The Telefónica Group identified the need to secure shared information for responsible and secure adoption with the arrival of Microsoft Copilot in corporate environments. The deployment of this Generative AI-based tool required prior assurance of compliance with data governance standards, especially considering the global scale of the organization and the nature of the information handled.
The legacy file-sharing architecture in Microsoft 365, based on total delegation to users (the “content owner” model), posed a high risk in terms of oversharing and exposure of critical information.
The initiative combined auditing, remediation, and deployment of technical controls, requiring strong collaboration between Global Security, Corporate IT, Microsoft, and the business units (OBs).