We’re here to help, so to speak with our team and learn more about how JUMPSEC can benefit your organisation, just complete the below form and one of our team will be in touch.
Data Security Envisioning Workshop
Why run this
- Make data risk visible. Identify oversharing, stale sensitive content, risky exfil paths, and AI interactions using your signals.
- Protect without blocking work. Align labels, DLP, Insider Risk, and retention with how your teams actually collaborate.
- Win business trust. Give data owners clear guardrails and a review process they can manage.
What you get
- Discovery across your estate. SharePoint, Teams, Exchange, endpoints, and third‑party apps where relevant.
- Mandatory coverage. Exchange Online, SharePoint Online, Teams, and Insider Risk Management.
- Options to deep‑dive. Compliance Manager assessment, on‑prem data discovery, Windows endpoints, Communication Compliance, or Data Security for AI.
- A targeted plan. Label design, priority DLP policies, ownership model, and change approach that avoids disruption.
Who it’s for
- Baseline: 300–5,000 Entra ID Plan 1 PAU and 250+ MAU across Microsoft 365.
- Business‑led programmes that need Legal, HR, and Data Owners engaged from the start.
Format
- Delivered over an extended period.
- Kick‑off to enable Purview and required services; configure discovery safely.
- Background discovery and data gathering for up to a month.
- Analysis of stale/sensitive data, leakage paths, insider risk, and AI interactions.
Client time required (3 days)
- Scoping and stakeholder scheduling: 60–90 minutes (sponsor, coordinator).
- Working time across the engagement window:
- Legal/Compliance: 1–2 hours (governance decisions, review flows).
- Data Owners/HR: 2–4 hours (process walkthroughs, decisions).
- SecOps/IT platform: 4–6 hours (signals review, policy design).
- Lightweight check‑ins during discovery: 30 minutes per checkpoint.
- Final readout and plan: 60–90 minutes.
- These hours are human effort only. Elapsed duration is typically 2–4 weeks while discovery runs and results are analysed.
Questions to consider
Which collaboration spaces would you secure first and why?
What exceptions process keeps work moving while reducing risk?
Which data types require retention or legal hold, and for how long?
How will you measure policy impact on productivity and incident rates?
