Microsoft Information Protection Implementation – Enhancing Information Protection and Audit Verification for a Security Document Producer

Customer Sitution

Our client is a state-owned producer of banknotes and identification documents, including passports and ID cards. They also manufacture chip cards and certificates, incorporating various security features to aid in authentic document recognition. The company has over 2000 employees, with 450 office staff and 1550 involved in printing production. Their industry focus is on government and financial sectors.

Partner Solution

The client aimed to observe how users process information, reduce the risk of sending critical files to external users, enhance information protection, and facilitate audit verification. Partner solutions and Microsoft services/technologies used include Microsoft 365, Microsoft Information Protection, Office 365, Azure, and PowerBI reports. We conducted a successful demo and implemented a pilot AIP deployment on a small test group. After confirming proper configuration, we deployed to a larger group of users. We also built a dedicated reporting system for authorized users to access AIP logs.

Key Drivers & Business Objectives

The company’s business objective was to fit into high-standard audit regulations covering the latest changes to GDPR/RODO. The audit is carried out by the Polish Financial Supervision Authority (KNF). A critical institution, such as Polska Wytwórnia Papierów Wartościowych S.A. is obliged to ensure all possible ways to secure the infrastructure are in place. The company has a direct impact on the national security and the lives of Polish citizens. By introducing MIP PWPW S.A. wanted to provide a bulletproof solution that will allow users to define the sensitivity of the file or an email, and whether internal or external, make the files and e-mails protected at all times. That action improved overall security in the company significantly.

Value Provided & Business Outcomes

  • We observed a significant increase in the usage of the solution in the first months ​
  • Total number of activities: over 74.500 ​
  • Files read: 43.200​
  • Labels applied: 22.300​
  • File discovered: over 9.000​
  • E-learning materials for the end users​
  • Critical information is more secure. Users are responsible for labeling and more carefully processing the internal/external information with greater responsibility 

Win Insights

  • The solution developed by ISCG was promoted by Microsoft Poland and at many conferences in Poland and abroad. Mainly, it was about MIP monitoring functions allowing the position responsible for information processing and protection to monitor label changes and suspicious behavior related to sending restricted information. ​
  • The developed solution allowed AIP to participate in another project for the Client
  • Information is now divided into 3  

Lessons Learned

  • Even the most sophisticated companies struggle to identify the level of confidence in the information they are processing​
  • Incorporating an additional PowerBI dashboard into the solution has allowed ISCG to build a unique value proposition for the AIP experience​
  • Implementing such a solution is a great innovative security benefit and is relatively easy for Office users to use because it integrates intuitively with Office