.png)
#1 - Inventory
Through automated inventory, we scanned Nacka's storage and collaboration spaces to identify unstructured and "forgotten" information.
We mapped against Nacka Municipality's existing information security policy.
​
Purpose: to gain detailed insight into which information posed the greatest risk when implementing AI.
#2 - Classification
Implementation of automated classification that was integrated directly into Nacka's Microsoft Purview environment.
Sensitive data was automatically tagged based on set policies and predefined templates.
Purpose: To create a unified security structure where data is protected throughout its lifecycle, which is critical for AI readiness
#3 - Decision support
Our reporting module delivered clear data-driven actionable insights based on the inventory conducted to answer business questions from different perspectives, such as:
​
Management: To steer the rollout of Copilot to those parts of the business with sufficient maturity.
Operations: Basis for administrations to manage specific risks and regulatory requirements.
Facts: Nacka Municipality
Scope & Environment:Complete scan of central M365 tenant (SharePoint, Teams, OneDrive, Email)
Data volume: Millions of objects analyzed to identify business-critical and sensitive information as well as ROT data (Redundant, Obsolete, Trivial)
Policy Violations: Identification of sensitive data that is handled in violation of applicable information security policies, including how files are shared or emailed.
Technical integration: Connection to Microsoft Purview for execution of auto-labeling of sensitivity labels.
Time taken: From initial scan to available data in the report module in under 4 weeks.
Result: 100% fact-based decision support for safe rollout of Copilot to prioritized business areas. Inventory and classification of unstructured information in connected systems.