🟢 DISCOVER DETOX FOR MICROSOFT 365 COPILOT : 2 STEPS TO REDUCE DATA EXPOSURE! START YOUR RISK ASSESSMENT 👉

Case-Study

26 June 2023

French mutual GPM enhance the governance of user access and sharing on M365

Microsoft 365 protection: Governance of user access and sharing

Groupe Pasteur Mutualité is a global player in the protection, support and well-being of healthcare professionals, embodying 160 years of living mutualism and campaigning for an active fraternity. As a result of all of its commitments, Groupe Pasteur Mutualité provides healthcare professionals with insurance coverage and services that facilitate their professional practice.

Context

Groupe Pasteur Mutualité, which has 500 employees, initially used the IDECSI solution in 2016 to protect the mailboxes of COMEX members to guarantee data confidentiality.

In 2020, with a brand new cybersecurity program called CARE (Confidence, Anticipation, Resilience, Commitment), the CISO is implementing a 3-year roadmap which aims to strengthen the security of Groupe Pasteur Mutualité's information system with a focus on the Cloud, mobility and user engagement.

In addition to strategic and commercial issues, Groupe Pasteur Mutualité, by its nature, processes sensitive data (personal and health data) and has advisers who are particularly mobile at the national level.

It is in this context that GPM decided to extend its scope of protection to all employees and to Microsoft 365 cloud collaborative tools thanks to IDECSI.

Problem

Indeed, the CISO needed to control and certify access, rights and sharing in the use of collaborative tools, with both granular elements to be able to deal effectively with security events and tangible elements to communicate with the general management, who are very aware of data protection. Faced with the complexity of analysing Microsoft 365 logs and the lack of visibility, the CISO called on IDECSI to meet 4 main objectives.