We strengthened the company’s data protection policies across IT and OT systems with Forcepoint DLP.
Overview
A mid-sized energy company operated in Norway, Sweden, Germany, and Denmark, with about 3,000 employees. The company saw increasing pressure to protect its key assets like sensitive OT data, intellectual property in energy production, sensitive operational data, and customer records.
Our team launched a phased security strategy with Forcepoint DLP, protecting data across endpoints, servers, email, and cloud. This provided the company with stronger oversight and control without slowing down daily operations.
Client Background
The client is a mid-sized energy company operating across Norway, Sweden, Germany, and Denmark with nearly 3,000 employees. Their teams work with sensitive OT data, intellectual property, operational records, and customer information across a complex mix of IT and OT systems, requiring careful management and strong governance across the organization.
Challenges
- Risk of data leaks and misuse due to unsecured sharing of SCADA, OT configurations, and regulatory files.
- Non-compliance due to increasing difficulty in meeting NIST, NERC CIP, and GDPR requirements.
- Blind spots due to a lack of unified tracking for how sensitive files were stored, accessed, or transferred.
- Inconsistent protection due to mixed infrastructure across on-prem servers, virtualization, Citrix VDI, Windows endpoints, and Linux-based OT systems.
- Operational disruption due to the need for strong data protection without affecting energy workflows or system performance.
Solutions
To address the rising risks and compliance demands, the company adopted Forcepoint DLP as the backbone of its data protection strategy.
- Phase 1: Assessment & Planning
We began with data discovery to locate sensitive files across IT and OT systems, then defined policies for PII, intellectual property, and regulatory data.
- Phase 2: Implementation
Deployed Endpoint DLP agents across 2,500 systems. Role-based policies integrated with Active Directory gave precise control.
- Phase 3: Optimization & Training
Refined DLP policies to reduce false positives. Incident response workflows were embedded into ServiceNow, creating better security practices.
Business Value Propositions
- Blocked unauthorized transfers of SCADA files, project designs, and sensitive operational data.
- Strengthened compliance with auditable reporting aligned to NERC CIP and NIST standards.
- Embedded security controls without slowing down daily operational workflows.
- Improved oversight with a unified dashboard across endpoints, servers, email, and cloud.
- Advanced Zero Trust adoption with a solid DLP foundation across the enterprise.
Future Perspectives
Krish started with discovery scans, adjusted policies, and connected the system smoothly. The client teams could then handle risks, follow rules better, and protect data without added work. This set them up to move toward Zero Trust and face future challenges.
Sensitive, engineering, and operational data were protected throughout the company through Microsoft 365 data control.
Overview
A mid-sized energy distribution company in Australia, with about 750 employees, ran its entire operation on Microsoft 365 in the cloud. Their systems handled everything, from customer billing and HR info to engineering plans and critical SCADA documents. They wanted better control over data in Exchange, SharePoint, OneDrive, and Teams. That’s where we helped them by aligning Microsoft 365 with necessary regulations to prevent data leaks and protect their intellectual property.
Client Background
The customer is a mid-sized energy firm in Australia that uses Microsoft 365 for most of its daily operations. Their teams handle data related to critical operating systems, engineering documentation, HR records, and customer information. They encountered increasing demands to comply with the Australian Privacy Act, APRA CPS 234, and the SOCI Act as their operations grew and more procedures moved to the cloud.
Challenges
- Contractors and external partners needed regular access to operational files, but unsafe sharing raised the risk of exposing critical data.
- The information moved across Exchange, Teams, or OneDrive difficult to follow and track, creating blind spots.
- Existing security manuals were mostly reactive, providing room for attacks.
- Lack of proper data handling by employees caused unintentional data leakage risks.
- With regulations becoming strict, even small mistakes could lead to serious compliance issues or cost them dollars.
- Risk of being non-compliant with strict regulations & compliance, and fear of financial penalties.
- Insufficient protection of intellectual property led to the vulnerability of engineering blueprints and SCADA documentation.
Solutions
They adopted Microsoft Purview DLP as the backbone for protecting sensitive data. The rollout was carried out in carefully planned phases that balanced security needs with everyday operations.
- Phase 1: Assessment & Discovery
Identification of sensitive data types with Purview Content Explorer and Activity Explorer.
- Phase 2: Policy Design
Creation of custom SITs (Sensitive Information Types) for SCADA and engineering data, configuring policies with policy tips to guide user behavior.
- Phase 3: Pilot
Deployment of audit-only policies across risk-prone departments, evaluation of false positives, and refinement through engineering feedback.
- Phase 4: Rollout
Organization-wide activation of policies across Exchange, Teams, SharePoint, and OneDrive, integrating with conditional access and Defender for cloud apps, supported by staff and contractor training programs.
- Phase 5: Monitoring & Optimization
Ongoing incident reviews through the Purview Compliance portal, compliance reporting to leadership, and quarterly SIT updates.
Business Value Propositions
- 70% reduction in accidental external data sharing within 3 months.
- Improved user awareness with policy tips.
- Reduced audit complexity under APRA CPS 234 and the Privacy Act via strong compliance.
- Maintained engineer productivity while enabling controlled vendor collaboration.
- Compliance officers ensured policies met both regulatory mandates and core business priorities.
Final Perspective
We improved how the company protected and controlled its data across Microsoft 365. Our work reduced accidental sharing, strengthened compliance, secured engineering and SCADA files, and helped employees handle sensitive information with more confidence and fewer risks.
We helped the university reduce accidental exposure, meet FERPA and HIPAA requirements, and improve awareness.
Overview
One of the top private universities was aiming to upgrade how its community worked and learned together. With almost 500 staff, teachers, and researchers, they rolled out Microsoft 365, bringing in tools like SharePoint, OneDrive, Exchange Online, and Teams to make daily work smoother and more connected. We helped the university gain control over sensitive data without disturbing collaboration. Our team worked closely with IT leaders to reduce accidental data sharing and build a secure, compliant environment.
Challenges
- Growing pressure to protect student PII, health records, and sensitive research data without slowing down collaboration.
- The environment previously failed to fully meet the strict compliance requirements of FERPA and HIPAA.
- Frequent accidental data sharing via email, Teams, and cloud storage posed a high risk of exposure.
- Faculty and staff lacked awareness of data sensitivity, leading to uncontrolled file sharing.
- Collaboration on research sites led to instances of confidential academic data exposure.
- IT teams had little or no visibility into whether social security numbers, grades, or health details were leaving the system.
- The absence of centralized Data Loss Prevention (DLP) controls made it difficult to implement consistent policies across the Microsoft 365 environment.
Our Solutions
Designed a phased approach that balanced compliance, security, and user adoption. The roadmap ensured sensitive data was discovered, policies were aligned to regulations, and staff were guided through proper transition.
Phase 1: Assessment
Worked with IT, compliance, and academic leaders to understand risks and identify sensitive data types like SSNs and health records and used Microsoft Purview tools to map where this data lived.
Phase 2: Policy Design
Created DLP policies for FERPA and HIPAA compliance, set up sensitivity labels, and built policy tips that educated users before enforcement to encourage awareness.
Phase 3: Pilot
Tested the policies in audit mode with a department, gathered feedback on false positives, and fine-tuned the thresholds and exceptions to ensure accuracy.
Phase 4: Rollout
DLP policies were expanded across all 500+ users, with blocking for high-risk data, overrides for research collaboration, and training sessions for faculty and staff.
Phase 5: Monitoring & Optimization
Set up continuous monitoring in the Purview Compliance Portal, quarterly reviews with IT and legal, and added new policies as research and compliance needs evolved.
Business Value Propositions
- Clear visibility into sensitive data transactions across Exchange, Teams, SharePoint, and OneDrive.
- Accidental data leaks reduced by nearly 80% within the first 3 months.
- Faculty and staff awareness strengthened through real-time policy tips.
- Compliance readiness achieved for upcoming FERPA and HIPAA audits.
- Detailed reporting simplified compliance reviews.
Final Perspective
We helped the university move to a safe & compliant environment and helped everyone adapt to audit-only mode and permitting overrides. This solid base allows the university to expand DLP for a safe and secure support system and prepare them for any future research and compliance difficulties.
For a Singapore bank’s event, we built a Copilot Agent for automated testing of prompts.
Overview
A leading bank based in Singapore wanted to run an innovation event where people could try prompt writing and see how well their prompts performed in real time using a live Copilot setup.
The bank needed a smooth, quick, and reliable implementation. Our team stepped in to design a complete Copilot implementation using Microsoft 365 tools and Copilot Agent Flow. They needed a simple implementation that combined automation, quick scoring, and centralized reporting to support their internal teams and event visitors.
Client Background
The client was one of Asia’s leading financial institutions, known for its focus on digital and customer-first services. For its innovation event, the bank joined hands with us to show how prompt quality can impact real AI results. They wanted an experience that would guide attendees, give them real results instantly, and help the bank collect clean insights without any manual effort.
Challenges
- Slow and manual scoring: Event teams struggled to review prompts quickly as each assessment took time and impacted the quality of engagement during live sessions.
- Scattered event data: Prompt submissions, user details, and accuracy results were stored across multiple locations. Hence, it was difficult for teams to analyze patterns, compare inputs, or create a complete view after the event.
- Uneven participant experience: Attendees wanted instant scoring, but manual processes could not support it.
- Limited visibility for event staff: Teams had no clear way to monitor submission volume or prompt quality. Without a live dashboard, they could not see trends or understand how users interacted with the activity.
Solutions
- Automated Copilot Agent Flow: The entire scoring process was powered by a structured Copilot Agent Flow, hence, the manual scoring was removed and gave consistent results for every participant.
- QR-based submission process: Implemented a QR code that captured basic details and the user’s prompt, then stored everything in Excel automatically which reduced turn over time and provided event teams accurate data without any manual handling.
- Instant scoring and email delivery: New entry and triggers were automated after form submission through Power Automate. Each participant received a personalized score with improvement suggestions within moments.
- Centralized SharePoint and Excel logging: The data was stored in a connected Excel file and SharePoint list. It also created a clean audit trail for future use.
Tech Stack
- Microsoft 365 Copilot Agent Flow
Business Values
- Speed and efficiency: Processing time dropped from around 5 minutes to 10–15 seconds, and manual effort was reduced by over 90%.
- Scalability: The system can manage more than 1000 submissions with around a 99% success rate, running each flow in seconds while supporting multiple users at the same time.
- AI Analysis Quality: Prompts averaged a score of 82, with strong performance in intent and goal setting.
- Reusable Setup: The same model can support future events or internal teams with minimal changes.
Future Scope
This setup gives the bank a strong base to build richer AI-driven experiences. The project opened doors for broader AI services adoption across the bank. The next steps include adding real-time Power BI dashboards so teams can see live activity and trends during events. With these additions, the bank plans to support more events, internal programs, and customer interactions, making AI feedback a natural part of daily operations across the bank.
An IP-sensitive manufacturer operating in a high-risk sector moved from daily exposure to a zero-trust, audit-ready security posture in less than a quarter. With Krish’s expertise in Microsoft 365 security and compliance, they secured all users and devices, enforced strict data controls, and regained eligibility for client contracts they were at risk of losing.
Client Background
A leading manufacturing company catering to high-tech industries was operating with minimal IT governance. As project complexity grew, so did the risks such as unsecured communications, unmanaged endpoints, and non-compliant tools that were threatening client trust and regulatory alignment.
Problems
- Sensitive IP was Exposed: Project files and client documents were shared over WhatsApp and personal email without encryption or control.
- Competitors Exploited Insider Access: Temporary hires planted by rivals extracted information and returned to their original firms.
- No Device or Policy Governance: Unlicensed tools and unprotected laptops led to non-compliance with ISO 27001 and SOC 2 requirements.
Solutions
- Device Audit and Hardening: Krish scanned all endpoints, rebuilt 100+ systems with secure images, and enforced encryption, BIOS lock, and firewall policies.
- Microsoft 365 Rollout: Secure collaboration was enabled with Teams, SharePoint, OneDrive, and Exchange Online, replacing all unsecured tools.
- Full Security Governance: Defender, Intune, and Purview delivered real-time protection, data classification, and conditional access enforcement.
Business Value
- Zero-trust architecture is now standard across all users and devices.
- Client contracts were protected with ISO 27001 and SOC 2 compliance alignment.
- Data leaks and insider threats have been eliminated with centralized governance.
- All employees now work on encrypted, policy-compliant, company-managed devices.
- Security became a foundation for trust, continuity, and future scalability.
This transformation helped the client regain control of its digital infrastructure. With full visibility, compliance alignment, and secure digital operations, they now lead with confidence in a highly regulated industry.
Cincinnati State Technical and Community College needed to modernize its outdated intranet platform. The institution faced collaboration challenges due to siloed departments and a gap between current technology and future needs. Krish Services Group developed a modern intranet solution to enhance efficiency, connectivity, and scalability.
Client Background
The decision to modernize the intranet was driven by the need for more connectivity and scalability for campus communication in their new environment. Their existing intranet no longer met the needs of the College; Cincinnati State was looking for more than just a technology upgrade – they needed a strategic solution that would enhance how information flowed across campus communities. Faced with an intranet platform that would soon be out of support, Cincinnati State Technical and Community College realized the need to evolve to a modern solution that could support seamless communication and collaboration across its diverse departments. Given their use of Microsoft 365 already, a platform they had familiarity with was the natural fit. Following a deep dive into what the Intranet could look like in M365, Cincinnati State elected to work with Krish to build their new virtual campus hub.
Problems
- Outdated Intranet Technology: The current system lacked integration with new technologies.
- Siloed Systems: Departments operated independently without unified communication.
- Lack of Collaboration: The outdated system hindered collaboration among staff members.
- Limited Access: Employees faced difficulties in accessing important information remotely.
Solutions
- Modern SharePoint Intranet: Krish Services Group implemented Microsoft SharePoint Online as their new platform.
- Unified Communication Platform: Integrated various departmental systems into one cohesive unit.
- Enhanced Collaboration Tools: Introduced tools like Microsoft Teams for better teamwork.
- Remote Access Capability: Enabled secure remote access so employees could work from anywhere.
Business Value
- Increased Efficiency: Built on a platform that integrates seamlessly with other Microsoft products.
- Improved Collaboration: Unified communication tools foster better teamwork across departments.
- Scalability & Flexibility: Future-proof solution adaptable to evolving needs.
- Cost Savings: Reduced maintenance costs associated with outdated systems.
“The vendor of our previous intranet announced it would reach end-of-life in twelve months. We selected Krish through an RFP process, and their team proved to be the experts we needed. They guided us through reviewing our existing intranet, educated our implementation team on the possibilities of SharePoint, and helped us build a solution that was delivered on time, within budget, and immediately embraced by the campus community.”, said a key stakeholder at Cincinnati State.
Cincinnati Case Study
At a glance
By combining our deep understanding of the healthcare industry with cutting-edge technologies, we have successfully partnered with three prominent healthcare organizations and significantly improved their clinical workflows, patient outcomes, and overall healthcare experiences.
Challenges
1. Fragmented Communication and Coordination
- Inefficient communication channels among healthcare providers.
- Lack of real-time collaboration impacting patient care and safety.
- Difficulty in securely sharing patient information.
2. Limited Patient Engagement and Adherence
- Low patient engagement leading to poor health outcomes.
- Inadequate adherence to treatment plans and medication regimens.
- Insufficient personalized resources for patients to manage their health
effectively.
3. Inefficient Remote Monitoring Systems
- Gaps in remote monitoring resulting in delayed interventions.
- Inability to proactively monitor and manage patient conditions remotely.
- Increased healthcare costs due to frequent hospital readmissions.
Solutions
1. Integrated Communication and Collaboration Platforms
- Streamlined communication channels for healthcare providers.
- Real-time collaboration tools for care teams to improve coordination.
- Secure sharing of patient information for efficient decision-making.
2. Personalized Patient Engagement Programs
- Tailored resources and tools to increase patient engagement.
- Patient education materials & interactive platforms for self-management.
- Automated reminders & notifications to improve treatment adherence.
3. Proactive Remote Monitoring Systems
- Remote monitoring devices & platforms for regular patient data collection.
- Advanced analytics to detect early warning signs & trigger interventions.
- Integration with electronic health records for comprehensive patient insights.
Benefits
- Enhanced Care Coordination and Patient Safety.
- Increased Patient Engagement andAdherence.
- Cost Savings and Improved Efficiency.
Challenge
Eaton required consultation for their on-premise and Office 365 SharePoint environment
Solution
Krish provided consulting services and a site provisioning framework for Eaton’s on-premise and Office 365 SharePoint environment. Tenants were evaluated based on business rules and regulatory requirements, such as ITAR. We also provided best practices consulting for designing and developing solutions that leverage on-premise and Office 365 SharePoint services.
The Way Forward
- SharePoint Site Design
- SharePoint Application Development
- Governance Consulting
Technology In Use
- Office 365
- SharePoint Server
- SharePoint Framework (SPFx)
- Visual Studio
- SQL Server
Challenge
The Chas E. Phipps had a requisite for a solution that allows their employees to effectively collaborate and make informed business decisions.
Solution
Krish designed and developed a new intranet and a custom product evaluation solution on Office 365 for Phipps, catering to their above requisite. We migrated Phipps’ legacy data from an existing SharePoint 2003 intranet to a new intranet on SharePoint Online, designed the information architecture and governance of the new intranet, and configured the hub site structure.
We then worked with Phipps’ sales leadership to design and develop an app for employees to introduce for consideration of new products to stock. The app enables salespeople to share information and their feedback about new products, assign tasks, and track a new product’s sales performance.
The Way Forward
- Intranet design
- Information architecture and governance
- SharePoint Migration
- Custom app development
- Office 365 configuration
Technology In Use
- SharePoint Online
- PowerApps
- Microsoft Flow
- Sharegate
