Most Active Speaker

Tatu Seppälä

Tatu Seppälä

Blogger & speaker | Microsoft MVP | MCT | Data Security, Insider Risk, Power Platform Governance, IAM

Vantaa, Finland

Actions

Tech explorer & lifetime learner. Deep experience in consultancy, advisory and architectural roles in the Microsoft cloud tech space. Special focus areas include (but are not limited to) insider risk, compliance and data security.

Awards

Area of Expertise

  • Information & Communications Technology

Topics

  • Compliance
  • Insider Risk
  • IAM
  • Microsoft 365
  • Microsoft Entra
  • Power Platform
  • Dataverse
  • Microsoft Purview
  • Azure Security
  • Microsoft Security
  • Microsoft 365 Defender
  • Generative AI
  • AI Security

Understanding data security essentials for Dataverse, Fabric and Copilot Studio

While Copilot Agents are the cutting edge of innovation in modern work, Dataverse has already established itself as a leading component of business applications strategies worldwide, while Fabric is now becoming an essential part of our business solutions around Dataverse.
AI, data and Power Platform are a powerful mix. In this session we will guide you through the governance and management of the data, with a mixture of demos and real life stories, to help you know what to use where and give you a glimpse of what is coming next on the roadmap.

In our experience however, one thing is clear: data security capabilities from Purview and other services are often overlooked or underutilized. To help correct that, we'll dive in and explore how to unlock their full potential.

We'll demonstrate how to build a sustainable and secure framework, with sensitive data accounted for and proper guardrails in place using the capabilities available to you today.

Key topics that we will demo:
Discovering sensitive data in Dataverse and Fabric: What you need to know and what steps to take once you've found it
Using Data Activator to drive granular, conditional real-time action and awareness based on data in Fabric
Extending critical data protection to Power Platform with sensitivity labels across Copilot Agents, Dataverse, and Fabric

Along the way, we'll share stories and actionable insights from our experiences in the field.

This session is perfect for..
Power Platform, Dynamics 365 and Fabric admins and those with governance responsibilities
Microsoft 365 data security responsibles looking to get up-to-speed on using Purview capabilities effectively

Don't miss this opportunity to transform your approach to governing and securing your Copilot Agents and business applications!

Expectation vs. Reality: Crushing user experience and productivity in the name of security

Cybersecurity is ultimately all about balancing risk management with productivity. Too often the mentality is: identify the bad thing, block the bad thing, tell the users to shun the bad thing, case closed, kingdom saved - right? Our experience says something is missing from that equation: the human factor and employee experience.

By treating business users like sheep, we are disregarding three of the most powerful drivers of security risks: frustration, creativity and most important: laziness. Whenever people encounter unexpected obstacles that they are motivated to overcome, we have an uncanny ability to find surprising ways to bypass them - unauthorized jury-rigged solutions which are often far worse for an organization's security posture than the original risk the technical controls were meant to protect from.

In this session, two seasoned security pros versed in psychology and equipped with deep practical experience unpack how and why idealistic and uncompromising security initiatives can (and often do) eventually backfire, manifesting as a silent and unmitigated workaround culture that breeds inefficiencies and discontent, raising new security risks and ultimately undermining the competitive edge of the business itself.

You will take home platform agnostic tips and tricks, along with a fresh outlook to help you properly use the licenses and tools you already have.

For example, you’ll be able to:
* Go from BlockPoint to SharePoint, opening up secure collaboration by using Microsoft Purview capabilities like DLP and Information Protection
* Avoid an exodus from Windows devices towards often looser-managed platforms like MacOS, driven by the desire for more user freedom
* Set up guardrails for handling business data on unmanaged devices with a thoughtful implementation of MAM
* Provide access to generative AI without compromising on essentials like audit logging and data security

The session is recommended for anyone looking for a fresh perspective on an important topic – especially security architects, technical experts and IT decision makers.

Design effective Endpoint DLP solutions with Advanced Hunting & Generative AI

Designing a holistic, granular and effective Microsoft Purview Endpoint Data Loss Prevention solution to secure sensitive data exfiltration actions on Windows 10/11 and macOS devices can be a daunting task.

The key difficulty - and value! - lies in adapting your solution based on the actual usage patterns from the organization you're working with. To build a truly fit-for-purpose production solution with Endpoint DLP, you'll need to accomlish things like:
- Mapping various categories of cloud domains targeted by file uploads and content paste activities
- Identify network and local printers that are used commonly for print jobs involving sensitive information
- Understanding the often sprawling jungle of network shares used by employees and accounting for them
- Discover usage patterns of removable USB media across roles.. and more.

All of these tasks get exponentially more complex as the size of the organization grows. There is a way forward though: getting comfortable with KQL in Advanced Hunting and Log Analytics. I'll share and demonstrate how I routinely design and build Endpoint DLP data security solutions for organizations of all sizes using repeatable patterns and practices.

We'll also get into how I've found it essential to use Generative AI (doesn't have to necessarily be Copilot!) to speed up a few of the most demanding parts of the Endpoint DLP solution design process.

During the session, I'll share my favorite KQL queries and how to vary them to meet your requirements - and how to turn the information you get from them into practical solution design.

This session is useful for any IT pro, security architect and data security responsible looking to create or maintain a functional Endpoint Data Loss Prevention solution.

This session is focused on demos and real stories. It is built around how I go about designing real data security solutions for medium to large enterprises as a Purview MVP and data security architect.

Context & content: The new pillars of effective data security

Driven by advances in Microsoft Purview capabilities released after late 2024, a new approach to building enterprise-grade data security solutions with Microsoft Purview has been unlocked, based on the two C's: content and context.

This is the logical evolutionary step from earlier approaches that emphasize individual user choice through mandatory manual labeling.

The new approach builds on this well-established foundation by helping guide and automate label application in the highest-value cases while also taking away much of the burden of daily manual sensitivity labeling based on the context the information was created in. Solutions built around this philosophy are already being utilized by many mature and forward-thinking organizations.

In this session, I will share my experiences working as a data security solution architect by demoing and explaining how to design and build a foundational layer of confidential workspaces in Teams and SharePoint. Then, we'll put these confidential working contexts to good use, building flexible & powerful automatic data security and data lifecycle solutions that minimize business disruption and raise awareness while helping keep your most valuable data secure.

You will leave the session understanding how a few focused user decisions can now have powerful positive downstream effects without undue process disruption or control confusion. Join this session to learn how to design based on this new paradigm and take your data security solution to the next level!

The session is especially suited for security architects, data security responsibles and anyone looking to upgrade their Purview data security solution.

Based on my experiences as a leading Purview specialist and MVP and my wide-ranging practical technical and architectural work with customers during 2024 and 2025.

A field guide to fine-tuning Insider Risk Management

While it can be an exceptional tool for protecting organizations from sensitive data theft or loss, Purview Insider Risk Management is also likely to initially flood your analysts and investigators with low-value alerts if not set up correctly. Luckily, this challenge can be solved by implementing the correct fine-tuning methods, which aren't always obvious.

In this session and based on my experiences in the field, I explain how to leverage data sources like DLP auditing (and others) to quickly and confidently increase the alert fidelity of any IRM deployment.

There's also an ongoing companion series of blog articles to this session: https://seppala365.cloud/2023/11/28/fine-tuning-microsoft-purview-insider-risk-management-part-1/ - In the session, I share many tips & experiences not discussed in the articles.

Streamlining Power Platform environment access and security role management with Entra ID

Does the complexity and clumsiness of access and security role management in Power Platform and Dataverse leave you feeling unsure of how to keep things under control at scale? Do you find yourself wishing you could bring in the familiar and powerful access management and governance functionalities of Entra ID (formerly known as Azure AD) to Power Platform and Dataverse?

If so, this is the right session for you!

Through demos and insights, I will walk you through a proven, repeatable and easy-to-understand strategy for managing access to Power Platform environments and the Dataverse security roles in them - all powered by familiar Entra ID capabilities and only utilizing native Microsoft features.

During the session, I will show you how to..
* Manage Dataverse security roles with Entra ID groups
* Control access to Power Platform environments in Entra ID
* Clean up security role assignments from stale user accounts
* Enable easy an self-service access and role management for environment owners - no admin permissions required!
* Implement just-in-time activation (with optional business justification requirements) for System Administrator and other roles - and monitor the use of these roles over time

The end-to-end approach I share and demonstrate in this session is based on a set of solutions I've researched, developed, validated and implemented for real organizations over the last years. I will equip you with a set of patterns you can start implementing immediately in your own (or a customer's) organization.

This session is 75-85% demo-driven with intermittent pauses to discuss tips and raise some points. It takes the audience on a well-explained, end-to-end journey and aims to enable them to take action immediately.

Hunting for accumulations of sensitive data with Content Search and Defender for Cloud Apps

Identifying and hardening significant accumulations of data-at-rest in SharePoint Online and OneDrive is one of the key tasks in preparing an organization's data estate before Copilot for Microsoft 365 rollouts and in general as well. Accomplishing this isn't clear-cut, however.

In this session you will learn and see how to hunt for sensitive data accumulations for real in a clear, repeatable and effective way using tools like Content Search and Defender for Cloud Apps file policies. I will showcase and share KQL search queries, methods and best practices picked up during real-life work with numerous early Copilot for Microsoft 365 adopter organizations.

Dataverse detective: Discovering sensitive information with Purview Data Governance

With Power Platform and Dynamics 365 powering an increasing number of business-critical solutions, there is a growing need to understand and govern sensitive information stored in Dataverse databases. This is where Microsoft Purview Data Governance (Data Map & Data Catalog) comes in.

In this demo-driven session I explain how to integrate Dataverse into an organization's existing data security solutions while discovering, classifying and labeling business-critical information at-scale. Then, I'll tell you how to put these classifications to work, focusing your data security and governance efforts where they will have the greatest positive impact.

To help inform your own implementation efforts, I will share my experience-driven insights, tips and best practices for integrating Purview with Dataverse and raise awareness around some potential avoidable pitfalls when considering a move to production.

This session is 70%+ demo-driven and equips audiences with a solution pattern they can immediately start utilizing in their own organizations.

Advanced Copilot Analytics: From Zero to Hero with the Unified Audit Log, Entra ID and Power BI

A key challenge in achieving a successful outcome with Microsoft 365 Copilot is the lack of proper built-in analytics for administrators to discover and understand Copilot usage trends across scenarios, roles, departments, and more on a detailed level.

However, by cleverly combining the right Unified Audit Log events with Entra ID identity data in Power BI, it is possible to gain valuable insights into Copilot usage.

This can help answer questions such as:
- Which roles were the most active users of Word Copilot over the last 1/3/6/12 months?
- Of all sales executives, who are the top 3 and bottom 3 users by volume of Excel Copilot usage?
- How has Copilot chat usage developed across all users day-by-day after a round of trainings were held?
- How much Confidential content was referenced during last week's Copilot interactions?

In this session, I will discuss and demonstrate how to unlock these game-changing insights to tell compelling, data-driven stories about your organization's use of Microsoft 365 Copilot.

You will take home lessons you can start putting to practice without delay. The session is recommended for anyone involved with Microsoft 365 Copilot adoption and technical specialists working with analytics and admins curious about how M365 Copilot audit logging actually works.

DLP in Teams: A game-changer for raising everyday awareness

People can either be the strongest or weakest link in any organization's data security strategy. As the hub for everyday collaboration, Teams should help us understand when the information we are handling in chats, channel messages or files requires special attention and care.

In this session, we fire up some demos and take a hands-on approach for how to make this happen with Teams DLP - without blowing up business processes or causing undue frustration.

Notes from the field: Best practices for Purview data security rollouts

Embarking on the journey to organization-wide sensitive data discovery, sensitivity labeling and data loss prevention can be daunting. There are plenty of common mistakes that are easy to make if you aren't prepared - I know, because I've made most of them over the years!

During the session, we cover topics including but not limited to:
- Sensitivity label and DLP solution design
- Data Security team-building
- The ring-based data security solution rollout model
- Encryption considerations
- Policy and rule naming conventions
- The phased DLP solution buildup pattern from discovery to protection
- The importance of a proper audit phase coupled with consistent awareness-building with Policy Tips
- How to build your event ingestion pipeline from the Unified Audit Log to Azure Log Analytics
- How to block the bad stuff without messing up business processes
- And of course, the most common "fatal" mistakes you'll want to avoid.

Simply put, the aim of this session is to help you walk a smoother path with your Purview data security deployments. I share my experience-driven tips for reaching a successful data security outcome, both in the short and the mid-to-long term.

Cutting through the noise: Jumpstart your insider risk program with Microsoft Purview

Join me for an insightful session where I share practical tips and insights from my experience in helping organizations establish robust insider risk teams using Microsoft Purview Insider Risk Management (IRM).

Discover how to navigate both the technical and the human aspects of insider risk management:
- Know the other Microsoft data security capabilities and features you want to have in place before using IRM that will help achieve success
- Understand the key roles and responsibilities. It takes more than just IT!
- Learn how to fine-tune technical indicators, policies and other settings
- Master the craft - I share my tips on how to structure the daily, weekly and monthly work of the insider risk team

I will also discuss the toughest challenges I've faced so far, share some proven strategies to achieve quick and meaningful results, and discuss the next steps once your insider risk management practice is up and running.

Thrive 2025 Upcoming

June 2025 Radenci, Slovenia

European BizApps Summit 2025 Upcoming

May 2025 Düsseldorf, Germany

CollabDays Switzerland Sessionize Event Upcoming

April 2025 Zürich, Switzerland

Global Power Platform Bootcamp 2025 | Northern Germany (Hamburg, Bremen, Hannover) Sessionize Event Upcoming

February 2025 Bremen, Germany

CollabDays Bremen 2025 Upcoming

February 2025 Bremen, Germany

Cloud Technology Townhall Tallinn 2025 Sessionize Event Upcoming

January 2025 Tallinn, Estonia

ESPC24 Sessionize Event

December 2024 Stockholm, Sweden

Scottish Summit 2024

Advanced Copilot Analytics: From Zero to Hero with the Unified Audit Log, Entra ID and Power BI

October 2024 Aberdeen, United Kingdom

CollabDays Bletchley Park 2024

Streamlining Power Platform access and security role management with Entra ID

September 2024 Milton Keynes, United Kingdom

Baltic Summit 2024 Sessionize Event

September 2024 Gdynia, Poland

CollabDays Finland 2024 Sessionize Event

September 2024 Helsinki, Finland

CollabDays Hamburg 2024

Hunting for accumulations of sensitive data with Content Search and Defender for Cloud Apps

August 2024 Hamburg, Germany

Teams Nation 2024 Sessionize Event

February 2024

Tatu Seppälä

Blogger & speaker | Microsoft MVP | MCT | Data Security, Insider Risk, Power Platform Governance, IAM

Vantaa, Finland

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top