Contact Us

Case Studies Category: M365

Protecting Sensitive OT and IT Assets with Forcepoint DLP

Overview

A mid-sized energy company operated in Norway, Sweden, Germany, and Denmark, with about 3,000 employees. The company saw increasing pressure to protect its key assets like sensitive OT data, intellectual property in energy production, sensitive operational data, and customer records.

Our team launched a phased security strategy with Forcepoint DLP, protecting data across endpoints, servers, email, and cloud. This provided the company with stronger oversight and control without slowing down daily operations.

Client Background

The client is a mid-sized energy company operating across Norway, Sweden, Germany, and Denmark with nearly 3,000 employees. Their teams work with sensitive OT data, intellectual property, operational records, and customer information across a complex mix of IT and OT systems, requiring careful management and strong governance across the organization.

Challenges

  • Risk of data leaks and misuse due to unsecured sharing of SCADA, OT configurations, and regulatory files.
  • Non-compliance due to increasing difficulty in meeting NIST, NERC CIP, and GDPR requirements.
  • Blind spots due to a lack of unified tracking for how sensitive files were stored, accessed, or transferred.
  • Inconsistent protection due to mixed infrastructure across on-prem servers, virtualization, Citrix VDI, Windows endpoints, and Linux-based OT systems.
  • Operational disruption due to the need for strong data protection without affecting energy workflows or system performance.

Solutions

To address the rising risks and compliance demands, the company adopted Forcepoint DLP as the backbone of its data protection strategy.
  • Phase 1: Assessment & Planning
    We began with data discovery to locate sensitive files across IT and OT systems, then defined policies for PII, intellectual property, and regulatory data.
  • Phase 2: Implementation
    Deployed Endpoint DLP agents across 2,500 systems. Role-based policies integrated with Active Directory gave precise control.
  • Phase 3: Optimization & Training
    Refined DLP policies to reduce false positives. Incident response workflows were embedded into ServiceNow, creating better security practices.

Business Value Propositions

  • Blocked unauthorized transfers of SCADA files, project designs, and sensitive operational data.
  • Strengthened compliance with auditable reporting aligned to NERC CIP and NIST standards.
  • Embedded security controls without slowing down daily operational workflows.
  • Improved oversight with a unified dashboard across endpoints, servers, email, and cloud.
  • Advanced Zero Trust adoption with a solid DLP foundation across the enterprise.

Future Perspectives

Krish started with discovery scans, adjusted policies, and connected the system smoothly. The client teams could then handle risks, follow rules better, and protect data without added work. This set them up to move toward Zero Trust and face future challenges.

Advanced Microsoft 365 Compliance Through Purview DLP Enforcement

Overview 

A mid-sized energy distribution company in Australia, with about 750 employees, ran its entire operation on Microsoft 365 in the cloud. Their systems handled everything, from customer billing and HR info to engineering plans and critical SCADA documents. They wanted better control over data in Exchange, SharePoint, OneDrive, and Teams. That’s where we helped them by aligning Microsoft 365 with necessary regulations to prevent data leaks and protect their intellectual property. 

Client Background

The customer is a mid-sized energy firm in Australia that uses Microsoft 365 for most of its daily operations. Their teams handle data related to critical operating systems, engineering documentation, HR records, and customer information. They encountered increasing demands to comply with the Australian Privacy Act, APRA CPS 234, and the SOCI Act as their operations grew and more procedures moved to the cloud. 

Challenges 

  • Contractors and external partners needed regular access to operational files, but unsafe sharing raised the risk of exposing critical data.  
  • The information moved across Exchange, Teams, or OneDrive difficult to follow and track, creating blind spots.  
  • Existing security manuals were mostly reactive, providing room for attacks. 
  • Lack of proper data handling by employees caused unintentional data leakage risks. 
  • With regulations becoming strict, even small mistakes could lead to serious compliance issues or cost them dollars.  
  • Risk of being non-compliant with strict regulations & compliance, and fear of financial penalties. 
  • Insufficient protection of intellectual property led to the vulnerability of engineering blueprints and SCADA documentation. 

Solutions 

They adopted Microsoft Purview DLP as the backbone for protecting sensitive data. The rollout was carried out in carefully planned phases that balanced security needs with everyday operations.  

  • Phase 1: Assessment & Discovery 
    Identification of sensitive data types with Purview Content Explorer and Activity Explorer.  
  • Phase 2: Policy Design 
    Creation of custom SITs (Sensitive Information Types) for SCADA and engineering data, configuring policies with policy tips to guide user behavior.  
  • Phase 3: Pilot 
    Deployment of audit-only policies across risk-prone departments, evaluation of false positives, and refinement through engineering feedback.  
  • Phase 4: Rollout 
    Organization-wide activation of policies across Exchange, Teams, SharePoint, and OneDrive, integrating with conditional access and Defender for cloud apps, supported by staff and contractor training programs.  
  • Phase 5: Monitoring & Optimization 
    Ongoing incident reviews through the Purview Compliance portal, compliance reporting to leadership, and quarterly SIT updates. 

Business Value Propositions 

  • 70% reduction in accidental external data sharing within 3 months.  
  • Improved user awareness with policy tips.  
  • Reduced audit complexity under APRA CPS 234 and the Privacy Act via strong compliance. 
  • Maintained engineer productivity while enabling controlled vendor collaboration. 
  • Compliance officers ensured policies met both regulatory mandates and core business priorities. 

Final Perspective

We improved how the company protected and controlled its data across Microsoft 365. Our work reduced accidental sharing, strengthened compliance, secured engineering and SCADA files, and helped employees handle sensitive information with more confidence and fewer risks.

Reducing Data Leaks and Enabling Compliance with Microsoft Purview

Overview

One of the top private universities was aiming to upgrade how its community worked and learned together. With almost 500 staff, teachers, and researchers, they rolled out Microsoft 365, bringing in tools like SharePoint, OneDrive, Exchange Online, and Teams to make daily work smoother and more connected. We helped the university gain control over sensitive data without disturbing collaboration. Our team worked closely with IT leaders to reduce accidental data sharing and build a secure, compliant environment.

Challenges 

  • Growing pressure to protect student PII, health records, and sensitive research data without slowing down collaboration. 
  • The environment previously failed to fully meet the strict compliance requirements of FERPA and HIPAA.
  • Frequent accidental data sharing via email, Teams, and cloud storage posed a high risk of exposure. 
  • Faculty and staff lacked awareness of data sensitivity, leading to uncontrolled file sharing. 
  • Collaboration on research sites led to instances of confidential academic data exposure.
  • IT teams had little or no visibility into whether social security numbers, grades, or health details were leaving the system. 
  • The absence of centralized Data Loss Prevention (DLP) controls made it difficult to implement consistent policies across the Microsoft 365 environment.

Our Solutions

Designed a phased approach that balanced compliance, security, and user adoption. The roadmap ensured sensitive data was discovered, policies were aligned to regulations, and staff were guided through proper transition.
Phase 1: Assessment
Worked with IT, compliance, and academic leaders to understand risks and identify sensitive data types like SSNs and health records and used Microsoft Purview tools to map where this data lived.
Phase 2: Policy Design 
Created DLP policies for FERPA and HIPAA compliance, set up sensitivity labels, and built policy tips that educated users before enforcement to encourage awareness.
Phase 3: Pilot
Tested the policies in audit mode with a department, gathered feedback on false positives, and fine-tuned the thresholds and exceptions to ensure accuracy.
Phase 4: Rollout 
DLP policies were expanded across all 500+ users, with blocking for high-risk data, overrides for research collaboration, and training sessions for faculty and staff.
Phase 5: Monitoring & Optimization 
Set up continuous monitoring in the Purview Compliance Portal, quarterly reviews with IT and legal, and added new policies as research and compliance needs evolved.

Business Value Propositions 

  • Clear visibility into sensitive data transactions across Exchange, Teams, SharePoint, and OneDrive.  
  • Accidental data leaks reduced by nearly 80% within the first 3 months.  
  • Faculty and staff awareness strengthened through real-time policy tips. 
  • Compliance readiness achieved for upcoming FERPA and HIPAA audits. 
  • Detailed reporting simplified compliance reviews. 

Final Perspective  

We helped the university move to a safe & compliant environment and helped everyone adapt to audit-only mode and permitting overrides. This solid base allows the university to expand DLP for a safe and secure support system and prepare them for any future research and compliance difficulties. 

Building an Automated Prompt Intelligence System for Enterprise Banking

Overview

A leading bank based in Singapore wanted to run an innovation event where people could try prompt writing and see how well their prompts performed in real time using a live Copilot setup. 

The bank needed a smooth, quick, and reliable implementation. Our team stepped in to design a complete Copilot implementation using Microsoft 365 tools and Copilot Agent Flow. They needed a simple implementation that combined automation, quick scoring, and centralized reporting to support their internal teams and event visitors. 

Client Background

The client was one of Asia’s leading financial institutions, known for its focus on digital and customer-first services. For its innovation event, the bank joined hands with us to show how prompt quality can impact real AI results. They wanted an experience that would guide attendees, give them real results instantly, and help the bank collect clean insights without any manual effort. 

Challenges 

  • Slow and manual scoring: Event teams struggled to review prompts quickly as each assessment took time and impacted the quality of engagement during live sessions. 
  • Scattered event data: Prompt submissions, user details, and accuracy results were stored across multiple locations. Hence, it was difficult for teams to analyze patterns, compare inputs, or create a complete view after the event. 
  • Uneven participant experience: Attendees wanted instant scoring, but manual processes could not support it. 
  • Limited visibility for event staff: Teams had no clear way to monitor submission volume or prompt quality. Without a live dashboard, they could not see trends or understand how users interacted with the activity. 

Solutions 

  • Automated Copilot Agent Flow: The entire scoring process was powered by a structured Copilot Agent Flow, hence, the manual scoring was removed and gave consistent results for every participant. 
  • QR-based submission process: Implemented a QR code that captured basic details and the user’s prompt, then stored everything in Excel automatically which reduced turn over time and provided event teams accurate data without any manual handling. 
  • Instant scoring and email delivery: New entry and triggers were automated after form submission through Power Automate. Each participant received a personalized score with improvement suggestions within moments. 
  • Centralized SharePoint and Excel logging: The data was stored in a connected Excel file and SharePoint list. It also created a clean audit trail for future use.

Tech Stack 

  • Microsoft 365 Copilot Agent Flow 
  • Power Automate 
  • SharePoint Online 
  • Excel Online 
  • Power BI 
  • Outlook Connector 

Business Values

  • Speed and efficiency: Processing time dropped from around 5 minutes to 10–15 seconds, and manual effort was reduced by over 90%.
  • Scalability: The system can manage more than 1000 submissions with around a 99% success rate, running each flow in seconds while supporting multiple users at the same time.
  • AI Analysis Quality: Prompts averaged a score of 82, with strong performance in intent and goal setting.
  • Reusable Setup: The same model can support future events or internal teams with minimal changes.

Future Scope 

This setup gives the bank a strong base to build richer AI-driven experiences. The project opened doors for broader AI services adoption across the bank. The next steps include adding real-time Power BI dashboards so teams can see live activity and trends during events. With these additions, the bank plans to support more events, internal programs, and customer interactions, making AI feedback a natural part of daily operations across the bank. 

 

Securing a High-Risk Manufacturer with Zero Trust and Compliance

Overview

An IP-sensitive manufacturer operating in a high-risk sector moved from daily exposure to a zero-trust, audit-ready security posture in less than a quarter. With Krish’s expertise in Microsoft 365 security and compliance, they secured all users and devices, enforced strict data controls, and regained eligibility for client contracts they were at risk of losing.

Client Background

The client is a leading manufacturer serving high-tech industries, operating in an IP-sensitive and regulated environment. The organization manages complex projects, supports distributed teams, and works closely with enterprise customers that expect strong security, governance, and regulatory alignment across all operations.

Problems 

  • Sensitive IP was Exposed: Project files and client documents were shared over WhatsApp and personal email without encryption or control.
  • Competitors Exploited Insider Access: Temporary hires planted by rivals extracted information and returned to their original firms.
  • No Device or Policy Governance: Unlicensed tools and unprotected laptops led to non-compliance with ISO 27001 and SOC 2 requirements.

Solutions 

  • Device Audit and Hardening: Krish scanned all endpoints, rebuilt 100+ systems with secure images, and enforced encryption, BIOS lock, and firewall policies.
  • Microsoft 365 Rollout: Secure collaboration was enabled with Teams, SharePoint, OneDrive, and Exchange Online, replacing all unsecured tools.
  • Full Security Governance: Defender, Intune, and Purview delivered real-time protection, data classification, and conditional access enforcement.

Business Value 

  • Zero-trust architecture is now standard across all users and devices.
  • Client contracts were protected with ISO 27001 and SOC 2 compliance alignment.
  • Data leaks and insider threats have been eliminated with centralized governance.
  • All employees now work on encrypted, policy-compliant, company-managed devices.
  • Security became a foundation for trust, continuity, and future scalability.

This transformation helped the client regain control of its digital infrastructure. With full visibility, compliance alignment, and secure digital operations, they now lead with confidence in a highly regulated industry.

Modern Intranet: How Cincinnati State’s Intranet was Transformed to Meet Evolving Needs

Overview

Cincinnati State Technical and Community College needed to modernize its outdated intranet platform. The institution faced collaboration challenges due to siloed departments and a gap between current technology and future needs. Krish Services Group developed a modern intranet solution to enhance efficiency, connectivity, and scalability.

Client Background

The community college is a well-established higher education institution focused on accessible learning and workforce development. With multiple departments and users, the college uses a Microsoft 365 intranet to support campus-wide communication, collaboration, and centralized access to information.

Problems 

  • Outdated Intranet Technology: The current system lacked integration with new technologies. 
  • Siloed Systems: Departments operated independently without unified communication. 
  • Lack of Collaboration: The outdated system hindered collaboration among staff members. 
  • Limited Access: Employees faced difficulties in accessing important information remotely. 

Solutions 

  • Modern SharePoint Intranet: Krish Services Group implemented Microsoft SharePoint Online as their new platform. 
  • Unified Communication Platform: Integrated various departmental systems into one cohesive unit. 
  • Enhanced Collaboration Tools: Introduced tools like Microsoft Teams for better teamwork. 
  • Remote Access Capability: Enabled secure remote access so employees could work from anywhere. 

Business Value 

  • Increased Efficiency: Built on a platform that integrates seamlessly with other Microsoft products. 
  • Improved Collaboration: Unified communication tools foster better teamwork across departments. 
  • Scalability & Flexibility: Future-proof solution adaptable to evolving needs. 
  • Cost Savings: Reduced maintenance costs associated with outdated systems. 

“The vendor of our previous intranet announced it would reach end-of-life in twelve months. We selected Krish through an RFP process, and their team proved to be the experts we needed. They guided us through reviewing our existing intranet, educated our implementation team on the possibilities of SharePoint, and helped us build a solution that was delivered on time, within budget, and immediately embraced by the campus community.”, said a key stakeholder at Cincinnati State.

 

Cincinnati Case Study

Healthcare Workflow Automation Improving Care Coordination and Patient Outcomes

Overview

We partnered with three healthcare organizations to improve care delivery by streamlining provider communication, strengthening patient engagement, and enabling proactive remote monitoring through secure, integrated digital solutions that supported real-time collaboration, early interventions, and better clinical decision-making across care teams.

Client Background

The clients are reputable healthcare institutions that provide clinical services to a variety of patient demographics. With a strong emphasis on patient safety, care quality, and uniform healthcare experiences across venues, they oversee complicated care environments with several providers, remote patients, and continuous treatment plans.

Challenges

1. Fragmented Communication and Coordination

  • Inefficient communication channels among healthcare providers.
  • Lack of real-time collaboration impacting patient care and safety.
  • Difficulty in securely sharing patient information.

2. Limited Patient Engagement and Adherence

  • Low patient engagement leading to poor health outcomes.
  • Inadequate adherence to treatment plans and medication regimens.
  • Insufficient personalized resources for patients to manage their health
    effectively.

3. Inefficient Remote Monitoring Systems

  • Gaps in remote monitoring resulting in delayed interventions.
  • Inability to proactively monitor and manage patient conditions remotely.
  • Increased healthcare costs due to frequent hospital readmissions.

Solutions

1. Integrated Communication and Collaboration Platforms

  • Streamlined communication channels for healthcare providers.
  • Real-time collaboration tools for care teams to improve coordination.
  • Secure sharing of patient information for efficient decision-making.

2. Personalized Patient Engagement Programs

  • Tailored resources and tools to increase patient engagement.
  • Patient education materials & interactive platforms for self-management.
  • Automated reminders & notifications to improve treatment adherence.

3. Proactive Remote Monitoring Systems

  • Remote monitoring devices & platforms for regular patient data collection.
  • Advanced analytics to detect early warning signs & trigger interventions.
  • Integration with electronic health records for comprehensive patient insights.

Benefits

  • Enhanced Care Coordination and Patient Safety.
  • Increased Patient Engagement and Adherence.
  • Cost Savings and Improved Efficiency.

SharePoint Site Provisioning for Global Power Company

Overview

A global power company required governance consulting and site provisioning frameworks for their SharePoint environments to support compliance needs and streamline site creation processes while scaling. Krish Services Group created a smart governance strategy & delivered a structured consulting engagement to meet these needs.

Background

Our client is a global power management company that delivers energy-efficient solutions to customers worldwide. Managing internal collaboration systems like SharePoint was crucial to secure and compliant operations.

Challenge

  • Unstructured Site Provisioning: Governance issues caused inconsistent SharePoint site creation procedures.
  • Compliance Difficulties: Tenant environments had to be assessed in relation to ITAR and legal regulations.
  • Ineffective SharePoint Development: Slow productivity due to absence of standards in application development.

Solution

Krish provided consulting services and a site provisioning framework for their on-premises and Office 365 SharePoint environment.

  • Governance Consulting: Performed tenant assessments and recommended standardized governance frameworks.
  • Site Provisioning Framework: Implemented rule-based provisioning frameworks to ensure consistent, compliant site creation.
  • Development Best Practices: Established guidelines to enhance SharePoint solution development.

Technology In Use

  • Office 365
  • SharePoint Server
  • SharePoint Framework (SPFx)
  • Visual Studio
  • SQL Server

Business Value Proposition

  • Reduced compliance and operational risks across global SharePoint environments.
  • Improved visibility and control over enterprise collaboration assets.
  • The governance model is scalable and supports the growth of global businesses.

The Way Forward

  • SharePoint Site Design
  • SharePoint Application Development
  • Governance Consulting

Product Evaluation Platform for Construction Material Supplier

Overview

Our client, a key supplier in the construction materials sector, needed a modern solution to facilitate internal collaboration and manage new product evaluations, supporting contractors and field teams for fast information, clear communication, and timely product evaluations.

Client Background

Our client is a regional distributor specializing in construction supplies in the US. Efficient internal communication and rapid product evaluation processes were critical to maintaining a competitive edge.

Challenges

  • Aging SharePoint Environment: Identified scalability limitations in the legacy SharePoint 2003 intranet and prioritized modernization.
  • Fragmented Product Evaluation Processes: Eliminated unstructured workflows by implementing a centralized system for product consideration.
  • Information Silos: Broke down departmental barriers through integrated communication structures.

Solution

Krish designed and developed a new intranet and a custom product evaluation solution on Office 365 for Phipps, catering to their above requisite.

  • Legacy Data Migration: Migrated legacy data from an existing SharePoint 2003 intranet to a new intranet on SharePoint Online.
  • Intranet Architecture & Governance: Designed the information architecture and governance of the new intranet and configured the hub site structure.
  • Product Suggestion App: Designed and developed an app for employees to introduce for consideration of new products to stock.

Technology In Use

  • SharePoint Online
  • PowerApps
  • Microsoft Flow
  • Sharegate

Business Value Proposition

  • Faster internal decision-making on new product introductions.
  • Centralized access to product information and internal updates.
  • Scalable intranet supporting future business growth.

The Way Forward

  • Intranet design
  • Information architecture and governance
  • SharePoint Migration
  • Custom app development
  • Office 365 configuration