{"id":460866,"date":"2024-03-20T09:38:12","date_gmt":"2024-03-20T16:38:12","guid":{"rendered":"https:\/\/jorgep.com\/blog\/?p=460866"},"modified":"2024-10-25T14:02:27","modified_gmt":"2024-10-25T21:02:27","slug":"microsoft-copilot-understanding-security-risks","status":"publish","type":"post","link":"https:\/\/jorgep.com\/blog\/microsoft-copilot-understanding-security-risks\/","title":{"rendered":"Microsoft Copilot: Understanding Security Risks"},"content":{"rendered":"\n<div style=\"font-family: Verdana, Geneva, sans-serif; font-size: 11px; line-height: 1.6; color: #333;\">\n    <p>\n        <strong>Disclaimer:<\/strong> \n        <em>I personally love to share my learnings, thoughts, and ideas; I get great satisfaction knowing someone has read and benefited from an article. This content is created entirely on my own time and in a personal capacity. The views expressed here are mine alone and do not represent the positions or opinions of my employer.<\/em>\n    <\/p>\n    <p>\n        In my professional role, I serve as a Workforce Transformation Solutions Principal for \n        <a href=\"https:\/\/www.dell.com\/en-us\/work\/learn\/by-service-type-deployment\" style=\"color: #007db8; font-weight: bold; text-decoration: none;\">Dell Technology Services<\/a>. \n        I am passionate about guiding organizations through complex technology transitions and \n        <a href=\"https:\/\/www.delltechnologies.com\/en-us\/what-we-do\/workforce-transformation.htm\" style=\"color: #007db8; font-weight: bold; text-decoration: none;\">Workforce Transformation<\/a>. \n        <a href=\"https:\/\/www.delltechnologies.com\/en-us\/index.htm\" style=\"color: #007db8; font-weight: bold; text-decoration: none;\">Learn more at Dell Technologies<\/a>.\n    <\/p>\n    <hr style=\"border: 0; border-top: 1px solid #ddd; margin: 12px 0;\">\n<\/div>\n\n\n\n<div class=\"wp-block-columns has-theme-palette-7-background-color has-background is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p>Part of: <strong> <a href=\"https:\/\/jorgep.com\/blog\/series-ai-learnings\/\">AI Learning Series Here<\/a><\/strong><\/p>\n\n\n<style>.kadence-column395113_43ef2d-d5 > .kt-inside-inner-col,.kadence-column395113_43ef2d-d5 > .kt-inside-inner-col:before{border-top-left-radius:0px;border-top-right-radius:0px;border-bottom-right-radius:0px;border-bottom-left-radius:0px;}.kadence-column395113_43ef2d-d5 > .kt-inside-inner-col{column-gap:var(--global-kb-gap-sm, 1rem);}.kadence-column395113_43ef2d-d5 > .kt-inside-inner-col{flex-direction:column;}.kadence-column395113_43ef2d-d5 > .kt-inside-inner-col > .aligncenter{width:100%;}.kadence-column395113_43ef2d-d5 > .kt-inside-inner-col:before{opacity:0.3;}.kadence-column395113_43ef2d-d5{position:relative;}@media all and (max-width: 1024px){.kadence-column395113_43ef2d-d5 > .kt-inside-inner-col{flex-direction:column;justify-content:center;}}@media all and (max-width: 767px){.kadence-column395113_43ef2d-d5 > .kt-inside-inner-col{flex-direction:column;justify-content:center;}}<\/style>\n<div class=\"wp-block-kadence-column kadence-column395113_43ef2d-d5\"><div class=\"kt-inside-inner-col\"><style>.wp-block-kadence-advancedheading.kt-adv-heading510545_6813a5-28, .wp-block-kadence-advancedheading.kt-adv-heading510545_6813a5-28[data-kb-block=\"kb-adv-heading510545_6813a5-28\"]{font-size:var(--global-kb-font-size-sm, 0.9rem);font-style:normal;}.wp-block-kadence-advancedheading.kt-adv-heading510545_6813a5-28 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading510545_6813a5-28[data-kb-block=\"kb-adv-heading510545_6813a5-28\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading510545_6813a5-28 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading510545_6813a5-28[data-kb-block=\"kb-adv-heading510545_6813a5-28\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading510545_6813a5-28 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading510545_6813a5-28\">Quick Links:&nbsp;<a href=\"https:\/\/jorgep.com\/blog\/resources-for-learning-ai\/\">Resources for Learning AI<\/a> | <a href=\"https:\/\/jorgep.com\/blog\/keeping-up-with-ai\/\">Keep up with AI<\/a> | <a href=\"https:\/\/jorgep.com\/blog\/list-of-ai-tools\/\" data-type=\"post\" data-id=\"402818\">List of AI Tools<\/a><\/p>\n<\/div><\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\"><div class=\"wp-block-template-part\"><style>.wp-block-kadence-advancedheading.kt-adv-heading395113_c650df-47, .wp-block-kadence-advancedheading.kt-adv-heading395113_c650df-47[data-kb-block=\"kb-adv-heading395113_c650df-47\"]{text-align:center;font-size:var(--global-kb-font-size-md, 1.25rem);line-height:60px;font-style:normal;background-color:#f5a511;}.wp-block-kadence-advancedheading.kt-adv-heading395113_c650df-47 mark.kt-highlight, .wp-block-kadence-advancedheading.kt-adv-heading395113_c650df-47[data-kb-block=\"kb-adv-heading395113_c650df-47\"] mark.kt-highlight{font-style:normal;color:#f76a0c;-webkit-box-decoration-break:clone;box-decoration-break:clone;padding-top:0px;padding-right:0px;padding-bottom:0px;padding-left:0px;}.wp-block-kadence-advancedheading.kt-adv-heading395113_c650df-47 img.kb-inline-image, .wp-block-kadence-advancedheading.kt-adv-heading395113_c650df-47[data-kb-block=\"kb-adv-heading395113_c650df-47\"] img.kb-inline-image{width:150px;vertical-align:baseline;}<\/style>\n<p class=\"kt-adv-heading395113_c650df-47 wp-block-kadence-advancedheading\" data-kb-block=\"kb-adv-heading395113_c650df-47\">Subscribe to <a href=\"https:\/\/go.35s.be\/jtb\" target=\"_blank\" rel=\"noreferrer noopener\"><strong>JorgeTechBits  newsletter<\/strong><\/a><\/p>\n<\/div><\/div>\n<\/div>\n\n\n\n<p>There is a lot of misconceptions \/ questions about the security around the Microsoft Copilot products.   understandably, it is usually one of the first question that comes-up when companies are considering Copilot use within their organizations.  <strong>(the elephant in the room!)<\/strong><\/p>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:60%\">\n<p>Let&#8217;s quickly put some misconceptions to bed right away:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Your prompts, responses and data <strong>ARE NOT used to train LLMs<\/strong>.<\/li>\n\n\n\n<li>When using Copilot Pro, Copilot for M365 your data \/ prompts <strong>DO NOT leave your tenant<\/strong>.<\/li>\n\n\n\n<li>Copilot <strong>respects user permissions<\/strong> (requester) from Tenant\u2019s Microsoft Graph&nbsp;\n<ul class=\"wp-block-list\">\n<li>A notable exception at the moment:  plugins and extensions!  (more on this later)<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Microsoft Copilot for Microsoft 365 is&nbsp;<strong>GDPR compliant<\/strong>&nbsp;and adheres to existing privacy, security, and compliance commitments.<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<p><em><strong>Per Microsoft Documentation:<\/strong><\/em><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><a href=\"https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-107.png\"><img loading=\"lazy\" decoding=\"async\" width=\"601\" height=\"617\" src=\"https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-107.png\" alt=\"\" class=\"wp-image-460870\" style=\"width:426px;height:auto\" srcset=\"https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-107.png 601w, https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-107-292x300.png 292w\" sizes=\"auto, (max-width: 601px) 100vw, 601px\" \/><\/a><figcaption class=\"wp-element-caption\">Source: <a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365-copilot\/microsoft-365-copilot-privacy\">Data, Privacy, and Security for Microsoft Copilot for Microsoft 365 | Microsoft Learn<\/a><\/figcaption><\/figure>\n<\/div><\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\">\n<p>Understanding how Microsoft protects the data within your tenant is important, and this Microsoft graphics tells the architecture story:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><a href=\"https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-106.png\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"580\" src=\"https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-106-1024x580.png\" alt=\"\" class=\"wp-image-460867\" style=\"width:559px;height:auto\" srcset=\"https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-106-1024x580.png 1024w, https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-106-300x170.png 300w, https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-106-768x435.png 768w, https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-106-1536x871.png 1536w, https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-106.png 1667w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/a><\/figure>\n<\/div>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Making sure your data is secure!<\/h2>\n\n\n\n<p>Anyone implementing Copilot for Microsoft 365 needs to prevent unexpected data leakage.    <br>A few best practices \/ steps  include<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Ensure your organization&#8217;s <strong>data security and governance systems and strategy is in place<\/strong><\/li>\n\n\n\n<li>Identify <strong>what data is important<\/strong><\/li>\n\n\n\n<li>Determine w<strong>ho should have access<\/strong> to data<\/li>\n\n\n\n<li>Implement a <strong>classification and data labeling <\/strong>system<\/li>\n\n\n\n<li><strong>Implement basic retention policies<\/strong>&nbsp;to ensure data quality.<\/li>\n\n\n\n<li>Develop a cadence to <strong>regularly review and clean up<\/strong>&nbsp;your data to maintain accuracy and relevance.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">Data Classification and Sensitivity Labels<\/h2>\n\n\n\n<p>Copilot uses&nbsp;<a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365-copilot\/microsoft-365-copilot-privacy#how-does-microsoft-365-copilot-protect-sensitive-organizational-data\">existing controls to ensure that data stored in your tenant is never returned<\/a>&nbsp;to the user or used by a large language model (LLM) if the user doesn&#8217;t have access to that data. When the data has&nbsp;<a href=\"https:\/\/learn.microsoft.com\/en-us\/purview\/sensitivity-labels\">sensitivity labels<\/a>&nbsp;from your organization applied to the content, there&#8217;s an extra layer of protection:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>When a file is open in Word, Excel, PowerPoint, or similarly an email or calendar event is open Outlook, the sensitivity of the data is displayed to users in the app with the label name and content markings (such as header or footer text) that have been configured for the label.<\/li>\n\n\n\n<li>When the sensitivity label applies encryption, users must have the&nbsp;<a href=\"https:\/\/learn.microsoft.com\/en-us\/purview\/ai-microsoft-purview#copilot-honors-existing-protection-with-the-extract-usage-right\">EXTRACT usage right<\/a>, as well as VIEW, for Copilot to return the data.<\/li>\n\n\n\n<li>This protection extends to data stored outside your Microsoft 365 tenant when it&#8217;s open in an Office app (data in use). For example, local storage, network shares, and cloud storage.<\/li>\n<\/ul>\n\n\n\n<p>More on this topic at:  <a href=\"https:\/\/learn.microsoft.com\/en-us\/purview\/ai-microsoft-purview\">Microsoft Purview data security and compliance protections for Microsoft Copilot | Microsoft Learn<\/a><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Recommended Videos to Learn From<\/h2>\n\n\n\n<p>A couple of recent videos that explain how to security works follow: <\/p>\n\n\n<style>.kb-row-layout-id460866_0604f8-bd > .kt-row-column-wrap{align-content:start;}:where(.kb-row-layout-id460866_0604f8-bd > .kt-row-column-wrap) > .wp-block-kadence-column{justify-content:start;}.kb-row-layout-id460866_0604f8-bd > .kt-row-column-wrap{column-gap:var(--global-kb-gap-md, 2rem);row-gap:var(--global-kb-gap-md, 2rem);padding-top:var(--global-kb-spacing-sm, 1.5rem);padding-bottom:var(--global-kb-spacing-sm, 1.5rem);grid-template-columns:repeat(2, minmax(0, 1fr));}.kb-row-layout-id460866_0604f8-bd > .kt-row-layout-overlay{opacity:0.30;}@media all and (max-width: 1024px){.kb-row-layout-id460866_0604f8-bd > .kt-row-column-wrap{grid-template-columns:repeat(2, minmax(0, 1fr));}}@media all and (max-width: 767px){.kb-row-layout-id460866_0604f8-bd > .kt-row-column-wrap{grid-template-columns:minmax(0, 1fr);}}<\/style><div class=\"kb-row-layout-wrap kb-row-layout-id460866_0604f8-bd alignnone wp-block-kadence-rowlayout\"><div class=\"kt-row-column-wrap kt-has-2-columns kt-row-layout-equal kt-tab-layout-inherit kt-mobile-layout-row kt-row-valign-top\">\n<style>.kadence-column460866_60387e-0e > .kt-inside-inner-col,.kadence-column460866_60387e-0e > .kt-inside-inner-col:before{border-top-left-radius:0px;border-top-right-radius:0px;border-bottom-right-radius:0px;border-bottom-left-radius:0px;}.kadence-column460866_60387e-0e > .kt-inside-inner-col{column-gap:var(--global-kb-gap-sm, 1rem);}.kadence-column460866_60387e-0e > .kt-inside-inner-col{flex-direction:column;}.kadence-column460866_60387e-0e > .kt-inside-inner-col > .aligncenter{width:100%;}.kadence-column460866_60387e-0e > .kt-inside-inner-col:before{opacity:0.3;}.kadence-column460866_60387e-0e{position:relative;}@media all and (max-width: 1024px){.kadence-column460866_60387e-0e > .kt-inside-inner-col{flex-direction:column;justify-content:center;}}@media all and (max-width: 767px){.kadence-column460866_60387e-0e > .kt-inside-inner-col{flex-direction:column;justify-content:center;}}<\/style>\n<div class=\"wp-block-kadence-column kadence-column460866_60387e-0e\"><div class=\"kt-inside-inner-col\">\n<p>This one is GREAT (whiteboard style) explanation of the security risks and how data protection works along with mapping to CIS controls.  &#8212; Kudos to T-Minus365!  <\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Microsoft 365 Copilot | Security Risks &amp; How to Protect Your Data\" width=\"720\" height=\"405\" src=\"https:\/\/www.youtube.com\/embed\/ou2lYHhPbYk?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n<\/div><\/div>\n\n\n<style>.kadence-column460866_042ee4-88 > .kt-inside-inner-col,.kadence-column460866_042ee4-88 > .kt-inside-inner-col:before{border-top-left-radius:0px;border-top-right-radius:0px;border-bottom-right-radius:0px;border-bottom-left-radius:0px;}.kadence-column460866_042ee4-88 > .kt-inside-inner-col{column-gap:var(--global-kb-gap-sm, 1rem);}.kadence-column460866_042ee4-88 > .kt-inside-inner-col{flex-direction:column;}.kadence-column460866_042ee4-88 > .kt-inside-inner-col > .aligncenter{width:100%;}.kadence-column460866_042ee4-88 > .kt-inside-inner-col:before{opacity:0.3;}.kadence-column460866_042ee4-88{position:relative;}@media all and (max-width: 1024px){.kadence-column460866_042ee4-88 > .kt-inside-inner-col{flex-direction:column;justify-content:center;}}@media all and (max-width: 767px){.kadence-column460866_042ee4-88 > .kt-inside-inner-col{flex-direction:column;justify-content:center;}}<\/style>\n<div class=\"wp-block-kadence-column kadence-column460866_042ee4-88\"><div class=\"kt-inside-inner-col\">\n<p>This video, By Steven Rodriguez, more <strong>geared towards security practitioners<\/strong>), to help start the conversation around LLM Security organizations.    Kudos to Steven!<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Microsoft 365 Copilot LLM Adoption\/Security\" width=\"720\" height=\"405\" src=\"https:\/\/www.youtube.com\/embed\/VugpRi38MXo?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n<\/div><\/div>\n\n<\/div><\/div>\n\n<style>.kadence-column460866_44a15c-d1 > .kt-inside-inner-col,.kadence-column460866_44a15c-d1 > .kt-inside-inner-col:before{border-top-left-radius:0px;border-top-right-radius:0px;border-bottom-right-radius:0px;border-bottom-left-radius:0px;}.kadence-column460866_44a15c-d1 > .kt-inside-inner-col{column-gap:var(--global-kb-gap-sm, 1rem);}.kadence-column460866_44a15c-d1 > .kt-inside-inner-col{flex-direction:column;}.kadence-column460866_44a15c-d1 > .kt-inside-inner-col > .aligncenter{width:100%;}.kadence-column460866_44a15c-d1 > .kt-inside-inner-col:before{opacity:0.3;}.kadence-column460866_44a15c-d1{position:relative;}@media all and (max-width: 1024px){.kadence-column460866_44a15c-d1 > .kt-inside-inner-col{flex-direction:column;justify-content:center;}}@media all and (max-width: 767px){.kadence-column460866_44a15c-d1 > .kt-inside-inner-col{flex-direction:column;justify-content:center;}}<\/style>\n<div class=\"wp-block-kadence-column kadence-column460866_44a15c-d1\"><div class=\"kt-inside-inner-col\">\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-9d6595d7 wp-block-columns-is-layout-flex\">\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:25%\"><\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:50%\"><\/div>\n\n\n\n<div class=\"wp-block-column is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:25%\"><\/div>\n<\/div>\n<\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Understanding the new Semantic Index<\/h2>\n\n\n\n<p><em>A semantic index uses vectorized indices to build a conceptual map of data by linking it together in meaningful ways, much like the human brain does. It uses information such as keywords and personalization, and social matching capabilities that are already built into Microsoft 365 to make connections between separate pieces of information.<\/em><\/p>\n\n\n\n<figure class=\"wp-block-embed alignright is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"How Semantic Index for Copilot works in Microsoft 365\" width=\"720\" height=\"405\" src=\"https:\/\/www.youtube.com\/embed\/Ii3l13nx9n4?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p>The Semantic Index for Copilot in Microsoft 365 redefines data retrieval, leveraging Microsoft Graph for user-specific information. With a dual-tiered strategy, it indexes SharePoint data and creates individual user indexes for email and key documents. Correlating signals and retrieving uniquely relevant data ensures maximum relevance. Combining user prompts and retrieved information, Copilot drives personalized responses through the large language model. This dynamic process tailors AI-generated results to each user&#8217;s explicit information access, delivering a uniquely efficient user.<\/p>\n\n\n\n<p>The Copilot Semantic Index is not just an incremental update; it represents a paradigm shift in how data is indexed and searched. A semantic index uses vectorized indices to move search beyond the limitations of traditional keyword-based searches, enabling a conceptual understanding of the content. The Copilot Semantic Index allows Microsoft 365 to grasp the essence of the data, facilitating searches that are more aligned with human thought processes and natural language queries.<\/p>\n\n\n\n<p>Here is the current list of supported file types for the user-level index and tenant-level index that Copilot works with:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"644\" src=\"https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-108-1024x644.png\" alt=\"\" class=\"wp-image-460872\" style=\"width:631px;height:auto\" srcset=\"https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-108-1024x644.png 1024w, https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-108-300x189.png 300w, https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-108-768x483.png 768w, https:\/\/jorgep.com\/blog\/wp-content\/uploads\/image-108.png 1053w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<h2 class=\"wp-block-heading\">Resources: <\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/microsoft-365-copilot\/microsoft-365-copilot-privacy\">Data, Privacy, and Security for Microsoft Copilot for Microsoft 365 | Microsoft Learn<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/security\/zero-trust\/zero-trust-microsoft-365-copilot\">Apply principles of Zero Trust to Microsoft Copilot for Microsoft 365 | Microsoft Learn<\/a><a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/copilot-in-bing-our-approach-to-responsible-ai-45b5eae8-7466-43e1-ae98-b48f8ff8fd44\"><\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/learn.microsoft.com\/en-us\/purview\/ai-microsoft-purview\">Microsoft Purview data security and compliance protections for Microsoft Copilot | Microsoft Learn<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/support.microsoft.com\/en-us\/topic\/copilot-in-bing-our-approach-to-responsible-ai-45b5eae8-7466-43e1-ae98-b48f8ff8fd44\">Copilot in Bing: Our approach to Responsible AI &#8211; Microsoft Support<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=0lg_derTkaM\">How Microsoft Copilot for Security works (youtube.com)<\/a><\/li>\n\n\n\n<li><a href=\"https:\/\/www.youtube.com\/watch?v=GCzvL9w3aAc&amp;t=3s\">Microsoft 365 Copilot: Security &amp; Privacy (youtube.com)<\/a><\/li>\n\n\n\n<li>(Copilot is covered under the general terms of service section of the <a href=\"https:\/\/www.microsoft.com\/en-us\/servicesagreement\">Microsoft Services Terms and Conditions Agreement <\/a>&nbsp;<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>There is a lot of misconceptions \/ questions about the security around the Microsoft Copilot products. understandably, it is usually one of the first question that comes-up when companies are considering Copilot use within their organizations. (the elephant in the room!) Let&#8217;s quickly put some misconceptions to bed right away: Per Microsoft Documentation: Understanding how&#8230;<\/p>\n","protected":false},"author":2,"featured_media":447242,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","ngg_post_thumbnail":0,"episode_type":"","audio_file":"","podmotor_file_id":"","podmotor_episode_id":"","cover_image":"","cover_image_id":"","duration":"","filesize":"","filesize_raw":"","date_recorded":"","explicit":"","block":"","itunes_episode_number":"","itunes_title":"","itunes_season_number":"","itunes_episode_type":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[441],"tags":[471,930,870,871,730,742],"class_list":["post-460866","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tech-talk","tag-ai","tag-ai-series","tag-copilot","tag-genai","tag-microsoft-365","tag-moderneuc1"],"taxonomy_info":{"category":[{"value":441,"label":"Tech Talk"}],"post_tag":[{"value":471,"label":"AI"},{"value":930,"label":"AI Series"},{"value":870,"label":"Copilot"},{"value":871,"label":"GenAi"},{"value":730,"label":"Microsoft 365"},{"value":742,"label":"ModernEUC"}]},"featured_image_src_large":["https:\/\/jorgep.com\/blog\/wp-content\/uploads\/ModerndEUC-Copilot11.jpg",600,254,false],"author_info":{"display_name":"Jorge Pereira","author_link":"https:\/\/jorgep.com\/blog\/author\/jorge\/"},"comment_info":0,"category_info":[{"term_id":441,"name":"Tech Talk","slug":"tech-talk","term_group":0,"term_taxonomy_id":451,"taxonomy":"category","description":"","parent":0,"count":672,"filter":"raw","cat_ID":441,"category_count":672,"category_description":"","cat_name":"Tech Talk","category_nicename":"tech-talk","category_parent":0}],"tag_info":[{"term_id":471,"name":"AI","slug":"ai","term_group":0,"term_taxonomy_id":481,"taxonomy":"post_tag","description":"","parent":0,"count":144,"filter":"raw"},{"term_id":930,"name":"AI Series","slug":"ai-series","term_group":0,"term_taxonomy_id":940,"taxonomy":"post_tag","description":"","parent":0,"count":146,"filter":"raw"},{"term_id":870,"name":"Copilot","slug":"copilot","term_group":0,"term_taxonomy_id":880,"taxonomy":"post_tag","description":"","parent":0,"count":19,"filter":"raw"},{"term_id":871,"name":"GenAi","slug":"genai","term_group":0,"term_taxonomy_id":881,"taxonomy":"post_tag","description":"","parent":0,"count":79,"filter":"raw"},{"term_id":730,"name":"Microsoft 365","slug":"microsoft-365","term_group":0,"term_taxonomy_id":740,"taxonomy":"post_tag","description":"","parent":0,"count":45,"filter":"raw"},{"term_id":742,"name":"ModernEUC","slug":"moderneuc1","term_group":0,"term_taxonomy_id":752,"taxonomy":"post_tag","description":"","parent":0,"count":284,"filter":"raw"}],"_links":{"self":[{"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/posts\/460866","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/comments?post=460866"}],"version-history":[{"count":0,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/posts\/460866\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/media\/447242"}],"wp:attachment":[{"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/media?parent=460866"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/categories?post=460866"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jorgep.com\/blog\/wp-json\/wp\/v2\/tags?post=460866"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}