At Data#3, our core purpose is to enable customer success through a company-wide strategic approach to customer experience. By aligning with world-leading vendor partners like Cisco, we enhance our ability to guide customers confidently through their technology journey, establishing a solid foundation to future-proof their digital transformation.
In this video, John Tan (Data#3 Chief Customer Officer), David Impellizzeri (Data#3 Customer Success Team Lead), and Emma Crome (Cisco Success Programs Manager) sit down to discuss how our partnership with Cisco helps drive successful outcomes for our customers.
At Data#3, our partnership with Cisco is built on a strong foundation, allowing us to deliver top-notch connectivity and security platforms that enhance user experiences. Cisco’s focus on forming enduring partnerships aligns seamlessly with our approach, enabling us to understand our customers’ needs and offer solutions that lead to their success.
For families seeking an international education in Perth, the International School of Western Australia (ISWA) has earned a reputation as an innovative school that prioritises student wellbeing and individual success. With a student body representing more than 60 nationalities, ISWA embraces diversity and welcomes different perspectives.
Technology is seen as an essential tool to help students explore the world, and to help teachers continuously provide an engaging and thought-provoking education. As a previous device program neared its conclusion, the school had an opportunity to further enhance digital learning.
In this video, discover how ISWA leveraged modern, reliable, and secure devices to create a more efficient and interactive classroom environment. By streamlining procurement and support processes and ensuring cost predictability through a DaaS model, ISWA significantly improved the user experience for both teachers and students.
Our team has accumulated more than three decades of expertise in the Education industry, and we are dedicated to assisting our education clients in designing, implementing, and overseeing a digital ecosystem that fosters learning and accomplishes wider business objectives.
Contact our team of specialist today to explore how you can help your students embrace modern learning with technology.
An organisation in the energy industry wanted to create a modern network infrastructure that would support its increasingly mobile workforce.
Managing a network at more than a hundred sites meant that the in-house IT team was used to working on very large, complex projects. Data#3, also a trusted Cisco partner, had demonstrated capabilities in managing large, multi-site network modernisation projects, and this made them a reliable choice.
The highlight is that our technology is more secure, and the mobility for our users has improved dramatically.
As an organisation in the energy industry performing the essential role of delivering energy to the general population in homes, businesses and communities, having the right technology to better support business objectives is essential.
Although the organisation’s existing Cisco network infrastructure had performed reliably, the changes in work practices as well as the COVID-19 pandemic meant there was a greater demand for secure, mobile capabilities for users. With this in mind, the organisation identified an opportunity to modernise its networks and create a better user experience while further supporting a highly agile workforce.
Having a vital role in providing power to local communities means there are rigorous processes are in place to ensure that best practice. In the IT team, this means building and maintaining a secure, efficient environment that enables the large workforce to perform at their best. When it came to renewing the organisation’s network, the energy organisations The Manager for Cyber Security said that considerable planning was involved. It was also standard practice to prepare well ahead for the end of each technology cycle.
“The project was started by the previous manager to modernise our environment and technology, and it was determined we should move to Cisco Meraki as the older technology was getting towards its end of life.”
“If we didn’t consider modernising our environment, we would have run the risk of not having the right support and maintenance we needed. Subsequent security threats in our wireless network would have been unacceptable.”
Changing work practices were factored into the decision. Enabling a more seamless mobile experience was a priority, whether for staff moving between the 100-plus sites, or working from home.
“Previously, people mostly worked with a desktop or laptop at a workstation, but we planned a move to a more mobile, wireless environment. We worked on another project rolling out Windows 10, and we wanted to build on this to take advantage of the wireless environment, so that people could pick up their devices and walk around the building, or any site throughout our multiple companies.”
The few staff travelling between sites previously were accustomed to connecting manually to different networks, but this could be challenging, with different systems in place at different locations. Unsurprisingly, this resulted in additional support calls, and there was clear room to improve on the user experience.
Support was not made any easier for the team by the lack of visibility in the complex network environment, so a better view of network traffic was needed. Consolidation of the wireless environment would bring greater consistency, making management simpler and more effective.
The Data#3 project team consisted of a senior project manager, project administrative support, six consultants, and a network of regional electrical partners who worked closely with the in-house IT group and Cisco to develop and implement a detailed plan to modernise the network. The solution included deployment of 1,089 wireless access points, 632 switches, and more than a hundred routers. Using a combination of Cisco Meraki switches and indoor and outdoor access points, as well as Cisco Catalyst 9000 Series switches and Cisco Integrated Service routers, the infrastructure was designed to give maximum performance and visibility.
“It was a big project, definitely large and complex, but not the biggest we’ve done. The project took around 18 months in all, and we now have all sites upgraded, which is no small undertaking,” described the Manager for Cyber Security.
“We took a collaborative approach. Data#3 did the running up of the equipment, but didn’t have to go to all the locations, we shared the responsibility, so sometimes it would be just Data#3 and sometimes it would be just us.”
The approach varied according to location. While some smaller sites could be cut over during business hours, in the larger offices, it was necessary to work outside 9-5 in order to minimise disruption to staff. While the Manager for Cyber Security said that Data#3, as a Cisco Gold Partner, had a “very high rating” for technical expertise, they maintained that skilled, experienced project managers are equally vital in large, multi-site undertakings.
“My advice is to get a good project manager who understands logistics, that is the most important thing. For example, working with Data#3, we pre-staged and tested equipment before it was sent anywhere, which meant there was less need for senior people onsite – an experienced project manager understands these logistics are critical,” explained the Manager for Cyber Security.
“Everything has to be staged, packaged, shipped, and unboxed, the site has to be ready for it, plan where the boxes will go, and what happens with the boxes that are removed – it is the logistics that will kill you.”
The IT team is appreciative of the simpler management and increased visibility of the modernised network environment. The clearer view of network traffic allows the organisation’s team to better understand and predict organisational needs, and to anticipate issues, so that they can act more proactively in providing capacity and in preventing problems. The visibility, and the ability to define access based on client, identity, and intent, are especially a benefit in terms of meeting stringent security requirements. Importantly, access control is seamless and consistent between the many locations.
“The Cisco Meraki technology enables us to provide a more robust security process for wireless and roaming.”
While the project was planned before the world was faced with a global pandemic, the increased capacity for staff to work from home quickly showed its worth. The combination of the network modernisation and a remote work project proved essential.
“We had 4,000+ employees, and previously fewer had asked to work from home,” said the Manager for Cyber Security.
For users traveling between locations, the ease of getting onto the network at each new location meant they could simply pick up their work without wrestling with separate sign-on process, and without calling the helpdesk. Whether working on a laptop or corporate mobile phone, at each new site, the network recognised their device and assigned the correct access levels, even when they had moved from one location to another. The users have access to their familiar corporate applications wherever they go.
“I regularly travel for work, and since the deployment I’ve been able to connect to the wireless seamlessly wherever I am. It doesn’t matter which company network we now use; they are consistent. Our executives can travel around the state and connect at any spot easily and securely.”
“The two large projects we completed took the pain of logins away. This was originally a pain point going between different companies because cabling and networks were structured differently,” said the Manager for Cyber Security.
While the choice of the modern Cisco network technology was relatively simple due to its combination of reliability, manageability, and performance, there were other considerations that were important in selecting the best solution. Data#3 procurement specialists were able to help make the project happen within the right budget. “We have a strong cost management focus. Cisco offered an Enterprise Agreement and a bundle package that made it financially palatable for our current management to support.”
I regularly travel for work, and since the deployment I’ve been able to connect to the wireless seamlessly wherever I am. It doesn’t matter which company network we now use; they are consistent. Our executives can travel around the state and connect at any spot easily and securely.
– Manager for Cyber Security, Organisation in the energy industry
For the wider organisation, much of the success of the project is down to communication, and a strong project manager that their in-house team worked with well.
“We met with the senior project manager weekly, and had a monthly account meeting with Data#3. There were ad-hoc meetings as well. It was a luxury to pick up the phone to call people if I had a problem, and they would respond positively,” said the Manager for Cyber Security.
“We have such a collaborative partnership with Data#3, and they do multiple activities for us, not just on Cisco technology but also Microsoft, and some security pieces. They are able to focus on what we need, they have good quality quoting and processes, and strong expertise.”
The greatest icing on the cake, has been the improvement to user experience while also improving security.
“Our highlight is that the technology is more secure, and the mobility for users has improved dramatically. They can pick up their laptop or phone and head into another room, go home, come back into the office, and voilà! They are connected.”
“With this project, they can use any device, anywhere,” concluded Manager for Cyber Security.
Download Customer Story Explore Data#3 and Cisco Meraki network solutions
In an era where digital connectivity is interwoven into the operations of almost every organisation, cyber security is a paramount concern. As data breaches, hacking, and digital threats increasingly make headlines, organisations seek to safeguard their digital frontiers. However, amidst the rush to deploy the latest cyber security tools and technology, there still lies a question about the role and criticality of corporate governance in cyber security. Are organisations taking it seriously or just pulling together a document in a “tick-the-box” exercise without thinking it will really help?
With the constant pressure that organisations feel to be seen as “doing something about security”, it’s easy to surrender to the allure of the ‘quick fix’ syndrome. A swift purchase of state-of-the-art or best-of-breed cyber security solutions can present an ostensibly solid solution to bolster cyber defences and signal to the organisation that we’re on top of our security game. However, this approach has led to increasing complexity of the overall security environment with overlapping solutions that aren’t integrated. High-tech tools and software might fend off attacks, but are they potent enough to curb issues stemming from governance laxity?
Given this context, it’s prudent to question whether corporate governance is an underrated cyber security success factor. Is it time organisations revisited their governance processes before they channel resources into yet another solution?
In the complex risk management landscape, McKinsey pointed out that “A reactive approach to risks remains too common, with action taken only after things go wrong.” So, instead of devoting time and energy towards a strategic analysis of risks and how to mitigate them, they find it easier, quicker, and more appealing to address risks as and when they surface.
Cyber security, unfortunately, has fallen prey to this short-term outlook. The boom in technology solutions over the past few years has fed into the perception that cyber security equals action – and the more immediate, the better. Anecdotally, what takes precedence is procuring the latest cyber security solution to prevent malicious activity and loss, often at the expense of crafting a robust cyber governance framework.
Playing off the insights from an article by the Australian Institute of Company Directors (AICD), it seems that organisations may overlook a critical component in their rush to find immediate solutions to issues. Is it more judicious that companies consider reviewing and strengthening their corporate governance before purchasing yet another cyber security panacea?
If asked to visualise the ultimate defence against cyber security threats, most might portray a sophisticated tech-powered environment with state-of-the-art solutions. However, according to the AICD and the Cyber Security Cooperative Research Centre, the most useful tool might be much simpler and already within the organisation’s reach – good governance.
That’s because, in reality, cyber attacks aren’t merely a tech problem; they’re an enterprise-wide risk issue. An organisation’s risk profile is a complex web, extending far beyond its technological frameworks and into its people, processes, and culture. Sure, external data attacks are a significant threat, but internal threats – whether purposeful or accidental – can be equally damaging.
Embedding cyber security into corporate governance necessitates a clear definition of responsibility and accountability within an organisation. It reinforces transparency, enforces accountability, and sets the stage for effective collaboration during crisis situations.
Building on this note, the AICD champions the use of comprehensive corporate governance as a defence against cyber threats, emphasising:
Ultimately, the benefits of good governance aren’t merely about defence – they’re about building an organisation where everyone continuously evolves to meet – and even anticipate – potential threats.
With an unending barrage of cyber security threats evolving at warp speed, it is understandable why organisations might feel the pressure to match pace with equally advanced cyber security solutions. However, the unchecked pursuit of tech-powered solutions often leads to the ‘solutionism’ bias, where organisations may forget the power of a robust governance framework in reinforcing their cyber security standing.
In addressing the complexity of burgeoning threats, there’s a growing consensus that cyber security should no longer be viewed as the sole responsibility of the IT department. Instead, it should be an organisation-wide concern – a shared responsibility.
A broader perspective is essential, pivoting cyber security from an IT-exclusive bastion to a shared concern that involves every member of the organisation. Corporate governance is the linchpin in this transformation, ensuring that everyone, from the C-suite to the frontline employees, understands their roles in both preventing and dealing with cyber threats.
While integrating corporate governance into cyber security strategies sounds logical, its effectiveness is best understood through real-world applications. Take the case of a leading automotive retailer who partnered with Business Aspect, a Data#3 company, to elevate their cyber security framework in alignment with their wider business goals.
To gain a thorough understanding of their security stance, vulnerabilities and key areas for improvement, Business Aspect conducted a thorough assessment against standards like ISO 27001 and NIST. The findings informed a strategic, multi-year security roadmap containing a step-by-step plan to address key security areas including data protection, network security and incident response – all aligned to business goals.
The strategy’s success hinged on optimised resource allocation, suggesting the investment of resources in high-impact areas that directly correlated with business growth and risk mitigation. This focused approach reinforced crucial security aspects and enhanced the program’s efficiency and adaptability to new threats.
Methodical approaches like these, can help organisations shape governance strategies that go beyond traditional IT, aligning initiatives with broader business goals and supporting a culture of proactive risk management. In short, when executed well, corporate governance can transform cyber security from a peripheral IT concern into a central, organisation-wide commitment.
We have long advocated for organisations to reconsider their approach to cyber security, and this includes acknowledging the essential role of corporate governance and the persuasive argument for its power as a cyber security bolstering agent.
Therefore, organisations must consider involving their board members and senior management more actively in cyber security matters, rather than restricting it as an IT exclusive concern. Robust governance can empower an organisation to adapt and respond more effectively to evolving cyber threats, imbuing it with capabilities that go beyond technical safeguards.
Revisiting corporate governance processes before investing in yet another cyber security hurdle might be the astute move companies need. The constraint of corporate governance is necessary not just for the immediate defence against cyber threats, but also for fostering a resilient cyber security culture that evolves with the advancing digital landscape. Perhaps, then, corporate governance rightfully deserves recognition as a key cybersecurity success factor, one that’s been largely underrated thus far.
Technology, experience, and education are all essential in protecting your organisation against cyber attacks. Benefit from the collective wisdom of Business Aspect’s dedicated strategic consulting team, combined with the hands-on expertise of Data#3’s cyber security specialists. Our highly accredited Australian-based security teams leverage a diverse range of expertise, security solutions, and a strong vendor portfolio to design, implement and maintain superior security measures that are tailored to protect your business. Contact us today to learn more.
An organisation in the rehabilitation industry with a focus on community safety wanted to reduce its overall licensing spend and demonstrate sound cost management. However, to do this would require a greater level of visibility.
This organisation needed to demonstrate cost efficiency. As the largest Australian Microsoft licensing provider, it was logical for this organisation to seek Data#3’s assistance to ensure licensing was managed efficiently. Data#3 performed a high-level review to demonstrate that the Microsoft 365 Optimiser Service could optimise savings.
It was a very cost-driven exercise. An upcoming Microsoft renewal was the main driver – other aspects, such as security and automation, were side benefits.
Spokesperson for the organisation.
The organisation was committed to allocating Microsoft 365 E5 licences to all active users. However, it lacked the tools needed to closely manage licences without considerable manual effort, something that would be costly in itself.
Microsoft software, in particular Microsoft 365, is an essential business tool for the organisation’s staff who work across multiple sites with varying security levels, offices, and reporting locations. The Microsoft licensing is among the most important IT investments each year, so it’s imperative that they’re managed efficiently. Staff in the busy IT team are conscious of their responsibility to the local community to manage their budget carefully and avoid unnecessary expenses. The spokesperson stated that value for money is prioritised.
“We are audited on cost efficiency and report our measures to a committee annually.”
“Every year we can expect a multi-million-dollar renewal of Microsoft licensing. The Microsoft 365 Optimiser Service was presented to us by Data#3, who are our Microsoft licensing partner. They told us about the product and presented the cost savings that could be achieved.”
It was important to this organisation to navigate a time of rising prices without compromising high standards to deliver an essential service to the community.
“We have a fixed budget each year, and we must always keep within the boundaries of that,” explained the spokesperson.
While maximising the value of their investment in licensing was very much the driver, it could only be achieved with greater visibility of overall usage. The organisation was eager to reduce what the spokesperson described as a “completely manual task” of identifying licensing waste and reallocation. There was no easy way to identify when staff were not using licences for an extended period, or only needed temporary cover. The manual effort of seeking out idle licences also carried a staff time cost, so the potential to automate the process was welcomed.
While the potential of Microsoft CoreView was clear, the organisation wanted evidence that savings would be realised. A proof of concept gave them the answers they needed.
“They showed us as part of the process how much we could save and did a trial to confirm that those were real savings on the table through identification of idle licensing. The tool did the monitoring for us and showed us the extent of savings we could achieve,” outlined the spokesperson.
“We had real world examples of what we could save. We constantly are asked to avoid costs and save money, and Data#3 made it real with the proof of concept.”
Conducting the Microsoft 365 Optimiser Service was largely a hands-off process for the organisation. Once access was granted to Data#3 into the IT department’s Microsoft environment, the tool was installed remotely, and it began to monitor licence usage. Still facing COVID-19 restrictions and operating in a highly secured environment meant that the organisation appreciated this approach, noting that:
“We have strict controls over who comes on-site. On-site visits involve working through a full checking process. Over the last year, we have had our regular account manager visits, but the modern workplace team handled everything remotely. We authorised access to our externally hosted Microsoft portal, and they came up with the result. It was a completely hands-off process for us.”
Guided by the specialist Data#3 team, Microsoft 365 Optimiser identified idle licences that were invisible by using manual processes, achieving a cost reduction just beyond the predicted numbers.
“We’ve got several examples. We found staff members on extended leave of six months or longer, such as maternity leave, where it was expensive to assign a licence if the staff member was not working. There are other scenarios where staff members work part-time or are only with us for occasional visits. When state health workers visit, that might only be once every six months, so we don’t want a licence sitting idle,” continued the spokesperson.
“We could automatically detect when a licence had been unused for, say, 60 days, and Data#3 was then able to suggest and provide lower cost licences, or a lower quantity of licences, with the benefit of avoiding that cost.”
The organisation opted to leverage Data#3’s Microsoft 365 Optimiser service, which is designed to discover, analyse, and produce actionable remediation reports for Microsoft 365 licensing, security, and governance. As well as identifying licence waste, the service makes recommendations on security posture in the Microsoft environment and enables automation of manual Microsoft 365 tasks, such as licence management.
“We have regular meetings where we are presented with a monthly report showing opportunities to reduce our spend and reporting the amount avoided to date.”
“We recently underwent our Microsoft 365 renewal for 2023, for example, and saved a cost of $278,986 that we would have paid without the Microsoft 365 Optimiser service.”
While the initial automation used by the organisation focused on the identification and management of idle licences, plans are underway to harness further capabilities.
“The service does offer onboarding and offboarding integration into our software management tool, so we are looking to realise that benefit of automated onboarding and offboarding,” said the spokesperson.
“I absolutely recommend this product to provide visualisation of cost saving opportunities for Microsoft licensing.”
While Data#3’s position as the Microsoft licensing provider for this organisation made them a logical choice for this cost avoidance exercise, the team involved in providing the Optimiser service lived up to expectations.
“The highlight was that we got an excellent resource. Those we worked with were available, responsive, had a professional manner, and strong communication – they were excellent to work with. They made it very easy for us,” recalled the spokesperson.
The greatly improved visibility of the organisation’s licensing reduced risk of wasted investment. The resulting tightened management also enhanced security, and automation took away time-consuming manual processes from their busy IT team. Still, their spokesperson concluded, the objective of value for money has been the driving force behind the project and was the most pleasing outcome. While the business case to support implementation of the Microsoft 365 Optimiser service predicted savings of $583,000, as of early 2023, the cost avoidance in the overall organisational Microsoft environment had reached $623,000.
“It was a very cost-driven exercise. An upcoming Microsoft renewal was the main driver – other aspects, such as security and automation, were side benefits.”
Download Customer Story Optimise your organisation with Microsoft 365
Westminster School counts cyber security among the most critical responsibilities of its IT department. The school wanted to minimise risk exposure by strengthening protection around legacy applications and systems.
The school’s IT leaders attended a cyber security session at Data#3’s annual JuiceIT event, and realised they had found the ‘missing piece’ to secure their environment.
When you get the best of both worlds, with a great product and great people, hands down it’s a winner. Data#3 and Silverfort have become trusted advisors on this matter.
Simon Matthews – Infrastructure lead, Westminster School
Nestled between the beaches and the vibrant city of Adelaide, Westminster School is a leading co-ed day and boarding school with around 1,300 students from early learning to year 12. The school is affiliated with the Uniting Church, and is known for nurturing students as they pursue their academic, sporting and artistic dreams.
Technology plays a key role in school life, both in administration and in the classroom. A period of modernisation meant that much of the school’s IT environment has shifted to the cloud, with some legacy and on-premises infrastructure remaining, presenting some security challenges.
In any organisation, protecting users and assets against cyber attacks is of high importance. The Australian Cyber Security Council (ACSC) reported a doubling of reported cyber attacks in a two-year period to June 2022, with more than two in every ten organisations impacted each year. Breaches can have a significant financial and reputational effect on organisations, but Westminster School Infrastructure lead, Simon Matthews, said that the impact on individuals is, for educators, the greatest concern.
“Breaches can affect people very deeply. The vast majority of our stakeholders are under 18, so we need to do everything we can to protect our students. We have a lot of confidential information to protect, often medical details, and information around staff, and we take that seriously.”
Much of the school’s environment had been transitioned into the cloud, but the IT team was especially conscious that the remaining on-premises environment was limited in terms of identity protection, and this could have represented a risk. Finding an answer had proven problematic.
“It was the legacy on-premises infrastructure we were looking to secure, and we were not aware of a solution on the market that would cover not only the desktop, but also the whole range of common tools that threat actors use. They will target just about any service related to Windows.”
A cyber security truism is that ‘you can’t secure what you can’t see’, and here, too, there were obstacles to overcome. Visibility was limited in the legacy environment.
“We had a lack of awareness around what accounts we had that could be compromised, and service accounts were mostly where we saw problems. A lot had built up over years, staff would create a service, and over time, wouldn’t realise that the associated service accounts existed.”
While these service accounts in themselves were typically not related to sensitive data, hackers often exploit such accounts to find their way into an environment, spending months casing out an organisation and finding opportunities for lateral movement into other systems for months before they strike.
“Back in the day, we would measure threat using our firewall’s data to measure how many attempts were made. The landscape has since changed, with client devices in many places, and a completely decentralised environment. Threat actors work every device, every app, not just what is physically here.”
“As the threat landscape changes, we have to assume a breach and mitigate risk, by stopping lateral movement at that point to protect our people.”
When the Westminster School’s IT team attended Data#3’s annual JuiceIT event, one of the partner presentations especially resonated with them. Security specialists from Data#3 and partner, Silverfort, spoke about addressing the security gap that can emerge in the area of identity protection when dealing with legacy environments designed for a more centralised landscape.
“We saw the cyber security presentation, and it was a real lightbulb moment. We looked at each other and went ‘yes!’. This speaks volumes about JuiceIT and the vendors that Data#3 brings into the space; the events ensure that Data#3 customers are exposed to the best emerging security solutions available through their partners, and that is part of why the partnership with Data#3 is so critical to us.”
After discussions with their Data#3, Westminster School elected to conduct a brief proof of concept to make sure that the solution lived up to its promise.
“We wanted to run it in house to see what it would do, and how it would function, and we ran some stats. We then fast tracked it because we knew we needed to close any gap in security around our on-premises infrastructure and legacy apps,” recounted Matthews.
The Data#3 and Silverfort team addressed a blind spot that was not protected well by existing identity and access management products. The proposed solution solves the technology challenge of enforcing secure authentication on all users, resources and protocols, both in on-premises and multi-cloud environments, thwarting efforts at lateral movement by malicious actors. To do this, it uses a unified identity protection platform that gives real-time protection against attacks that use compromised privileged or unprivileged credentials. It extends Microsoft Azure multi-factor authentication (MFA) to any sensitive resources, even to legacy environments that lacked the option for MFA previously.
The discovery capabilities of this technology were among the aspects that most impressed Matthews.
“It gave us exposure to service accounts, or accounts acting as service accounts, that we were unaware of. It also lets us enforce MFA that is policy based. The service account module has been critical to see the accounts we weren’t aware of and introduce controls around them, and we can do this by a granular process to make sure we aren’t breaking things elsewhere. Where there were gaps, we knew that the Data#3 and Silverfort teams could help us realise the issue to resolve it,” stated Matthews.
“It is very simple. The additional scope we get through insights gives us really useful information and helps us to troubleshoot daily.”
For the majority of Westminster School users, there was no difference in their experience of logging on. Outside the IT department and leadership, none were aware that their security had been raised.
“There is nothing to put on our devices, no additional software on the servers, no integration pieces with SaaS or legacy applications. It just ties back into the simple all-in-one system, where we set policy to enable a type of traffic and block everything else,” explained Matthews.
“There was no user interaction, no apps deployed, no testing on client devices – just a few people may get prompted for higher access at times. No change management was needed.”
Matthews described a leadership culture at the school that is wholly supportive of cyber security measures, something he said is a “necessity” when facing a complex and sophisticated range of threats. This was helpful when proposing introduction of the new security solution, and the faith has been repaid.
“When we implemented the solution, we could instantaneously sleep better because we had that peace of mind. This is a last layer of protection to stop anything that gets past other layers – when it hits a server, for example, that stops the lateral movement.”
The level of discovery that the solution introduced, and the visibility that resulted, has given the IT team another vital tool as it strives to offer the school community the best possible protection.
“We use the Microsoft Cybersecurity Reference Architecture (MCRA) as our cyber security reference, where we go to help order our next steps. Microsoft suggests Silverfort as a method of closing gaps, which speaks volumes about their confidence. Everyone should be looking at consolidating their security stack, and given Microsoft invests $3 billion a year in security, we are confident in their recommendation,” explained Matthews.
“Our position now is that we are very comfortable with our progress. We have gone from seeking a solution for gaps to being one of the most secure school IT departments around, and that is a testament to the work the team has done.”
When we implemented the solution, we could instantaneously sleep better because we had that peace of mind. This is a last layer of protection to stop anything that gets past other layers – when it hits a server, for example, that stops the lateral movement.
Simon Matthews – Infrastructure lead, Westminster School
As a very security aware educator, Westminster School had wrestled with the common challenge of identity protection around legacy and on-premises resources, so the security solution from Data#3 and Silverfort, caused a stir among the IT team. Matthews recalls a buzz of excitement at the end of the JuiceIT event session.
“We rely on partners like Data#3 to show us the best solutions available and introduce us to emerging vendors, and they did exactly that. They are a great company to have in Australia. We walked away saying that we didn’t realise there was a solution to this problem, and that we are grateful they have JuiceIT to bring the best technology to the industry.”
While Matthews gathers information from partner activities such as Microsoft webinars and Data#3 events, he recommends that other schools facing similar challenges make sure they talk to others within the sector to share experiences.
“Talk to other schools to get recommendations and reviews. Anyone can say how good their product is, but we can give real-life experience of working with Data#3 and Silverfort. If it is not in your security stack in the next six to twelve months, or not in your budget for next year, you’ve probably still got a big gap in security.”
The final piece of the picture, said Matthews, is working with knowledgeable partners who take time to understand your environment and the outcome you’re aiming for, and have their fingers on the pulse of emerging technologies.
“When we first learned about the new solution, there was a great buzz in our office, and we were all talking about it. When you get the best of both worlds, with a great product and great people, hands down it’s a winner. Data#3 and Silverfort have become and will continue to be trusted advisors on the matter of cyber security.”
Download Customer Story Learn more about Data#3 Security solutions
Since we began our journey exploring AI, we’ve unlocked the power of AI transformation, learned about the risks of generative AI and discovered how you can keep your organisation secure.
As the official launch of Microsoft’s series of AI Copilots draws closer, anticipation continues to build. The promise of untold changes and improvements to productivity, collaboration, and the way we work is on the horizon – but with so many options out there, it’s difficult to know which AI tool will be the best fit for your organisation.
To help you prepare for the arrival of Microsoft’s Copilot, we’ve put together a guide to give you an overview of all the Copilots that are coming (and no, it’s not just the one). We’ll dive into the features and uses of each so you can make an informed decision when choosing a Copilot – or Copilot combination – for your team.
The flagship Copilot and the one most people have heard of is Microsoft 365 (M365) Copilot. It’s an in-built assistant that integrates into the productivity applications many teams use and rely on every day, such as Teams, Word, Excel, and PowerPoint. It aims to streamline your workday and takes on tedious tasks so you don’t have to anymore, such as generating meeting notes, providing draft documents in seconds, and designing presentations in PowerPoint.
As with all other generative AI tools, Copilot draws upon a large language model (LLM). Essentially, it’s trained with vast amounts of data so it can comprehend existing content and generate fresh content.
Who’s it good for?
Any teams whose jobs involve creating content, analysing data, or communicating through collaborative applications. In our opinion, M365 Copilot will be a game changer across almost every industry because of its extensive use cases. We talk to this in more detail in some of our other blogs, but the short answer is – any knowledge worker will benefit from using M365 Copilot.
Formerly called Viva Sales, Microsoft’s Sales Copilot provides a streamlined, AI-powered selling experience, without the need for manual data entry. Like M365 Copilot, it seamlessly integrates into the applications sales professionals use daily, such as Microsoft 365, Microsoft Teams, and customer relationship management (CRM) technologies, like Dynamics 365 or Salesforce. It helps sales teams do what they do best, without the need for notetaking during meetings; meetings can be recorded and transcribed using conversation intelligence technology for accurate summaries.
It can also assist sales professionals in a number of other ways, such as providing feedback and helping develop sales skills, understanding the overall sentiment of calls for helpful suggestions, and tracking conversation KPIs, such as talk-to-listen ratios.
Who’s it good for?
You probably guessed it from the name – sales teams. It’s the ultimate assistant to sales professionals, making sure they’ve got the time to make meaningful connections with your customers without being bogged down by manual admin tasks.
Microsoft’s Security Copilot is a security-specific model also drawing upon LLMs, powered by OpenAI. It helps security teams easily detect, identify, and prioritise threats. Incorporating a growing set of security-specific skills, it’s informed by Microsoft’s unique global threat intelligence, receiving more that 65 trillion daily signals.
Security Copilot provides enterprise-grade security and meets all privacy compliance regulations, as it runs on Microsoft Azure’s hyperscale infrastructure.
Who’s it good for?
It’s not designed to replace humans, but it’s an incredibly helpful assistant to cyber security teams, providing speed and scale for tasks that require significant output like incident response, vulnerability scanning, and patching.
A joint effort by Microsoft, GitHub, and OpenAI, GitHub Copilot is a cloud-based AI tool design to help developers write code faster. It contextualises based on existing comments and code to instantly suggest individual lines and whole functions. It’s available as an extension for Visual Studio Code, Visual Studio, Neovim, and the JetBrains suite of integrated development environments (IDEs).
Who’s it good for?
Developers who want to streamline processes and generate code more quickly. As it’s trained on billions of lines, it’s able to autocomplete code in seconds, making coding significantly faster – allowing developers to focus on solving bigger problems.
Windows Copilot is designed to enhance the Windows 11 experience, with a focus on aiding creativity and productivity. It integrates Bing search with the Edge browser, drawing upon the OpenAI model and Microsoft’s Prometheus model for a new user experience. It’s another in-built assistant that can offer help by performing tasks like offering tech support, answering questions you would otherwise ask a search engine, or summarising documents.
Who’s it good for?
Windows Copilot is great for anyone working in creative industries, or those who need to do significant amounts of research during their workday. It helps you prioritise bringing ideas to life, collaboration, and working on complex projects, without spending extensive time searching for information and working across multiple applications.
Another Copilot harnessing the power of LLMs, the AI Copilot for Power Apps allows natural language authoring of apps, moving away from the traditional custom code or the recent low-code development environments. By using a few words in natural language, users can interact with this Copilot to describe exactly what they’re looking for from the app, including the data behind it. It’s then automatically created and is adjustable based upon user feedback.
Who’s it good for?
Anyone who has ideas for apps they want to bring to the market but doesn’t have the coding knowledge or experience previously needed to create one. It’s a game changer that evens the playing field, making it easier than ever to create and share new ideas.
Microsoft Fabric, is an analytics product that centralises all of an organisation’s data and analytics in one place. It combines the best of Microsoft Power BI, Azure Synapse, and Azure Data Factory into one unified software as a service (SaaS) platform.
Copilot in Power BI combines advanced generative AI with corporate data to assist users in gaining, and sharing, insights faster. You can simply describe the insight you need, or ask a question about your data, and Copilot will analyse and consolidate the data into a report – turning data into actionable insights, instantly.
Who’s it good for?
Microsoft Fabric and Copilot in Power BI is ideal for data engineers, data warehousing professionals, data scientists and analysts, and business users to harness for seamless collaboration. It assists in fostering a well-functioning data culture across an organisation.
Looking for more advice on how to integrate a Copilot into your team?
Data#3 is Microsoft’s biggest Australian partner, and one of only 600 organisations globally invited to take part in the Copilot Early Access Program (EAP). Contact us today to discover how our M365 Copilot Readiness Assessment can help you prepare for take-off and improve productivity across your organisation.
In the first leg of our journey we explored AI transformation and how you could unlock the power of AI for your organisation. Our second leg takes us on a descent into the world generative AI as we explore what you can do to keep your organisation secure in the wave of AI transformation.
The topic of AI is permeating almost every industry. The incoming wave of AI transformation promises major leaps in potential for productivity, creativity, and collaboration.
However, as with any new technology, it also comes with an array of potential risks that need to be addressed. Open-source generative AI models, such as ChatGPT, learn from user input to shape their output, which means they may inadvertently include proprietary data in generated responses. This could result in a range of adverse outcomes and could even jeopardise your organisation’s competitive advantage, compromising customers’ or corporate intellectual property, and violating confidentiality agreements.
The use of generative AI by employees of organisations leads to privacy, security, and regulatory implications. Let’s be clear, AI is here to stay and it’s well-worth getting on board with. However, your organisation needs to consider potential issues to make the most of the benefits while minimising risk. There are a few common concerns we’re hearing surrounding the use of AI. In this blog we’ve compiled these concerns along with some potential mitigating strategies you could put into place to help alleviate them.
The rapid pace at which generative AI technologies are rolling out is making it impossible for laws and policies to keep up. We’re operating in a legal grey area surrounding the use of AI, a grey area that prompts a lot of questions. For example, who’s liable if AI generates a false piece of information, or exposes sensitive information such as patient information in generated content from an open-source generative AI model? Or what happens if AI generates a piece of content that violates copyright of existing content?
Governments, regulatory bodies, and legal professionals alike are attempting to tackle the fast-moving AI landscape – but when the technology changes every day, it’s a relentless task.
It’s always best practice to review your regulatory compliance obligations and to consider legal implications and protections to ensure you’re across the most up to date requirements for your organisation, but that doesn’t mean there’s nothing you can do on the frontline.
AI governance and policy making can’t be left solely to governments or other statutory bodies. Every organisation that utilises AI will need its own guardrails in place to regulate its use of AI. It is shifting rapidly, and any policies you put in place to address AI use won’t be set-and-forget. You’ll need to have regular, stringent review processes in place to protect your organisation.
Make sure you’re having open conversations with your employees about what AI use within your organisation. This includes acceptable use of AI, what can and can’t be provided to large language models, and how the private versus public offerings vary (for example CoPilot versus ChatGPT). This must be done with a lens of protection of your sensitive corporate data (including that of your customers) while protecting your corporate IP., Adopting AI may seem daunting for your organisation,, but the productivity gains are well worth the risk tradeoff that AI can offer.
Concerns about privacy and security risks resulting from generative AI are some of the most pressing. The inherent nature of generative AI – as it relies on inputted data to comprehend or generate content – means it has access to significant volumes of data, some of it containing personal or sensitive information. This raises concerns both about how this data is being stored and used by AI software, and who can gain access to it. Some companies have even banned certain AI tools because of privacy and concerns about data leakage.
AI can be used to enhance cyber security efforts, but it simultaneously can pose security risks. Generative AI tools can be used for malicious purposes just as easily as well-intentioned ones. It’s easier than ever for hackers to use these tools to generate malicious code – we can’t forget that malicious actors are receiving all the same productivity benefits from generative AI that we are.
If you’re actively engaging with AI within your organisation, it’s more important than ever to ensure you’re continually renewing and strengthening your security posture. You also need to have in place robust data protection measures to prevent unauthorised access to, or misuse of, sensitive information. Ensuring security is regularly reviewed, permissions applied, and a solid information classification and protection solution is deployed is essential to protect your corporate data.
Generative AI models operate as ‘black boxes’ – there’s no way to understand their decision-making process. This lack of transparency can lead to a lack of trust in AI applications, from employees, customers, and other stakeholders. Accountability is also a big question mark, tying into the similar concerns surrounding privacy and security. If sensitive information is leaked because of an AI tool, who should be held accountable?
As AI continually shifts and changes, so do societal expectations, thoughts, and opinions around its use. During this transitionary period, it’s critical for businesses to ensure the ethical, transparent, and responsible use of AI technologies. What this looks like may change day-to-day, so striving for transparency will be an ongoing process for organisations.
The internet is already rife with misinformation, and generative AI is not immune to contributing to this. While the majority of generative AI tools available on the market are mostly accurate, they’re not infallible. There’s been reports of a phenomenon referred to as ‘AI hallucinations’, where tools such as ChatGPT has confidently stated entirely incorrect information.
Taking advantage of generative AI is great for the productivity benefits, but it’s important to not get too reliant upon them, and to not take information given to you by AI as gospel. These tools can, and do, make mistakes. Information generated by AI still needs to be thoroughly vetted before you put it out to the market, to avoid producing misinformation and dealing with corresponding reputational damage.
There are also concerns that AI will become too efficient and end up eradicating certain jobs – or even entire industries. Routine and repetitive tasks have always been susceptible to automation, and the new wave of AI has furthered this. Preparing workforces for new skill requirements and identifying opportunities for human-AI collaboration is going to become essential in this new landscape. Jobs will start looking different as AI advances, and there will need to be rapid mindset shifts in most industries as these changes occur.
Linking to the earlier concern surrounding AI hallucinations – at this point in time, there’s definitely still a real need for human evaluation and vetting of AI produced content. Generative AI can certainly help speed up certain tasks, but it’s not perfect, and you may need to point this out to your employees to alleviate any concerns around AI-induced job losses. Training is a good way to go about this – for your organisation to fully adopt AI, you’ll need to invest in training to ensure your team’s AI literacy is up to date.
At Data#3, we’re at the forefront of engaging with generative AI, and we’re here to help you along your AI journey. Contact us today to find out how we can help you implement AI into your organisation – securely.
Take flight with Microsoft Copilot for AI transformation
Much like a connecting flight in an airport, I welcome you to the first leg of our three-part journey with Microsoft Copilot, your trusted companion in the realm of AI innovation. In this series, we will explore the power of AI transformation and help you understand the risks of generative AI, all while guiding you on how to put your best foot forward when selecting the ideal Copilot for your organisation.
Artificial Intelligence (AI) is the biggest buzzword in the industry this year. With the amount of chatter surrounding all things AI and AI-driven software, it’s clear organisations need to start preparing for AI transformation – but it can be difficult to cut through the noise and know where to start.
We’ve put this blog together to provide you with some clarity on the what, why, and how of AI transformation, and what this might look like for your organisation.
The term ‘digital transformation’ joined mainstream conversations in 2013 where Microsoft began using it, associating the term with their view that business was entering the ‘fourth industrial age’, demonstrated by a wave of cloud adoption by many organisations. Digital transformation, as a concept, ensured businesses focused on modernising their technology, aligning its functions and use to specific desired business outcomes. As a result, digital transformation brought about significant advancements in productivity across almost every sector.
In our opinion, the decade-long wave of digital transformation has come to an end – replaced with a new era of AI transformation. With the rise of generative AI models and software, such as ChatGPT and Microsoft 365 (M365) Copilot, productivity advancement has been put on fast-forward.
Organisations like yours are currently filtering through an onslaught of AI-related information. Technologies are advancing at an incredible rate, but practical factors such as adoption, implementation, and regulation are slower to follow. To start putting an AI plan in place, you need to first evaluate the ‘why’ of AI transformation. Here’s just a few reasons why we think early adoption of AI transformation is critical for all organisations:
The benefits of AI transformation are clear – but how, exactly, do you implement it at an organisational level?
Data#3 used a six-step process in our own Copilot deployment which serves as a model to help you start thinking about, and planning, your organisation’s AI transformation:
There’s a lot to get your head around as we’re entering the new era of AI. Data#3 is on the frontlines of AI transformation, and we’re here to help. Contact us today to discuss how we can help you get started on your journey.
After a rapid introduction of new collaboration and productivity technology, VTAC sought to maximise their return on investment and to further bolster their collaboration and governance processes.
VTAC researched suitable providers that could assist, and Business Aspect, a wholly owned subsidiary within the Data#3 group, proved competitive and possessed a strong understanding of what was needed.
The highlight was the improved engagement with the wider organisation; I knew we couldn’t just keep this within our IT team and working with Business Aspect was like having an extra pair of hands to help.
Steve Hansen – Director for IT Services, Victoria Tertiary Admissions Centre
The Victorian Tertiary Admissions Centre (VTAC) is an independent shared admissions service facilitating access to tertiary education and further study opportunities and pathways for learners in Victoria and beyond.
During the global pandemic, VTAC had rapidly rolled out collaboration technologies such as Microsoft Teams, SharePoint and Zoom to enable hybrid collaboration. As the organisation’s independence from Monash continued to grow, it was determined that there was a greater need for consistency and improved governance around the way such technologies should be used.
After any time of rapid, unexpected change, it is valuable to pause and take stock. This methodical approach had served VTAC Director for IT Services, Steve Hansen, well through his career. After navigating the rigours of pandemic-driven lockdowns and restrictions, he recognised the need to review how they were using key technologies.
“In our organisation, everything had been within the Microsoft landscape, including Teams, SharePoint and so on. As Covid hit, everyone jumped into these toolsets and started using them without our usual governance and training, so our use was inconsistent. As a result, we knew we needed a clear roadmap outlining appropriate rules and governance across our Microsoft landscape,” explained Hansen.
While the immediate need to switch to a work from home model had prevented the usually consistent, planned approach of VTAC, it was a growing necessity to support the many students and tertiary organisations reliant on VTAC’s services. The needs of customers feeling the impact of wide-scale disruption had to take priority. Without consistent use of key collaboration tools, and with limited training, productivity was hampered. The staff who had embraced the technology as a means to better serve customers and the community during a time of crisis had become frustrated.
“The issue we ended up with was that there wasn’t the usual planning to make sure people were using the right technology the right way for the right purposes. There was the potential for security rules to be broken, people to share documents externally, and we wanted to make sure we weren’t increasing our security risk.”
“We wanted to look at things like classification of information and how to better manage that,” said Hansen.
While the ease of using the Microsoft suite for collaboration is among the technology’s greatest attributes, Hansen identified that it needed to come with consistency and access management rules that suited VTAC’s unique role.
“A lot of people started to use the tools, and we started spawning Microsoft Teams sites without clarity over who owns them, what they are used for, who is governing access and who has access – a whole plethora of things fell into the project remit. It was clear we lacked sufficient clarity.”
Furthermore, major changes were underway at VTAC, which served to drive the need to work towards a more effective and consistent model even more.
“As we continued to grow, we knew it was important to demonstrate that we were not carrying unnecessary risk,” outlined Hansen.
VTAC sought proposals from potential technology consulting partners, and after working together on previous projects, Business Aspect was top of the list.
“We knew where to go to get the help we needed, and that we could get it done right, and at a reasonable price. We got quotes and recommendations around the scope of the project, and it was Business Aspect who demonstrated the most capability and knowledge,” commented Hansen.
From the start, the engagement was a highly collaborative process. After preparation with Hansen’s team, in which Business Aspect confirmed objectives and reviewed materials, input was sought from stakeholders across the organisation.
“We went through a process of understanding the landscape, where we interviewed individuals and small groups. Then, we ran a series of workshops in both smaller and wider groups where we were able to validate our findings and elaborate further.
“What we found in those workshops was that the process had a great output, it was received really well by the business, and gave us a great quality of insights,” said Hansen.
The findings from these group sessions were reviewed by specialist Business Aspect consultants, who then workshopped with several VTAC groups to determine the best path ahead. Business Aspect then presented a roadmap that detailed prioritised actions to be taken in order to standardise use of Microsoft tools and create robust governance of this environment in a modern workplace.
“Even in the workshops, we found that our teams felt they were being heard and that they were getting clarity around what they needed to do. Our teams took a lot of what they learned from the program and applied it right away, which is a great outcome.”
Among early priorities was addressing the physical environment to better suit hybrid working, something that has “become the norm” for much of the VTAC workforce. This included equipping meeting rooms with technology to enable staff to join both in-person and online – whether in smaller groups or those large webinars – and get a more rewarding experience.
Hansen said that it helped that the experienced Business Aspect team understood VTAC’s situation was flexible in the timing of activities, and was capable of leading the project.
“They understood we had a lot going on and wrote the plan down into manageable chunks that we were able to work with in a very busy time. They staggered things so that we could ensure we had good foundations in place as the priority.”
They understood we had a lot going on and wrote the plan down into manageable chunks that we were able to work with in a very busy time. They staggered things so that we could ensure we had good foundations in place as the priority.
Steven Hansen – Director for IT Services, Victoria Tertiary Admissions Centre
While the project provided a roadmap to the training and governance required to uplift VTAC’s day to day practices, it went beyond that to design a modern workplace for its dedicated workforce. After working through a process Hansen described as “hugely helpful”, Hansen said that the expert advice had paid dividends in unifying the way VTAC’s hybrid workforce uses key technologies.
“If you want to adopt Microsoft technology toolsets for collaboration, knowledge management and communications, start with getting an expert to come in and help you to define what that’s going to look like. Discuss how you will use all the tools, what are your needs, and what collaboration and knowledge management issues you are solving.”
“You need to understand the problems and then how these tools can address them, rather than just jumping in. There may be a lot of preconceived ideas and it is about stripping these away and building a solid foundation,” advised Hansen.
As VTAC works through the actions outlined on the roadmap, Hansen said that progress has been helped by support and engagement throughout the organisation.
“Business Aspect presented the recommendations to the VTAC management team and people were receptive, absolutely. The feedback was that everything makes sense now and we know that will continue as we grow.”
“The highlight of this project was the engagement with the wider organisation; I knew we couldn’t just keep this within our IT team and working with Business Aspect was like having an extra pair of hands to help,” concluded Hansen.
