Do this before turning on Microsoft Copilot

copilot data governance

Configure data governance before turning on Copilot

VS Code

Have you been tasked with deploying Copilot and complete before Christmas 2024? Just before you turn it on, make sure you have secured.

What is Microsoft 365 Copilot?

Microsoft 365 Copilot provides real-time intelligence that enables users to complete tasks more efficiently, enhance their productivity & skills, and improve their overall work experience. From a business impact perspective, users get content relevant to their work tasks, like drafting, summarizing, and answering questions; all in the context of their work within their Microsoft 365 app.

Microsoft 365 Copilot: Coordinates large language models (LLMs). LLMs are a type of artificial intelligence (AI) algorithms that use deep learning techniques and data sets to understand, summarize, predict, and generate content. These LLMs include pretrained models, like Generative Pre-Trained Transformers (GPT) (like GPT-4), that are designed to excel in these tasks. Uses content in Microsoft Graph, like emails, chats, and documents that users have permission to access. Pairs with the Microsoft 365 productivity apps that you use every day, like Word, Excel, PowerPoint, Outlook, Teams, and others.

VS Code

Microsoft 365 Copilot provides value by connecting LLMs to your organizational data. Microsoft 365 Copilot accesses content and context through Microsoft Graph. It can generate responses anchored in your organizational data, such as user documents, emails, calendar, chats, meetings, and contacts. Microsoft 365 Copilot combines this content with the user’s working context, such as the meeting a user is in now, the email exchanges the user had on a topic, or the chat conversations the user had last week. Microsoft 365 Copilot uses this combination of content and context to help provide accurate, relevant, and contextual responses.

Microsoft 365 Copilot only surfaces organizational data to which individual users have at least view permissions. It's important that you're using the permission models available in Microsoft 365 services, such as SharePoint, to help ensure the right users or groups have the right access to the right content within your organization.

Microsoft have provided a check list of items that will guide you through the process of securing your data before your deployment.

Microsoft 365 Apps

VS Code

Before you enable Copilot in apps, there are task you need to complete before:

  1. Version and update channel - Users must be on the correct channel to access copilot features
  2. Privacy settings for Microsft 365 Apps - Review your privacy settings for Microsoft 365 Apps
  3. Organizational Branding - You can tailor PowerPoint presentations with your corporate templates
  4. Learn More - Learn more such as how updates are distributed via the Content Delivery Network.

OneDrive

VS Code

The integration of Copilot with OneDrive enterprise accounts enables it to collaborate on content. Consider provisioning 1 terabyte of space in OneDrive to every user.

Copilot in OneDrive will be accessible directly in OneDrive for web and in the file viewer in Microsoft Teams, OneDrive, and SharePoint allowing users to quickly retrieve information from files

Microsoft Outlook

VS Code

The new Outlook (Windows, Mac, Web, Mobile) is recommended for integration with Copilot, but Copilot does support classic Outlook

Copilot in Outlook helps you manage and triage your email and time more efficiently. It provides personalized suggestions, summaries, and insights to help you stay on top of things and save time.

Microsoft Teams

VS Code

To use Copilot with Microsoft Teams, use either the Teams desktop client or the web client. Copilot supports both the current and the new versions of Teams.

Unlock productivity with Copilot in Teams meetings to have more effective meetings or catch up on ones you missed.

Microsoft Loop

VS Code

Activate Loop in your tenant to bring Copilot into Loop collaborative canvases.

A co-creation experience that brings teams, content and tasks across your tools and devices together. Combining a powerful and flexible canvas with portable components that stay in sync across applications.

Best Practices

VS Code

When configuring Copilot, it's essential to prioritize data protection. Copilot includes inherent safeguards for organizational data. Microsoft Purview Information Protection offers valuable support through appropriate data labeling. SharePoint provides helpful tools for implementing informed decisions regarding security and compliance measures. Every organization is responsible for establishing additional data protection measures within their Microsoft 365 environment. Take into account these considerations for establishing best practices to protect the data in your organization when using Copilot.

  1. Maturity Model - The Microsoft data governance maturity model is a strategic framework for managing data quality, access, and use. It emphasizes automated controls and scalable solutions for data issues throughout its lifecycle, promoting responsible data democratization.
  2. Copilot data handling - Copilot connects to your organizational data via Microsoft Graph. It generates responses using this data and a user's context, such as ongoing meetings. Copilot uses only data accessible to the user. The accessed data isn't used to train foundational models and stays within the Microsoft 365 service boundary. Real-time abuse monitoring is in place. Microsoft doesn't have ongoing access to customer data.
  3. Apply appropriate data security controls in OneDrive and SharePoint - Establish appropriate external share settings to improve team collaboration security in OneDrive and SharePoint.
  4. Data access governance reports for SharePoint sites - Organizations require effective data governance solutions to counter the unintentional sharing of information on SharePoint sites. Data access governance reports play a pivotal role in facilitating the management of SharePoint data access. These reports offer valuable insights to assist in regulating access to SharePoint data, allowing organizations to identify sites housing overexposed or sensitive content. With these reports, organizations can make informed decisions to evaluate and implement suitable security and compliance measures.
  5. Microsoft Purview Information Protection - Be cautious about sharing sensitive information in your Copilot environment to help avoid unintentional sharing. Help protect your data by assigning appropriate labels and employing security measures.

Purview

Once you have completed these configuration settings, you need to head over to Purview to ensure you have created the relevant policies such as Data Loss Prevention policies. There is tonnes to configure there and thus is out of scope of this blog.

Conclusion

Getting ready for Microsoft 365 Copilot doest have to be a daunting task and once completed, you can safely enable it knowing your users data is secure and goverened correctly. But the journey doesnt stop there as you continue to monitor and adapt policies to the changing needs of the organization. Feel free to reach out if you need any assistance.