Forum Discussion
Restrict Copilot from accessing OneDrive Files.
- I'm also wondering about this, especially when asking to restrict access to documents in a users OneDrive. If my Copilot can access my files in my OneDrive, which I already have access to and "own" in a sense - what is the risk? Copilot honors the permissions of documents, so why would it be a risk? Maybe I'm missing something?
- Can be any (business) reason, e.g.
* Highly confidential M&A information
* Privacy data, collected for a certain purpose, not allowed to be reasoned over with GenAIFooReady - what additional risk does Copilot introduce to data that M365 search has already indexed? What does the customer think is happening when Copilot "reasons over" the data?
It's all security trimmed, so unauthorised users cannot force Copilot to access data to which permission is not granted?If the customer is really worried then they shouldn't be storing their <gollum>precious</gollum> in OneDrive but in a Team/SharePoint site with container level label that enforces encryption. See Considerations for deploying Microsoft Purview AI Hub and data security and compliance protections for Microsoft 365 Copilot and Microsoft Copilot | Microsoft Learn for more.
TerenceRabe1 use sensitivity labels that apply encryption without the EXTRACT usage right.
