Blog Post

Microsoft 365 Copilot
3 MIN READ

Governing data for GenAI with SharePoint Advanced Management

wbaer's avatar
wbaer
Icon for Microsoft rankMicrosoft
Sep 24, 2024

As new capabilities in Microsoft 365 Copilot enable customers to accelerate content creation like never before, it is more necessary than ever to extend traditional IT controls for content and access governance. 

 

SharePoint Advanced Management is a suite of features designed to help simplify data governance and hygiene in Microsoft 365, enhancing both your security posture and your Copilot experience. 

 

Today we’re pleased to announce several new features to help customers keep sensitive data secure and prep for generative AI by identifying overshared content, enabling AI focused access controls, and enabling easier removal of irrelevant content. 

 

Data entitlements and access tracking are a core principle of data governance in making data accessible only to those who need access and auditing access for evidence and control. Our new permission state report, currently in public preview, provides admins with a bird’s eye view of all site permissions across SharePoint, OneDrive, and files to help discover potentially over-permissioned content across the tenant. This empowers admins to address those sites to ensure results delivered by Copilot or search are limited only to the users who should have access to that information. 

 

Screenshot: permission state report

Organizations make better informed decisions when their data is safe to use, complete, and consistent. AI driven semantic matching of sites, also in public preview, is a powerful, intelligent feature that enables administrators to search through unstructured content and semantically detect patterns that align with a predefined sample. Admins can provide a list of sites with documents that are “similar”, like sales or legal, and the service will find all sites that semantically match the input, then provide a policy recommendation for the matched sites, helping achieve good governance more quickly.  

 

Screenshot: AI driven semantic matching of sites

Site ownership policy (rolling out in October) uses a rule-based policy engine to enable admins to automate time-consuming tasks related to content ownership management, such as maintaining the minimum number of site owners and identifying the most appropriate and accountable individuals. Effective content ownership and accountability are crucial for actions like access reviews and content certification, which help sanitize content to prevent unintended access by Copilot and reduce instances of oversharing.  

 

Screenshot: Site ownership policy

Ensuring that accountable groups or individuals within the organization can access, describe, protect, and control data quality is a governance fundamental. With Restricted Content Discovery (rolling out in November), administrators can configure policies to restrict search and Copilot from reasoning over select data sites, leaving the site access unchanged but preventing the site’s content from being surfaced by Copilot or organization-wide Search. This policy can be controlled granularly for Team sites, Communication sites, or any other site type. 

 

Identifying trusted sources and ensuring that data is being sourced from an agreed source of truth ensures accuracy and consistency in search and Copilot responses. Restricted Site Creation (rolling out in October) enables admins to restrict the creation of SharePoint sites to a specific set of users, helping mitigate content sprawl within an organization. 

 

Screenshot: User experience when restricted content search is enabled

 

Inactive SharePoint sites policy (rolling out in October) helps reduce the governance footprint at scale through supported actions such as archiving, setting content to read-only, or attestation. These actions allow customers to narrow the scope of what needs governance, minimize oversharing, and eliminate stale or irrelevant content, ultimately enhancing the quality of Copilot responses. 

 

One of the widely used mechanisms to share content internally with an entire organization is using the 'Everyone except external users' group. The new Data Access Governance report on content shared with 'Everyone except external users' in last 28 days (available now) assists tenant admins in identifying recently created "public" sites and content shared with this group. The report also includes integrated actions, allowing admins to initiate Access Reviews and secure content during the evaluation process which includes Copilot. 

 

Screenshot: Data Access Governance report on content shared with 'Everyone except external users'

 

These SharePoint Advanced Management capabilities are more valuable than ever as our customers add billions of new documents daily to Microsoft 365 and seek solutions to managing content at scale throughout its lifecycle.   

 

Learn how to get started with these features and more at Get ready for Copilot for Microsoft 365 with SharePoint Advanced Management (SAM) - SharePoint in Microsoft 365 | Microsoft Learn. 

Updated Sep 23, 2024
Version 1.0
No CommentsBe the first to comment