Forum Discussion
Why Copilot Access to “Restricted” Passwords Isn’t as Big an Issue as Uploading Files to ChatGPT
Some sites picked up the Microsoft 365 Copilot penetration test that allegedly proved how Copilot can extract sensitive data from SharePoint Online. When you look at the test, it depends on three maj...
Labeling isn't enough because a sensitivity label does not protect the document metadata, which means that confidential files can still turn up in Copilot Chat searches (see https://practical365.com/microsoft-365-chat-blocks/). RCD or the DLP policy for Copilot (which uses sensitivity labels to indicate which files should be blocked from Copilot) are the right tools to use. All; explained in the article.