This month’s SharePoint Showcase comes at a pivotal time following our recent announcement of the new Knowledge Agent in SharePoint. We encourage you to opt-in for our public preview and share your feedback.
As the knowledge platform for Copilot and agents, SharePoint continues to evolve. Knowledge Agent empowers admins to maintain content hygiene and readiness for AI-driven innovation, directly supporting the strategic priorities highlighted in this month’s installment. This is particularly important as safeguarding content with trust and intelligence grows as the role of SharePoint Admins evolves in the AI Era.
Microsoft runs on trust, and content
Every day, organizations generate billions of documents in Microsoft 365: proposals, contracts, designs, training videos, and more. In the AI era, Microsoft 365 Copilot is helping companies turn that content into impact.
The content governance updates highlighted below are intended to help organizations scale with confidence.
These new capabilities span four specific areas:
- Agent governance/insights
- Copilot for SharePoint Admins
- Permissions management
- Storage management – Microsoft 365 Backup & Archive
To support admins in this evolving landscape, we have introduced a range of new tools and policies. These innovations are designed to help manage content hygiene and prepare for AI-powered productivity.
Restricted access control (RAC) policy for all sites using Entra security groups and Microsoft 365 groups
Managing permission sprawl from site oversharing is challenging. After identifying overshared sites via Data Access Governance reports, an Admin can immediately mitigate their oversharing concerns by limiting access to specific users using this new Restricted Access Control (RAC) policy. The Restricted Access Control (RAC) policy now applies to all SharePoint sites—including those connected to M365 groups and Teams—using Microsoft 365 and Entra security groups.
Access is restricted with two layers of authorization, i.e. to users who are members of those RAC control groups and are permissioned for items. This policy enables you to control access on any SharePoint or OneDrive site and instantly mitigate oversharing.
Status: Generally available
Documentation link: Restricted Access Control (RAC) policy
Controlling oversharing of a Teams-connected site with Entra security groups as restricted access policy (RAC) control group.
Restricted Content Discovery (RCD) for SharePoint sites
A key issue is the risk of unintentionally exposing content in Microsoft 365 Copilot due to outdated or excessive site permissions. After identifying overshared sites with a Data Access Governance report or for business-critical sites that are not yet ready to be exposed to Copilot, the next step is to restrict their discovery in Copilot.
The Restricted Content Discovery (RCD) policy is now available to help prevent accidental content discovery within Copilot and search and even custom Agents. Applying RCD to a SharePoint site blocks users from finding its content through Copilot or organization-wide search, supporting secure Copilot deployment.
Status: Generally available
Documentation link: Restricted Content Discovery (RCD) policy
Preventing accidental discovery of content with restricted content discovery (RCD) policy.
AI-driven Site Matching for SharePoint sites and OneDrive accounts
SharePoint admins should apply uniform security policies to similar sites, grouping them by department, location, or content type. For example, legal contract sites require strict measures like blocking external sharing, conditional access, group restrictions, and blocking downloads. Managing these settings across thousands of sites is difficult. However, with this feature, you can use reference sites to automatically compare up to 10,000 target sites, allowing the AI to find semantically similar content and flag any policy differences.
Status: Generally available
Documentation link: Restrict OneDrive and SharePoint site creation - SharePoint in Microsoft 365 | Microsoft Learn
Create an AI-driven content policy comparison report.
Agent Insights and Governance for SharePoint Admins
Each SharePoint site now has agents that are either prebuilt from site content or user created. Administrators can use agent insights to track sites with newly created SharePoint agents and the number of agents in a site. Admins can also take actions like enabling Restricted Access Control (RAC) or Restricted Content Discovery (RCD) to improve security.
Status: Generally available.
Documentation link: SharePoint Agent management
Use SharePoint agents report to view agent distribution across sites and restrict content discoverability by agents.
Enterprise Application Insights (third-party) at SharePoint site level
Enterprise Application Insights reports SharePoint and OneDrive sites that allow third-party app access in your tenant. It lists number of applications accessing the site, each application's permission scope (such as Files.Read.All), and request count, helping you strengthen application security for your Microsoft 365 tenancy.
Status: Public preview
Documentation link: Enterprise Application Insights
Copilot for SharePoint admins
Launched in May 2025, Copilot for the SharePoint admin center provides features to simplify administration. Admins can use natural language to complete tasks and search for info efficiently. Key features:
- Contextual Q&A: Ask any SharePoint management questions and get real-time answers based on product articles published in Microsoft Learn.
- Multi-variable site search: Find sites easily by describing sites using any combination of attributes (name, URL, storage used, Primary admin, activity, etc)
- Recap: Quickly catch up with everything that has changed since your last activity in SharePoint admin center.
- Contextual conversations: Copilot will now be able to reference your chat and maintain your conversation context.
Upcoming capabilities include bulk actions, consolidated settings review (modern, classic, PowerShell, graph, etc.), and deeper integration with existing reports and tools. These enhancements aim to modernize governance and streamline admin workflows.
Status: Generally available
Documentation link: Copilot for SharePoint admin center
SharePoint cross-tenant site content migration
Mergers, acquisitions, and divestitures often involve integrating organizations using Microsoft 365. Migrating OneDrive’s, Mailboxes, and now SharePoint sites between tenants is supported, with cross-tenant SharePoint migration. Sites can be moved quickly and securely, and sharing links stay active via cross-tenant redirects that point old URLs to their new locations.
Status: Generally available
To learn more about cross-tenant migration, see the following articles:
|
For OneDrive | |
|
For SharePoint sites | |
|
For Exchange mailboxes |
Cross-tenant content migration is now available for Microsoft 365 Multi-Geo customers too, enabling direct content transfer between regional locations.
Stronger resiliency with Microsoft 365 Backup
Microsoft 365 Backup delivers secure, high-speed data protection and recovery to ensure business continuity—all within the trusted Microsoft 365 network. From new dynamic rules for automated user protection, and more ways for admins to keep their content protected and easily restorable.
- Dynamic rules in backup policies: Automatically add/remove/update users in backup policies using distribution lists or security groups. Policies are re-evaluated daily for ongoing protection
Status: Generally available
Documentation link: Dynamic rules in backup policies
- Multi-admin email notifications: Keeps select admins informed of key actions like user offboarding or changes to protection policies, adding accountability and defense against attacks
Status: Generally available
Documentation link: Multi-admin email notifications
For organizations seeking even broader coverage and faster restore speeds, the Veeam Data Cloud for Microsoft 365 Premium offering builds on Microsoft 365 Backup’s fast recovery foundation, with added capabilities and an offline copy. Veeam is currently offering a 30% discount on this enhanced Premium solution.
Leverage M365 Archive for a low-cost solution that helps optimize Copilot grounding by removing less, inactive content in your Microsoft 365 tenancy using Inactive Site Policy in SharePoint.
Site archiving is generally available and FREE (if you’re under your SharePoint storage quota). If you are over quota, moving content to the archive tier can save you up to 75% on extra storage costs.
SharePoint admin’s strategic role
With these tools, SharePoint Admins are no longer just system custodians. They’re strategic enablers of secure collaboration and AI readiness. Their responsibilities now include auditing overshared content, applying AI-driven policy recommendations, managing third-party access, and supporting complex scenarios like cross-tenant migrations.
By maintaining high standards of content hygiene, Admins help ensure that Microsoft 365 remains a trusted platform for innovation and productivity across their organization.
Get started
If you are new to Microsoft 365, learn how to try or buy a Microsoft 365 subscription.
Want to try out Microsoft 365 Copilot, check out here
Catch up on the latest content
- Introducing Knowledge Agent in SharePoint | Microsoft Community Hub
- Introducing the SharePoint Showcase blog series | Microsoft Community Hub
- Most widely used SharePoint Framework ISVs from the Store - July 2025 | Microsoft Community Hub
Additional resources:
- SharePoint Advanced Management - Overview
- SharePoint data access governance (DAG) insights
- RCD Policy for SharePoint sites
- Restricted access control policies for SharePoint
- Manage site lifecycle policies
- Restrict OneDrive and SharePoint site creation
- Agent Insights
- SharePoint cross-tenant sites content migration
- What’s new in SharePoint Admin Center
- M365 Backup and M365 Archive
Microsoft