Forum Discussion
Restrict Copilot from accessing OneDrive Files.
A recent question I was asked about copilot for Microsoft 365 is:
"Can I restrict Copilot from accessing or 'Analysing' certain documents on OneDrive/SharePoint or does it read everything by default?"
I was stomped since I never thought of that. However, my first instinct was to think that it's possible through Microsoft Purview. Turns out the reality is much more complicated, and I still don't have a straight answer.
I Know I can restrict users from having copilot return data from files they don't have access too:
That is NOT what I'm asking.
My question simply is, Can I have a file within the "Microsoft 365 boundary"; SharePoint or OneDrive, you name it and not let Copilot or semantic indexing read it or even have access to it?
if so, how can it be done?
- reachrjIron ContributorAt this point the available option is https://techcommunity.microsoft.com/t5/copilot-for-microsoft-365/introducing-restricted-sharepoint-search-to-help-you-get-started/ba-p/4071060
- Michel-EhlertBrass Contributor
Although Restricted SharePoint Search (RSS) will be part of the solution of the ask of OP, Onedrive files are (still) excluded and not meeting the ask.
I appreciate Microsoft listening to the community on Copilot M365 feedback, but I feel this is still too big of a gun for the ask. The ask is to provide a way to exclude certain specific content from Copilot (across the Microsoft Graph).
This RSS-gun also and still kills the Enterprise Search capability, and equals earlier given/received advice to turn off (for certain high sensitive SP-sites), the SP-search-indexing off to exclude it from Copilot (and therefore Enterprise search).
Another option would have been to use Double Key Encryption (DKE) or other forms of encryption that Copilot/Microsoft do not control, but it gives you maybe more hassle than you likely want.
Not meeting the full ask of the OP, but these are the current options to exclude info from Copilot M365
1) Take it out the Microsoft Graph/Tenant and store elsewhere (maybe searchable through other implemented solutions) ... not really useful.
2) Turn SP-search-indexing off ... not really useful either.
3) DKE as discussed above ... too much hassle.
4) RSS ... not a complete solution yet
RSS is a start though!
My 2 cents- FooReadyCopper Contributor
Thank you for you Input!
I must say we already considered the RSS option however it does not cover (as you mentioned) our main concern which is OneDrive. And the cons seems to outweigh the pros on that front anyways.
The DKE. option, brilliantly named by the way, is something we had in mind, we just called it an extra layer of encryption. This option although seems most reasonable raised 2 concerns:
- Is there any encryption solution that would provide end to end encryption-decryption services seamlessly for users ?
What would that look like in terms of cost, efficiency/speed , integration with microsoft services.
specifically when it comes to preserving the collaboration capabilities of M365.
8t is simply not viable
-Will the encrypted data in OneDrive or elsewhere in the tenant affect copilot. since it is basically gibberish (after encryption) if indexed or ran through the underlying LLMs will it cause any unexpected behavior down the line .
(poorly articulated point but I hope you get my intent)
-taking it out of microsoft : it is the most obvious solution, but would counter what we want, which is to preserve M365 collaboration and cloud storage capabilities for the files to be “obscured for copilot”.
No matter how you put it, the solution should be native to microsoft, either through labeling by introducing in option such as “restrict copilot access” or having a location in each OneDrive and sharepoint site which is restricted to copilot and where users can choose to save files.
Just adding to the discussion since as of now there are no concrete solutions for this and only microsoft would have a way of dealing with this topic.
- TerenceRabe1Brass ContributorWhat is the risk/scenario you are trying to mitigate here?
- MichaelaBostrandBrass ContributorI'm also wondering about this, especially when asking to restrict access to documents in a users OneDrive. If my Copilot can access my files in my OneDrive, which I already have access to and "own" in a sense - what is the risk? Copilot honors the permissions of documents, so why would it be a risk? Maybe I'm missing something?
- Michel-EhlertBrass ContributorCan be any (business) reason, e.g.
* Highly confidential M&A information
* Privacy data, collected for a certain purpose, not allowed to be reasoned over with GenAI- TerenceRabe1Brass Contributor
FooReady - what additional risk does Copilot introduce to data that M365 search has already indexed? What does the customer think is happening when Copilot "reasons over" the data?
It's all security trimmed, so unauthorised users cannot force Copilot to access data to which permission is not granted?If the customer is really worried then they shouldn't be storing their <gollum>precious</gollum> in OneDrive but in a Team/SharePoint site with container level label that enforces encryption. See Considerations for deploying Microsoft Purview AI Hub and data security and compliance protections for Microsoft 365 Copilot and Microsoft Copilot | Microsoft Learn for more.
- Chris_FerraroSteel ContributorAn area to explore would be applying a sensitivity label to get it excluded from M365 Copilot.
- Michel-EhlertBrass Contributor
That doesn't work as access to files is based on ACL permissions for the user. Copilot for M365 can use it regardless of sensitivity label.
- Chris_FerraroSteel ContributorOdd. Not my area of expertise but working with a security architect we were able to apply label + testing had show Copilot unable to access. May have been more to the puzzle though. Good luck in finding something!
- PounehSCopper Contributor
Have you tried to enable softmode DLP running Power sher scropt combined with cofigured DLP in Admin powerplatform . Here you con blck the access for copilot studio to certain OneDrive or SP