Microsoft Copilot – To-Do List to get started

Microsoft Copilot – To-Do List to get started

2025-06-27T11:08:27+02:0009.08.2024|IT security|0 Comments

Copilot has the potential to fundamentally change your company’s data landscape – the possibilities go far beyond the imaginable. However, there are also risks: From outdated files to incorrect authorizations – such hurdles can make confidential data public or affect the precision of your Copilot queries. Proper preparation of your authorization and access structure can guarantee you a smooth start with this technology.

Rolling Out Microsoft Copilot: How to prevent incidents

In order to perfectly coordinate the authorizations and accesses in Microsoft Copilot, we must first understand what Copilot can and sees. In the course of this, we will also better understand what it cannot and does not see.

What Microsoft Copilot Sees

With Copilot, individual users or entire organizations can leverage the power of a large language model similar to ChatGPT. This makes it possible to perform analyses and search queries on all files to which you have access. This means that Copilot does not pose a threat in this respect, as it does not require any additional authorizations but is based on the existing authorization structure.

Why Could Copilot Still Be Problematic?

1. Issues with Permissions

When using Microsoft Copilot in companies, every process begins with a request from the user. This request could include searching for information, creating documents or automating routine tasks. Copilot then starts its queries, searching for all relevant information in all files accessible to the user. Through this access, Copilot can provide accurate results based on internal company data.

However, the introduction of Microsoft Copilot in companies often reveals unexpected challenges in the area of data administration and authorization management. If Copilot inadvertently exposes security vulnerabilities by accessing sensitive data in SharePoint that was hidden before its introduction, serious teething problems can arise. The resulting reputational damage within the organization can be significant, especially if trust in the decision makers and the technology itself is undermined.

A simple example illustrates the risk of using Microsoft Copilot: An accountant analyzes salary data for a cost center overview and initially stores this information securely in an accounting-restricted folder. However, for a presentation to senior management, she copies important salary details to a file that she stores in a publicly accessible folder. While this file would normally be difficult to find, Microsoft Copilot could provide unexpected answers to the question “What do my colleagues earn?” because it has access to the less protected folder.

The picture shows how quickly chaos can arise with Microsoft Copilot. It shows an office with documents flying around wildly.
This picture shows how the co-pilot has used outdated data by accessing the wrong folder. The employee in front of the PC is completely confused because the information does not seem coherent.

2. Access to legacy data

A major problem when using technologies such as Microsoft Copilot is dealing with outdated files. For example, if we look at the folder “Produkpalette_Q3_2023”. This folder has been outdated for a long time. And WE, as employees, know that too. However, Copilot does not come to this conclusion by itself.

This can lead to Copilot working on the basis of this outdated information. And this in turn can lead to distorted results. Such situations raise questions about data integrity and highlight the need for more conscientious data maintenance and updating to fully leverage the value of Microsoft Copilot.

To-Do Before Introducing Microsoft Copilot

1. Prevent Access to Legacy Data

First of all, it is important to archive all files that are no longer required in order to avoid unnecessary confusion. Product lists, customer lists and documentation that are no longer required should be moved to clearly labeled archives. This process requires a thorough review of existing folder structures to ensure that only relevant data remains in active access. It can be helpful to define guidelines for the archiving period of individual document types to ensure systematic updating and cleansing of the data stock. Proper archiving not only helps to increase efficiency, but also promotes compliance with data protection guidelines.

2. Review Permissions

Revising the authorization structure is essential to ensure secure access to data and documents. While the tools available in the Microsoft Admin Center offer a good starting point, they can reach their limits in complex scenarios. We use a third-party tool that helps you quickly and clearly comply with the agreed guidelines in a time-efficient manner. We are happy to support you in implementing these practices in your company. Contact us for a free initial consultation.

3. Implement an Organization-Wide Policy for Using TAGS

In order to improve efficiency in the search and organization of documents, it is advisable to introduce a uniform policy for the use of tags within the organization. Tags help to quickly classify and retrieve information, which is especially beneficial in a time of information overload. When developing such a policy, relevant key terms, such as project names, department names or document types, should be defined. It is important to train all employees in the use of this policy to ensure consistent use of the tags and to exploit the full potential of this organizational aid. The co-pilot then automatically copies the necessary tags to the information it references. This prevents them from unintentionally disclosing classified information.

4. Welcome to the World of Copilot

Your authorizations and accesses are now ready for everyday work with Microsoft Copilot. Copilot serves as a powerful digital assistant that supports your work processes with automated tasks and intelligent suggestions. This technology offers the opportunity to optimize workflows and significantly increase productivity. It is crucial that all team members are familiarized with the functions and possibilities of Copilot to ensure successful integration into the daily work routine. Regular feedback and customization will help to effectively adapt Copilot to the specific needs of your business. We welcome you to a future where work is made easier and more efficient through intelligent support.

Microsoft Copilot – FAQ

How can I integrate external services into my Microsoft Copilot?2025-02-24T10:06:08+01:00

The Microsoft Graph helps us here too. By setting up these connectors, it becomes possible to seamlessly integrate Microsoft Copilot into different environments.
Copilot can then access an extended database, including third-party data, to provide more comprehensive and accurate support.

The following services are supported by the Microsoft Graph Connectors:

Azure Data Lake Storage Gen2
Azure DevOps Work Items
Azure DevOps Wiki
Azure SQL and Microsoft SQL Server
Confluence Cloud
Confluence On-premises
CSV
Custom connector
Enterprise websites
Jira Cloud
MediaWiki
File share
Oracle SQL
Salesforce
ServiceNow Knowledge
ServiceNow Catalog
ServiceNow tickets

All compatible connectors can be found here: Microsoft Graph Gallery

Can Microsoft Copilot access data that is stored on-premise?2025-02-24T09:32:48+01:00

Yes, Microsoft Copilot can access data stored on-premise if it is integrated via Microsoft Graph Connectors. These connectors make it possible to integrate external data sources into Microsoft Graph so that Copilot can use them. Further information on setting up and using Microsoft Graph Connectors can be found in the Microsoft documentation.
You can find out more about Microsoft Copilot and tips for authorization settings in our blog:“Microsoft Copilot – To-do list for permissions and access“.

Does the Microsoft Copilot have access to the Internet?2025-02-24T09:32:48+01:00

By default, Microsoft Copilot for Microsoft 365 does not have access to the internet to include web content in its responses. This feature is disabled by default, but can be enabled by an administrator to improve Copilot’s responses by including relevant web content. For detailed instructions on how to enable this feature, you can visit the official Microsoft documentation.

Does it make sense to use Microsoft Copilot now or should I wait to buy it?2025-02-24T09:32:47+01:00

Although not all of Microsoft Copilot’s features are available yet, the use of AI in the workplace will inevitably become standard. Early adoption allows employees to gradually learn how to use this technology, which promotes more natural integration and higher acceptance. Later adoption, on the other hand, can lead to more extensive and potentially slower training.

Is the Microsoft Copilot worth it?2025-02-24T09:32:47+01:00

Microsoft Copilot is very helpful for summarizing emails and documents and writing emails more efficiently. At an hourly rate of 12 euros, Copilot is worthwhile even if it only saves around two hours of working time per month. Copilot is therefore a good investment, especially in administrative activities where such savings can be achieved quickly.

Leave A Comment