As firms take on new clients and engagements, they need to ensure that all corresponding data remains secure and properly structured. Typically, firms create client/engagement structures across dozens of management systems, such as Microsoft Teams, SharePoint, and their own CMS. But with so much information dispersed across so many systems, firm professionals often struggle to locate the exact data they need, diminishing their productivity.
That’s where Microsoft Copilot helps. Copilot is a generative AI assistant for Microsoft 365 that combines the power of large language models (LLMs) with your firm’s own data. Users simply type in the information they’re looking for, and Copilot will pull all relevant data from across your various Microsoft 365 applications to generate a response.
With Copilot, your teams no longer have to manually search across each individual management system for data — giving them more time to work on engagements and support their clients. But there’s still a key concern that teams need to watch out for: oversharing data.
Without the right permissions and tools in place, firms that use Copilot risk oversharing sensitive data. We’ll explore how you can prevent Copilot from sharing confidential information with your professionals — so your teams can securely and confidently work on their engagements.
The problem: Inadvertently sharing confidential data
Setting permissions within your client/engagement structures is crucial to protecting your firm’s reputation and client relationships. Imagine, for example, that Client A found out you shared some of its confidential data with Client B, a rival company. Not only would Client A likely terminate business with your firm, they might sue as well, depending on the nature of the data that was shared.
Clients need to know that their sensitive information is secure, and that only professionals assigned to their engagements can access that data. If permissions and walls aren’t established within your data systems, your professionals risk noncompliance, conflicts of interest, and insider trading.
Unfortunately, many firms still struggle with permissions management. And for firms using Copilot, the risk of unauthorized access is exacerbated.
Previously, even if someone could access restricted data, they would often be unaware that that data even existed. So there was a lower risk of professionals accessing and sharing this information.
But Copilot can’t recognize when a firm has incorrect permissions in place, or when one of your professionals has access to the wrong client/engagement structure. It will simply provide the data that the permissions structure allows.
To compound the problem, Copilot doesn’t tell users what data was pulled from which structure: It simply provides as much relevant information as possible. This means your professionals may be using and sharing confidential information without even realizing it.
The solution: Securing your systems with Intapp Walls for Copilot
To ensure Copilot doesn’t share sensitive data, you need to secure your firm’s multiple proprietary systems and ensure that permissions settings are correctly implemented. Then, you can be confident that the permissions that Copilot reads are correct and up to date.
But what’s the best way to implement these walls? And how can you update them as permissions change?
Potentially, your IT team could go through every one of your data management systems and manually implement permissions — a long, arduous process that IT would have to repeat every time your firm brings on a new engagement, client, or staff member.
There’s a much simpler way: using Intapp Walls for Copilot to uphold and update your permissions.
Intapp Walls for Copilot lets your risk team easily review and manage the data that Copilot indexes and accesses. Your risk professionals can write up, implement, and edit permissions across Microsoft 365 and
other systems — all in one place. And they can easily track and update permissions for your voluminous set of client/engagement structures — saving them valuable time and effort.
Intapp Walls for Copilot applies policies across Microsoft 365 using each application’s native security controls, which Copilot adheres to. The software also serves as the authoritative source of permissions and uses built-in monitoring to prevent unauthorized modifications. This means that professionals can’t change permissions in any management system themselves.
Intapp Walls for Copilot also offers the Oversharing Risk Assessment feature, which evaluates your firm’s sites to highlight potential oversharing risks. For example, the feature will mark a site as high-risk if it contains sensitive information and is accessible to a high number of people within your firm. This feature helps your professionals quickly determine which permissions need strengthening, and promotes better security across all systems.
Work more efficiently and securely
Professionals need to be able to efficiently collaborate on client engagements without fear of oversharing data. By combining Microsoft Copilot and Intapp Walls for Copilot, your professionals can quickly access the data they need while adhering to your firm’s permissions and security policies.
To further promote security, your firm can also leverage our Intapp Collaboration products, which help properly store and organize any incoming data within your client/engagement models. Intapp Collaboration products — which include Intapp Documents and Intapp Workspaces — also help automate and maintain security policies across Microsoft 365, allowing your teams to safely and confidently collaborate within their workspaces. Protect your client’s sensitive information — and your firm’s reputation. Schedule a demo to learn more about Intapp Walls for Copilot.