48 VIEWPOINT How can organisations ensure their generative AI technology implementations are effective? Kyndryl’s own Copilot for Microsoft 365 rollout provides a blueprint for success PETER HUDACKO: KYNDRYL Five best practices for implementing Copilot During the second year of Kyndryl’s 24-month global IT transformation, we made a strategic decision to invest in generative artificial intelligence technology. Copilot for Microsoft 365 was the logical choice for us and, after collaborating with Microsoft on a rollout strategy, our Copilot team launched a multiphase implementation in July 2023. Over the following 12 months, we worked with multidisciplinary teams across Kyndryl to execute and refine our strategy before vetting use cases and staging rollouts of Copilot licences. By July 2024, we had assigned nearly 20,000 Copilot licences and amassed more than 600 approved use cases for the technology. We learned a lot throughout the process and have distilled our lessons learned into five best practices to help guide other organisations on their Copilot journey. 1. Prepare your data to optimise performance Data is the fuel for large language models that power generative AI tools like Copilot. Therefore, your data structure and information architecture must be flawless and adhere to the latest data privacy and cybersecurity standards to perform optimally. Over the course of four months, Kyndryl’s Copilot team reviewed existing Microsoft 365 data controls, content lifecycles and data classifications to prepare the information architecture for Copilot. During this process we tightened access controls in Microsoft SharePoint and reduced the number of internal public sites to approximately 10,000. We also automated the deletion of roughly 20,000 inactive SharePoint sites, developed a data classification module based on sensitivity, tagged content with relevant keywords and organised data. 2. Establish a robust governance model Without proper guardrails for generative AI in place, users are at risk of misusing the technology or exposing sensitive data that can cause significant operational, financial or reputational damage. During implementation, the Copilot team collaborated with legal, risk and human resources teams to review each use case request individually to ensure alignment with compliance standards and risk considerations. Each month, administrators reviewed dashboard reports to measure the frequency of use and reclaimed licences from employees who hadn’t used the technology within a specified period. Reclaimed licences were then reallocated to individuals with approved use cases, ensuring employees who would benefit most from the technology had access to it. 3. Grant access incrementally With tools like Copilot, it’s better to allocate licences over time than to immediately grant full access to the technology. Staggering implementation lets administrators review use cases and assess any associated risks that arise before deploying the technology to your entire workforce.
RkJQdWJsaXNoZXIy NzQ1NTk=