Engineering a Customized M365 eDiscovery Premium Add-on

Lighthouse bridges internal gaps during technology overhaul and solves longstanding compliance issues for a German multinational healthcare manufacturer.

Download the case study

Key Actions  

Lighthouse engaged company stakeholders in operational planning and received funding from Microsoft to devise and integrate a premium Microsoft 365 (M365) add-on to existing Purview Premium eDiscovery, which resolved an outstanding compliance need.

Key Results

The proof-of-concept achieved a zero-trust security model integrated with third-party software, and satisfied the barring of critical needs for the Company that centralized IT and legal departments after years of dysfunction.

What They Needed

Automating a transition to M365 commonly yields a clash between IT, legal, and compliance stakeholders if the decision to convert was spearheaded by IT and made without consulting legal and compliance teams. Typically, during planning or implementation of converting to M365, legal teams ask IT how the new platform will manage compliant and defensible processes, and if IT doesn’t have the answers, the project stalls. 

This was the situation facing a multinational manufacturing Company that engaged Lighthouse for help during the spring of 2020. At that time, the Company was several years into its M365 transition, and the legal teams’ requirements for adoption of native M365 compliance tools barred a complete transition. Pressure to adopt the tools escalated as M365 workloads for content creation, collaboration, and communication were already rolled out, creating an increasingly large and complex volume of data with significant degrees of risk. 

Lighthouse Responds to Need and Launches New Technology

In partnership with Microsoft Consulting Services, Lighthouse organized a companywide M365 “reset,” hosting a three-day workshop to revamp the transition process and generate an official statement of work. The strategic goal was to streamline the stakeholders from litigation, technical infrastructure, cybersecurity, and forensics teams that previously failed to align. 

The workshop fielded critical topics geared to encourage constructive discussions between stakeholders and to strengthen departmental trust. The outcome of these discussions eventually enabled the company to move forward with critical compliance updates, including the collection and parsing of Microsoft Teams data, and the management of myriad files and email attachments. 

Lighthouse took stock of the current state, testing potential solutions, and arrived at a proof-of-concept for an eDiscovery Automation Solution (EAS) that augmented existing M365 capabilities to meet the legal team’s security requirements and remediate any performance gaps. Microsoft recognized the potential value of the EAS for the wider market, ultimately leading to Microsoft funding for the proof-of-concept.

Inside the eDiscovery Automation Solution (EAS)

Technology

  • Azure-native web application designed to orchestrate the eDiscovery operations of an M365 subscriber through Purview Premium eDiscovery automation
  • Maximized Microsoft Graph API “/Compliance/eDiscovery/” functions and other Microsoft API
  • Simplified to Azure AD trust boundary, targeting the M365 tenant hosted within, and enabling full governance of identity and entitlement throughout Azure and M365 security features 

Benefits

  • Achieved a zero-trust security model 
  • Authorized high-velocity, high-volume eDiscovery tasks without outside technology through automation and orchestration of existing M365 eDiscovery premium capabilities native to M365
  • Mobilized integration with third-party software included in the Company’s eDiscovery workflows
  • Amplified workload visibility by automatically surfacing relevant Mailboxes, OneDrives, and other M365 group-based technologies dependent upon selected Custodians’ access