Event banner
Event details
183 Comments
- Where are the Best Practices Document for AI Security? How Microsoft AI Agents and Integration with non-MS AI agents governed? In the Audit Log in O365 or Entra ID, will there be new tracking options for AI activity? How can a long running AI interactive agent be identified and terminated if there is not a central location of monitoring for all AI?
- tannerbriggs
Microsoft
Hi Bryan, Microsoft has Copilots today that are called "copilots," because they don't act autonomously - there's always a user-in-the-loop. They are not AI "agents," because they are not acting autonomously as the term "agent" in the industry has been adopted to mean. Microsoft does offer logging capabilities over Copilot for Microsoft 365, which will provide customers details about user and admin activities relevant to Copilot for Microsoft 365, including which files were accessed by Copilot as part of a search on behalf of a user prompt.
There are excellent Microsoft learn.microsoft.com articles on Copilot logging for reference: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Flearn.microsoft.com%2Fen-us%2Fpurview%2Faudit-log-activities%23copilot-activities&data=05%7C01%7CAditi.Parmar%40microsoft.com%7Cb69d2f45618b43ffc68a08dbdc9c678f%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638346336630883828%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=HBsxPzUTWX94AjS95PUjNAoQLCR5nG8gziZPSM%2F%2FDBY%3D&reserved=0.
- Besides the Viva dashboard for Copilot analytics, what are the upcoming plans for usage analytics in Copilot and will they include RBAC capabilities?
- JeremyChapmanMSFTYou can use Reader roles as part of Role Assignment now to restrict access to Microsoft 365 admin center reporting for RBAC.
- There is a point where the results from copilot are simply wrong and it does no better, yet it keeps trying variations on a theme. At some point, it needs to know it's done and maybe further guide with references.
- tannerbriggsHi Rolando, do you have a specific question around this?
- Hi, when will we have an easy way to remove documents or SharePoint sites from Copilot's perimeter ?
- tannerbriggsHi Philippe, we are working on this, please stay tuned on the public roadmap site: https://www.microsoft.com/en-us/microsoft-365/roadmap?filters=Microsoft%20Copilot%20(Microsoft%20365).
Copilot can leverage all the data that the employee has access to; from widely published research reports, it is clear that most employees’ permissions to sensitive data are far greater than what they should be entitled to in many cases. Is the co-pilot environment only as good as original compliance? and before setting out on a Copilot journey shouldn't the educated process of locking down data better be front and center by Microsoft?
Thank you for your detailed questions. To ensure each of your queries receives the appropriate attention during our AMA, please post each question as a separate comment. This approach helps us provide more focused and detailed answers and makes it easier for other community members to find relevant discussions.
We appreciate your cooperation and look forward to addressing your questions.
- Is it possible to trace a question asked to Copilot back to the identity of the person who asked the question? Are the questions treated perfectly anonymously?
- It is possible for an admin to use tools such as eDiscovery to search for the message on users to see what questions was asked.
- That doesn't sound good. It's a way to help Big Brother keep us under control. I suggest you get rid of such an abomination to our rights to privacy.
- Is this the same product as the Microsoft Copilot for Security which is designed for the security admin backend - all of the Data Governance aspects of Purview are noted in your bullet pointed list, so I wanted to see if this was a different product and what audience it is meant to inform?
- JeremyChapmanMSFTCopilot for Microsoft 365 is not the same Copilot for Security. Copilot for Security is intended for administrators and has capabilities for security analysts, integration with Microsoft Defender for incident reports and KQL query authoring for investigation, Microsoft Entra and Microsoft Intune experiences, along with other capabilities. Copilot for Microsoft 365 is intended for broader business users.
From a governance perspective, how can we gain more visibility into the ways that our users are leveraging M365 Copilot? For example, whether it's seeing the prompts they are using or the documents, meetings, email threads, etc. that M365 Copilot is referencing to provide responses, or some other insights. This would be really helpful to tailor training to users in case they are not using the right tool for the right purpose and to understand what users are searching for or trying to accomplish in case we would need to extend Copilot using Copilot Studio to address specific needs that we can support with usage data.
- dacouceiOne way to understand how users are interacting with Copilot is to create a Communication Compliance Copilot policy. Communication Compliance is a solution used to detect different patterns of communications within various communication channels (ex: Teams, Exchange, Copilot, Viva Engage, etc.). The policy will detect messages based on the conditions set (machine learning, keywords, etc.) and display them in the portal for an investigator to review. More info can be found in our public documentation: https://learn.microsoft.com/en-us/purview/communication-compliance-copilot?view=o365-worldwide&tabs=purview-portal
- Hi there, This is 2:00am AEST. Will there be a recording of it?
- If I register, will this appear in my Teams chat the next day? This event is scheduled for 2:00 am my time. Alternatively will there be a time friendly session for Australia scheduled?
darren_murdoch, it is not a live call. During that time, the Microsoft team will be live answering questions contained in messages posted in this community post.
droopy
If copilot accesses files in SharePoint in the process of answering a question that a user asked in copilot, is that "read" access logged and if so, is it attributed to the user or to the copilot process?
- Adparmarhttps://learn.microsoft.com/en-us/purview/audit-log-activities#copilot-activities lists the audited activities. The accessed resources are attributed to the user (Copilot does it on behalf of the user)
This is adressed in the unified audit log documentation in detail: https://learn.microsoft.com/en-us/office/office-365-management-api/copilot-schema
