Mar 13 2024 03:52 AM - edited Mar 13 2024 07:55 AM
A recent question I was asked about copilot for Microsoft 365 is:
"Can I restrict Copilot from accessing or 'Analysing' certain documents on OneDrive/SharePoint or does it read everything by default?"
I was stomped since I never thought of that. However, my first instinct was to think that it's possible through Microsoft Purview. Turns out the reality is much more complicated, and I still don't have a straight answer.
I Know I can restrict users from having copilot return data from files they don't have access too:
That is NOT what I'm asking.
My question simply is, Can I have a file within the "Microsoft 365 boundary"; SharePoint or OneDrive, you name it and not let Copilot or semantic indexing read it or even have access to it?
if so, how can it be done?
Mar 13 2024 07:48 AM
Mar 13 2024 07:07 PM
Mar 14 2024 04:50 AM - edited Mar 14 2024 05:23 AM
That doesn't work as access to files is based on ACL permissions for the user. Copilot for M365 can use it regardless of sensitivity label.
Mar 14 2024 05:21 AM - edited Mar 15 2024 02:11 AM
Although Restricted SharePoint Search (RSS) will be part of the solution of the ask of OP, Onedrive files are (still) excluded and not meeting the ask.
I appreciate Microsoft listening to the community on Copilot M365 feedback, but I feel this is still too big of a gun for the ask. The ask is to provide a way to exclude certain specific content from Copilot (across the Microsoft Graph).
This RSS-gun also and still kills the Enterprise Search capability, and equals earlier given/received advice to turn off (for certain high sensitive SP-sites), the SP-search-indexing off to exclude it from Copilot (and therefore Enterprise search).
Another option would have been to use Double Key Encryption (DKE) or other forms of encryption that Copilot/Microsoft do not control, but it gives you maybe more hassle than you likely want.
Not meeting the full ask of the OP, but these are the current options to exclude info from Copilot M365
1) Take it out the Microsoft Graph/Tenant and store elsewhere (maybe searchable through other implemented solutions) ... not really useful.
2) Turn SP-search-indexing off ... not really useful either.
3) DKE as discussed above ... too much hassle.
4) RSS ... not a complete solution yet
RSS is a start though!
My 2 cents
Mar 14 2024 05:41 AM - edited Mar 14 2024 05:44 AM
Thank you for you Input!
I must say we already considered the RSS option however it does not cover (as you mentioned) our main concern which is OneDrive. And the cons seems to outweigh the pros on that front anyways.
The DKE. option, brilliantly named by the way, is something we had in mind, we just called it an extra layer of encryption. This option although seems most reasonable raised 2 concerns:
- Is there any encryption solution that would provide end to end encryption-decryption services seamlessly for users ?
What would that look like in terms of cost, efficiency/speed , integration with microsoft services.
specifically when it comes to preserving the collaboration capabilities of M365.
8t is simply not viable
-Will the encrypted data in OneDrive or elsewhere in the tenant affect copilot. since it is basically gibberish (after encryption) if indexed or ran through the underlying LLMs will it cause any unexpected behavior down the line .
(poorly articulated point but I hope you get my intent)
-taking it out of microsoft : it is the most obvious solution, but would counter what we want, which is to preserve M365 collaboration and cloud storage capabilities for the files to be “obscured for copilot”.
No matter how you put it, the solution should be native to microsoft, either through labeling by introducing in option such as “restrict copilot access” or having a location in each OneDrive and sharepoint site which is restricted to copilot and where users can choose to save files.
Just adding to the discussion since as of now there are no concrete solutions for this and only microsoft would have a way of dealing with this topic.
Mar 15 2024 02:08 PM
Mar 17 2024 12:59 PM - edited Mar 17 2024 03:39 PM
I guess the sensitivity label had a content restriction applied to it?
Even applying the content restriction Encryption will not prevent Copilot from using that data when a user also has EXTRACT permissions.
Also, at least someone will have EXTRACT permissions as part of Full ownership.
Aug 21 2024 03:15 PM
@Michel-Ehlert I think it depends on the use case. If I want to exclude my content from any other users use of copilot then the sensitivity label will provide that type of restriction. I may have full access, and thus Copilot can have full access when I am using copilot, but with the sensitivity label applied, other users would be able to access the data according tot he sensitivity label access polity but Copilot would not be able to use the Copy/Extract feature to include the continent in its analysis.
Aug 21 2024 11:54 PM
Aug 27 2024 10:16 AM
Aug 27 2024 10:37 AM
Sep 17 2024 09:33 AM
Have you tried to enable softmode DLP running Power sher scropt combined with cofigured DLP in Admin powerplatform . Here you con blck the access for copilot studio to certain OneDrive or SP
Sep 18 2024 11:38 PM
Sep 19 2024 12:05 AM
@FooReady - what additional risk does Copilot introduce to data that M365 search has already indexed? What does the customer think is happening when Copilot "reasons over" the data?
It's all security trimmed, so unauthorised users cannot force Copilot to access data to which permission is not granted?
If the customer is really worried then they shouldn't be storing their <gollum>precious</gollum> in OneDrive but in a Team/SharePoint site with container level label that enforces encryption. See Considerations for deploying Microsoft Purview AI Hub and data security and compliance protections f... for more.