Tel Aviv-based Sentra, which makes cloud-native data security for the AI era, has launched its comprehensive solution for securing Microsoft 365 Copilot Security, which lets organizations adopt Copilot with confidence while staying compliant and safeguarding sensitive enterprise data. Their solution can discover who has access to sensitive and confidential data, and label files automatically with an integration to Microsoft DLP for M365 Copilot. This ensures that Copilot adoption meets enterprise security and compliance standards.
The problem with Microsoft 365 Copilot is that while it embedded across applications like SharePoint, OneDrive, and Teams, and is good in the way that it streamlines business processes and enhances productivity, it is also inherently risky. It also presents new data exfiltration and overexposure risks to the point where, according to recent research, over 15% of business-critical files are exposed due to oversharing and excessive permissions. These risks are compounded by redundant, unused, stale, and trivial (RUST) data, over-permissioned access, and incomplete sensitivity labeling. All of this can amplify Copilot’s exposure surface and ‘blast radius’.
“Tools like Microsoft Copilot and Google Gemini are designed to respect existing access controls,” said Yair Cohen, VP Product and Co-founder of Sentra. “But here’s the catch. Most organizations already have excessive permissions, broken inheritance, and unmonitored sharing. So when a user connects a Copilot agent to sensitive knowledge sources – from Microsoft 365 to Salesforce or AWS, the agent can surface everything that user technically has access to, even if they were never meant to see it.”
With Sentra solution for Microsoft 365 Copilot, organizations can leverage Sentra’s platform capabilities to fully address the unique data risks by cataloguing and classifying all the sensitive and critical data in Microsoft 365 (including SharePoint, OneDrive and Teams). They can determine data access governance – mapping who has permission to every file with sensitive and critical data, and allowing sanitization and removal of unnecessary exposure. They can also provide automatic labeling, automatically applying Microsoft Purview Information Protection (MPIP) sensitivity labels based on flexible custom business logic, identify and fix missing or incorrect labels, and integrating with Microsoft Purview DLP for Copilot. Finally, they can continuously monitor and remediate missing or incorrect MPIP sensitivity labels, ensuring consistent and accurate M365 Copilot DLP governance.
“We just need to block AI tools,” Cohen said. “That’s still the first response I hear from a lot of security leaders. But according to new data from Harmonic Security, that strategy is already outdated, 22% of files shared with GenAI tools contain sensitive data. 26% of that data goes through free, unmanaged AI accounts. And most companies are now discovering 23+ new AI tools every quarter – being used quietly, by their own teams. Here’s the real takeaway: AI is already part of your workflow, you just can’t see it.”
Sentra’s pricing is straightforward, but depends on a few factors unique to each organization. Generally, Sentra licenses are based on the volume of data stored (data at-rest) across all your IaaS, PaaS, DBaaS, SaaS and on-premises environments.
“We often hear from data security professionals that their existing data classification solutions do not meet their needs and robust data protection and privacy programs,” Cohen stated. “So my team and I put together an educational article about the main challenges of modern data classification and how to tackle them to achieve your data security goals.”
“We’re proud that Sentra has emerged as a leader in the data security industry, making a significant impact on how organizations protect their data,” said Yoav Regev, Sentra’s Co-Founder and CEO. “Our success is driven by our incredible team, their hard work, dedication, and energy are the foundation of everything we do. From day one, our people have always been our top priority. It’s inspiring to see our team work tirelessly to transform the world of data security and build the best solution out there.”
Sentra’s role in the creation of Data Security Posture Management (DSPM) as a category is a classic example of this.
“Three years ago, DSPM didn’t exist (and neither did Sentra),” Cohen stated. “Fast forward to today, and DSPM is a trending category in analyst reports, enterprises are adopting it, and Sentra has a 4.9 star rating on Gartner reviews. A lot has changed. Since then, the category has evolved significantly, and our mission to secure data, no matter where it travels, remains at the heart of everything we do.”
Cohen noted that security teams have been told to ‘respond faster.’ But in the cloud and AI era, the real advantage comes from acting the instant risk emerges without waiting for people to catch up…
“That’s why we built automation into the core of Sentra’s Data Security Platform, with real-time discovery, accurate classification and context-aware remediation,” Cohen said.
“Microsoft 365 Copilot is quickly becoming an integral part for all organizations’ workflows, which shouldn’t come at the expense of data leaks or overexposure of data,” Cohen added. “Sentra’s data security platform gives security teams full visibility and control over their data assets in Microsoft 365′ so their organizations have the freedom to innovate without unnecessary risks.”