How Nelson Mullins is using Microsoft Copilot without the risk of oversharing
Established in 1897, Nelson Mullins is an Am Law 100 firm of more than 1,000 attorneys, policy advisors and professionals with 33 offices in 17 states and Washington, D.C.
Microsoft Copilot promises to be a transformative tool for professional services firms. But this generative AI tool can share confidential information with unauthorized firm personnel if data permissions aren’t appropriately established, monitored, and maintained.
Am Law 100 law firm Nelson Mullins has taken steps to eliminate this risk. The firm is using Intapp Walls to establish, maintain, and enforce accurate permissions for client/matter data across various data sources that are indexed and searched by Microsoft Copilot.
Nelson Mullins uses Intapp Walls to ensure Microsoft Copilot doesn’t surface protected information
The oversharing risk with Microsoft Copilot
Microsoft Copilot is a generative AI tool that firms can “point” at various applications; that is, firms can designate which data sources the AI draws from in fulfilling requests.
Microsoft Copilot needs to draw from certain sources for its outputs to be accurate and helpful. For example, if a user asks Microsoft Copilot to summarize legal arguments their firm has previously made in product liability cases, Microsoft Copilot will need access to the firm’s work product in this area for its output to be useful.
But as a firm gives Microsoft Copilot access to an increasing amount of data, the need to ensure that permissions are correctly set — and maintained — around that data becomes even more critical. Otherwise, a Microsoft Copilot user may enter a request, and Copilot’s output may include confidential information that the firm meant to prevent a user from seeing.
Because we use Intapp Walls to enforce access rules across our networks and applications, I can confidently point Microsoft Copilot wherever we want, and Microsoft Copilot will pull only from matters that the user has permission to access.
TORIE CARRILLO, APPLICATIONS MANAGER AT NELSON MULLINS
How Nelson Mullins prevents oversharing
Nelson Mullins prevents this Microsoft Copilot oversharing possibility with Intapp Walls. Before implementing Microsoft Copilot, the firm had been using Intapp Walls for many years to monitor and enforce permissions for each of its matters.
Intapp Walls enforces these permissions in all firm applications and systems. That is, if a user is prohibited from viewing specific data and files, that data’s location — whether the firm’s document management system, Microsoft Teams, or some other application — doesn’t matter. Intapp Walls will block access across all applications.
Likewise, Intapp Walls prevents Microsoft Copilot from surfacing data to firm members who shouldn’t have access to the material. That is, even if Microsoft SharePoint permissions incorrectly indicate the user is permitted to see the data, Intapp Walls will apply its permissions rules to override Microsoft SharePoint and enforce confidentiality barriers. And this security is applied across firm systems, including Microsoft SharePoint, Outlook, Teams, and the firm’s document management system.
“Because we use Intapp Walls to enforce access rules across our networks and applications, I can confidently point Microsoft Copilot wherever we want,” says Torie Carrillo, Applications Manager at Nelson Mullins. “And Microsoft Copilot will pull only from matters that the user has permission to access.”
Presently, as the firm ramps up its use of Microsoft Copilot, Nelson Mullins is pointing the AI tool only at Microsoft tenant data, such as the data found in Microsoft Outlook, OneDrive, and Teams. But, because of the confidence that Nelson Mullins has in Intapp Walls, the firm plans to point Microsoft Copilot at other data sources as well, including their document management system, NetDocuments.
When Nelson Mullins connects Microsoft Copilot to NetDocuments via NetDocuments’ Copilot plugin, that connection won’t create oversharing risks because, as Carrillo explains, Intapp Walls “already secures NetDocuments.”
If your firm would like to learn more about how Intapp Walls can help you implement Microsoft Copilot without creating an oversharing problem, please schedule a demo.