Where the work happens

Microsoft Purview, used in full.

Five areas of work that overlap in practice. Most engagements touch two or three at once. Every engagement is shaped to the tenant, not delivered from a playbook.

01

What you call sensitive, the platform should know.

Sensitivity labels are easy to deploy badly and hard to deploy well. The label schema is where most environments quietly diverge from their own policy. Done properly, labels carry encryption, control sharing, and silently drive everything downstream, DLP, IRM, Copilot eligibility, retention. Done poorly, they become administrative noise.

What changes in your environment
  • A label schema that survives contact with the business, not a paper taxonomy.
  • Auto-labelling and recommendations tuned to your actual content, not generic regex.
  • Default labels and mandatory labelling that don't fight the user into bypassing them.
  • An honest read of what the labels are actually protecting in the field, and what they aren't.
02

Stop leaks. Without blocking the business.

Most DLP rollouts are too cautious to be useful or too aggressive to survive contact with reality. The art is in the simulation-mode loop and the false-positive cull, not in the policy editor. ConsultIQ runs that loop with you until enforcement is something the business can stand behind.

What changes in your environment
  • A policy set that protects what matters, without an alert hailstorm.
  • A simulation-then-pilot rollout that lets you tune before you enforce.
  • Endpoint DLP added only where it earns its place, not as a default everywhere.
  • A continuous tuning rhythm, not a one-shot configuration that drifts the moment we leave.
03

See risk patterns without surveilling people.

Insider Risk Management is technically straightforward and organisationally treacherous. Works council, data protection, role separation, settled before any policy goes live. Pseudonymisation isn't a checkbox; it's how the trust is held. Done right, the platform sees patterns; people only see the few investigations that warrant a second pair of eyes.

What changes in your environment
  • Policy templates picked for your risk profile, not switched on wholesale.
  • An investigation flow with role separation that holds up under scrutiny.
  • Alerts tuned to your incident-response capacity, not the platform's defaults.
  • Works-council readiness handled before deployment, not retrofitted after a complaint.
04

Before Copilot reads, decide what it gets to see.

AI exposure is the new attack surface. Copilot reads everything a user can read, including the things that user technically can read but shouldn't. Most tenants discover this on the day of rollout, not before. ConsultIQ tightens the surface using the platform you already pay for, then maps the result against the EU AI Act so legal has a defensible position.

What changes in your environment
  • An oversharing read of what AI can actually see today, ranked by risk.
  • Sensitivity labels and DLP tuned for AI inputs and AI outputs, not just regular file sharing.
  • Restricted-content containment where the tenant really needs it, applied judiciously.
  • An EU AI Act readiness map you can put in front of legal without further translation.
05

Sensitive data, mapped. Risk, ranked. Decisions, defensible.

Most leadership conversations about data security stall on the same question: where actually is our sensitive data, and how well is it protected? Microsoft's Data Security Posture Management (DSPM) is the first time that question has a defensible answer inside the tenant itself. Done well, it ends the recurring 'where is our sensitive data' meeting. Done badly, it becomes another dashboard nobody opens. ConsultIQ stands it up so it earns its place.

What changes in your environment
  • A unified map of sensitive data across Microsoft 365, instead of five reports nobody reconciles.
  • Risk insights ranked by impact, with the policies that already cover them surfaced next to each finding.
  • Recommendations that connect to action: which label, which DLP rule, which IRM policy closes the gap.
  • Posture reporting that holds in front of auditors, regulators, and the board, with no further translation.
  • An operations rhythm that keeps the posture current as Microsoft ships new features and the threat landscape shifts.
Where engagements meet

The point is the platform, not the silos.

Most engagements start in one area and reach into another. A Copilot rollout becomes a labels conversation. A DLP tuning round opens an insider-risk question. The four areas are convenient categories, not separate products.

The five areas are convenient categories, not separate products. The DSPM view ties them together. The conversation is about what your environment actually needs, at the depth you can absorb, in the order that protects you fastest.

Next step

Tell me what you are protecting.

Engagements and pricing are shaped to the situation and discussed directly. The first conversation is short, useful, and obligation-free.

Open the conversation contact@consultiq.net