 00:12:42,840
but if your leadership still views data as something to be hoarded,

306
00:12:42,840 --> 00:12:44,840
you will never realize the full value of AI.

307
00:12:44,840 --> 00:12:47,720
This brings us to a new kind of risk that is emerging from the ground up.

308
00:12:47,880 --> 00:12:50,840
It is a challenge that is not coming from hackers or external threats,

309
00:12:50,840 --> 00:12:53,320
but from your own employees trying to be productive.

310
00:12:53,320 --> 00:12:55,400
We need to talk about the Citizen Developer Delimmer.

311
00:12:55,400 --> 00:12:57,960
The Citizen Developer Delimmer,

312
00:12:57,960 --> 00:13:01,560
we are currently witnessing the largest explosion of unregulated creation

313
00:13:01,560 --> 00:13:03,400
in the history of enterprise computing.

314
00:13:03,400 --> 00:13:07,960
There are now over 1 million low-code assets living inside the Microsoft ecosystem.

315
00:13:07,960 --> 00:13:10,600
We have empowered employees to build their own apps,

316
00:13:10,600 --> 00:13:13,080
their own flows, and now their own AI agents.

317
00:13:13,080 --> 00:13:15,480
But this empowerment has a dark side.

318
00:13:15,480 --> 00:13:17,720
We have moved from Shadow IT to Shadow AI,

319
00:13:17,720 --> 00:13:22,200
where non-technical users are building complex agents on top of ungoverned messy data.

320
00:13:22,200 --> 00:13:23,720
This is the risk of agents sprawl.

321
00:13:23,720 --> 00:13:28,200
It is what happens when a marketing coordinator builds a custom GPT and co-pilot studio

322
00:13:28,200 --> 00:13:29,640
to help with vendor queries,

323
00:13:29,640 --> 00:13:32,680
but they inadvertently ground that agent on a sharepoint side

324
00:13:32,680 --> 00:13:35,880
containing every contract the company has signed since 2012.

325
00:13:35,880 --> 00:13:38,280
The dilemma is that we cannot simply turn it off.

326
00:13:38,280 --> 00:13:40,840
If you kill the ability for people to solve their own problems,

327
00:13:40,840 --> 00:13:43,880
you kill the very agility that AI is supposed to provide.

328
00:13:43,880 --> 00:13:46,440
Instead, we have to move toward a tiered governance model.

329
00:13:46,440 --> 00:13:47,880
Not all agents are created equal.

330
00:13:47,880 --> 00:13:50,680
A low-code tool that helps an individual summarise their own emails

331
00:13:50,680 --> 00:13:53,400
using standard Teams connectors is a low-risk asset.

332
00:13:53,400 --> 00:13:56,120
It should bypass the heavy duty review process.

333
00:13:56,120 --> 00:13:59,400
But the moment an agent touches a system of record-like dataverse

334
00:13:59,400 --> 00:14:02,360
or a sensitive SQL database, it needs a gatekeeper.

335
00:14:02,360 --> 00:14:05,720
We have to stop treating citizen development as a single category

336
00:14:05,720 --> 00:14:07,800
and start treating it as a spectrum of risk.

337
00:14:07,800 --> 00:14:11,080
The industry is pivoting from the old concept of citizen development

338
00:14:11,080 --> 00:14:14,120
to what we now call AI-augmented personal building.

339
00:14:14,120 --> 00:14:15,720
The difference is subtle but crucial.

340
00:14:15,720 --> 00:14:17,880
In the old world, the user was a developer,

341
00:14:17,880 --> 00:14:20,440
but in the new world, the user is an orchestrator.

342
00:14:20,440 --> 00:14:23,240
They are directing the AI to build the solution for them.

343
00:14:23,240 --> 00:14:27,000
This makes the guardrails in co-pilot studio more important than the code itself.

344
00:14:27,000 --> 00:14:28,920
We need to implement content moderation layers

345
00:14:28,920 --> 00:14:32,040
that prevent these agents from hallucinating or leaking data

346
00:14:32,040 --> 00:14:33,480
through prompt injection attacks

347
00:14:33,480 --> 00:14:35,480
that the user did not even know where possible.

348
00:14:35,480 --> 00:14:38,280
You would not let a summer intern write your firewall rules

349
00:14:38,280 --> 00:14:42,280
so we should not let them build agents that have read access to the entire corporate wiki.

350
00:14:42,280 --> 00:14:43,320
The fix is structural.

351
00:14:43,320 --> 00:14:46,520
We need to automate the enforcement of data loss prevention policies

352
00:14:46,520 --> 00:14:48,040
within the low-code environment.

353
00:14:48,040 --> 00:14:52,680
If a user tries to connect an AI agent to an external unmanaged dropbox account,

354
00:14:52,680 --> 00:14:54,440
the system should block it instantly.

355
00:14:54,440 --> 00:14:57,160
If they try to build a bot that queries a library marked

356
00:14:57,160 --> 00:14:59,320
with a highly confidential sensitivity label,

357
00:14:59,320 --> 00:15:03,080
the deployment should trigger an automatic manual review by the ITOPS team.

358
00:15:03,080 --> 00:15:05,560
This creates a secure-by-design pathway for innovation.

359
00:15:05,560 --> 00:15:09,560
It allows the builders to build while ensuring that the most sensitive assets of the organization

360
00:15:09,560 --> 00:15:12,440
remain behind the context-aware walls we have been discussing.

361
00:15:12,440 --> 00:15:17,080
We are moving into an era where every employee is a potential architect of the company's intelligence.

362
00:15:17,080 --> 00:15:19,800
That is a massive competitive advantage if managed correctly,

363
00:15:19,800 --> 00:15:22,280
but it is a catastrophic liability if left to chance.

364
00:15:22,280 --> 00:15:25,560
The goal is not to stop the sprawl, but to govern the flow.

365
00:15:25,560 --> 00:15:29,320
We need to provide the citizen builders with pre-approved templates and safe zones

366
00:15:29,320 --> 00:15:32,280
where they can experiment without risking the crown jewels.

367
00:15:32,280 --> 00:15:36,360
This ensures that the agents they create are an extension of our governance strategy

368
00:15:36,360 --> 00:15:37,960
rather than an exception to it.

369
00:15:37,960 --> 00:15:42,520
This leads us to the final hurdle, which is getting the C-suite to treat access as a strategic asset.

370
00:15:42,520 --> 00:15:44,680
You cannot govern a million agents from the basement.

371
00:15:44,680 --> 00:15:46,200
You need executive alignment.

372
00:15:46,200 --> 00:15:49,080
It is time to move the conversation from the server room to the boardroom.

373
00:15:49,080 --> 00:15:52,040
The executive buy-in strategy.

374
00:15:52,040 --> 00:15:55,240
The technical battle for context-aware security is being won in the code,

375
00:15:55,240 --> 00:15:58,040
but the strategic battle is still being lost in the boardroom.

376
00:15:58,040 --> 00:16:01,640
For years, identity and access management was treated like a plumbing issue.

377
00:16:01,640 --> 00:16:05,720
It was something for the basement teams to handle while the business focused on growth.

378
00:16:05,720 --> 00:16:08,840
In 2026, that mindset is a liability.

379
00:16:08,840 --> 00:16:13,480
We have to reframe the entire conversation because identity is no longer just a login.

380
00:16:13,480 --> 00:16:16,040
It is the core control plane for digital trust.

381
00:16:16,040 --> 00:16:20,120
If your leadership doesn't understand that, your AI deployment will remain a series of expensive,

382
00:16:20,120 --> 00:16:21,400
disconnected experiments.

383
00:16:21,400 --> 00:16:24,440
We need to stop pitching security as a cost center.

384
00:16:24,440 --> 00:16:27,400
Instead, we have to frame it as a decision-villacity enabler.

385
00:16:27,400 --> 00:16:30,360
Most executives view security as a series of no moments.

386
00:16:30,360 --> 00:16:31,560
No, you can't use that tool.

387
00:16:31,560 --> 00:16:33,080
No, you can't share that file.

388
00:16:33,080 --> 00:16:35,240
But a modern identity fabric does the opposite.

389
00:16:35,240 --> 00:16:38,520
It provides the yes that allows the business to move faster.

390
00:16:38,520 --> 00:16:41,160
When you have continuous context-aware verification,

391
00:16:41,160 --> 00:16:44,520
you can onboard a new partner in hours instead of weeks.

392
00:16:44,520 --> 00:16:48,360
You can give a consultant access to exactly what they need for a three-day project,

393
00:16:48,360 --> 00:16:51,880
and then you can watch that access vanish automatically the moment they finished.

394
00:16:51,880 --> 00:16:53,000
This isn't about restriction.

395
00:16:53,000 --> 00:16:54,120
It's about agility.

396
00:16:54,120 --> 00:16:57,960
It's about creating an environment where the right people can act on the right information

397
00:16:57,960 --> 00:16:59,800
without the friction of manual approvals.

398
00:16:59,800 --> 00:17:02,680
We can see the cost of ignoring this in the M&A market.

399
00:17:02,680 --> 00:17:05,560
There is a massive maturity gap emerging between organizations

400
00:17:05,560 --> 00:17:10,200
that have mastered identity governance and those that are still relying on static legacy models.

401
00:17:10,200 --> 00:17:12,600
When a high maturity firm acquires a competitor,

402
00:17:12,600 --> 00:17:16,360
they can integrate the new workforce into their AI ecosystem in days.

403
00:17:16,360 --> 00:17:18,360
But for firms with poor identity hygiene,

404
00:17:18,360 --> 00:17:20,040
that integration drags on for months,

405
00:17:20,040 --> 00:17:24,600
and this delay bleeds value while stalling the very synergies the merger was supposed to create.

406
00:17:24,600 --> 00:17:27,880
Poor identity governance is a direct hit to post-merger value.

407
00:17:27,880 --> 00:17:32,200
It is a drag on the balance sheet that most CEOs haven't even quantified yet.

408
00:17:32,200 --> 00:17:35,880
This is why the pitch for a 5-to-20% budget increase for identity fabric

409
00:17:35,880 --> 00:17:37,880
isn't a request for more securities bend.

410
00:17:37,880 --> 00:17:39,640
It's an investment in growth infrastructure.

411
00:17:39,640 --> 00:17:43,640
It's the digital equivalent of building a high-speed rail network between your data silos.

412
00:17:43,640 --> 00:17:46,760
You are moving from a hardened perimeter that everyone tries to bypass

413
00:17:46,760 --> 00:17:50,840
to a continuous verification model that actually supports the way people work.

414
00:17:50,840 --> 00:17:56,200
You are telling the C-suite that if they want the five times productivity boost that AI promises,

415
00:17:56,200 --> 00:17:58,520
they have to pay for the foundation that makes it safe.

416
00:17:58,520 --> 00:18:03,400
You have to move the goalposts from protecting the data to managing the flow of intelligence.

417
00:18:03,400 --> 00:18:07,080
The shift to a context-aware model is the only way to build a resilient enterprise

418
00:18:07,080 --> 00:18:08,680
in an age of a genetic AI.

419
00:18:08,680 --> 00:18:12,680
It allows the organization to scale its intelligence without scaling its risk.

420
00:18:12,680 --> 00:18:15,560
When the C-suite treats access as a strategic asset,

421
00:18:15,560 --> 00:18:17,720
the entire culture of the company shifts.

422
00:18:17,720 --> 00:18:19,560
Security becomes a shared responsibility,

423
00:18:19,560 --> 00:18:22,520
and data becomes a liquid resource rather than a hoarded secret.

424
00:18:22,520 --> 00:18:24,840
It's time to stop looking at the cost of the tools

425
00:18:24,840 --> 00:18:26,840
and start looking at the cost of the friction.

426
00:18:26,840 --> 00:18:29,880
Because in the AI era, the fastest company wins,

427
00:18:29,880 --> 00:18:32,680
and you can't be fast if your data is trapped in a lie.

428
00:18:32,680 --> 00:18:34,920
Your 2026 mandate is clear.

429
00:18:34,920 --> 00:18:38,520
You must audit your permission debt before you scale your AI licenses.

430
00:18:38,520 --> 00:18:41,400
The technology is ready, but your architecture likely isn't.

431
00:18:41,400 --> 00:18:45,240
The challenge for the next quarter is to implement mandatory auto labeling

432
00:18:45,240 --> 00:18:49,000
and execute a 90-day site cleanup to close the most obvious gaps.

433
00:18:49,000 --> 00:18:50,600
Stop the hooding, start the flow.

434
00:18:50,600 --> 00:18:55,400
If you want to share your silo-breaking progress or discuss how your team is handling the shift

435
00:18:55,400 --> 00:18:58,840
to context-aware permissions, connect with Mirko Peters on LinkedIn.

436
00:18:58,840 --> 00:19:01,160
Let's build an intelligence model that actually works.

437
00:19:01,160 --> 00:19:03,640
Subscribe for more deep dives into the future of work.

438
00:19:03,640 --> 00:19:05,160
Stay secure, stay productive.