Event banner
Event details
What options does Microsoft recommend for an admin to make sure people only use Copilot with Commercial Data Protection when they are working remote and not connected to their organizations network? It would be pretty easy for them to create a second Edge browser profile, forget to sign in, then use Copilot without CDP.
- JeremyChapmanMSFT
Microsoft
There is guidance for configuring DNS settings on managed devices to enforce the commercial data protections are in place Manage Copilot | Microsoft Learn - and this also applies the settings to Copilot in Windows, and in Edge experiences.
I believe the guidance in that resource are for scenarios where a person is connected to their organizations network.
I'm looking for recommendations to enforce the commercial data protections where:
1. users are not connected to their organizations network.2. users are not on managed devices.
(I have my own opinions, but looking to hear Microsoft's position on the best practices to follow in those scenarios).
- JeremyChapmanMSFTFor a completely unmanaged device, it ideally shouldn't have access to protected resources.
- We're struggling with this as well. Jeremy, the note from Kelly specifically mentions "when they are working remote on not connected to their organizations network" - which is explicitly not covered by the DNS settings that you're recommending.
