Microsoft Sharepoint is one of the most widely used platforms for business to share files amongst coworkers, customers, and other key stakeholders. However, given the tight integration that Copilot has with M365, it can by mistake, gain access to any confidential documents, and make it available to non-authorized users. Obviously, this is a situation that you want to avoid, so in this article, we review some key tips that you can use to prevent this from happening to your business.
The Tips
- Restrict Search Indexing:
A key component that Copilot has is what is known as “Microsoft Graph”. This is defined as follows:
“Microsoft Graph is the gateway to data and intelligence in Microsoft 365. It provides a unified programmability model that you can use to access the tremendous amount of data in Microsoft 365, Windows, and Enterprise Mobility + Security.”
(SOURCE: 1).
An illustration of this can be seen below:
(SOURCE: 1).
Microsoft Graph enables Copilot to further fortify the queries that the end user submits by giving it more context (also known as “Grounding”) in terms of the resources that should be looked for in M365. Copilot will search SharePoint which usually has a wealth of documents that stored in it. You can eliminate this avenue completely by blocking any access that Copilot has based upon the refined queries that Microsoft Graph has produced for it. This is also known blocking “Search Indexing.”
- Apply Sensitivity Labels:
This is defined as follows:
“Sensitivity labels . . .. let’s you classify and protect your organization’s data, while making sure that user productivity and their ability to collaborate is not hindered.”
(SOURCE: 2).
In other words, you can put special watermarks on your documents, such as “Classified”, “For Internal Use Only”, etc. This can also be used to restrict Copilot from gaining access to your SharePoint files. For example, if it pulls a classified document from SharePoint, that same Sensitivity Label will be applied to the output. That way, your end users can see that this answer to the query should not be shared with anybody else. Also, to block your SharePoint sites from being indexed, Copilot will know not to access those particular sites. An example of how to do this is illustrated below:
(SOURCE: 1).
Applying Sensitivity Labels can be done either on a manual or automatic basis. With regards to the latter, M365 will examine the content of the document, and based on that, apply the appropriate Sensitivity Label.
- Blocking Copilot completely:
If you want to be absolutely certain that Copilot does not gain access to your SharePoint site and the corresponding files that it contains, follow these steps:
- Log in as the administrator to the SharePoint site.
- Select “Site Settings”.
- Select “Search and Offline Availability”
- Under the heading “Allow This Site to Appear in Search Results”, select “No”.
Conclusions
Just recently, Microsoft announced a new functionality from within M365, which is called “Restricted SharePoint Search”. With this, a business can select up to one hundred SharePoint sites and restrict those that Copilot cannot access, and for that matter, even end users. An example of this is illustrated below:
(SOURCE: 31).
Finally, if you have any questions about this new feature, or any of the other tips provided in this article, contact us today. Sources
