Browse all topics
All guidesGlossary

Microsoft 365 Copilot data access and permissions

How Copilot decides what content to surface — permissions, sensitivity labels, and the controls that gate access.

The single most important thing to understand about Microsoft 365 Copilot for governance: it respects existing permissions. Copilot doesn't grant new access — it surfaces content the user already has access to, just more efficiently. That's also why permissions hygiene matters dramatically for Copilot deployments.

What Copilot can access

When a user asks Copilot something, the system evaluates what content from the Microsoft Graph the user has permission to access:

  • Files in SharePoint sites the user is a member of (with permissions per file).
  • Files in their OneDrive.
  • Emails in their mailbox.
  • Calendar events and meeting recap content.
  • Teams chats the user is in.
  • Teams channel messages in channels they're a member of.
  • Pages in SharePoint sites with appropriate access.
  • Content from connected Graph connectors if they have permission.

What Copilot cannot access:

  • Content the user doesn't have permission to view.
  • Encrypted content the user can't decrypt (sensitivity-label-protected content the user isn't authorised for).
  • Content in sites excluded from Copilot grounding.
  • Content under specific Defender / DLP policy restrictions.

The permissions amplification problem

Copilot surfaces content the user can access — even if they didn't know they could access it. This is the oversharing problem:

  • Site shared widely by mistake → Copilot finds the contents.
  • Default "Everyone except external users" sharing → broad surfacing.
  • Old documents users forgot about → Copilot remembers.
  • Inherited permissions from sites the user joined for one purpose → all content accessible.

This isn't Copilot doing something wrong; it's the pre-existing oversharing. Copilot just makes it visible. The fix is fixing the permissions, not constraining Copilot.

SharePoint Advanced Management for Copilot readiness

The SharePoint Advanced Management (SAM) product is essentially the Copilot-prerequisite toolkit:

  • Data access governance reports identify oversharing risks.
  • Restricted access controls lock down sensitive sites.
  • Block download policies prevent local copies.
  • Site lifecycle management archives stale sites.
  • Specific Copilot site exclusion removes high-risk sites from grounding.

For any organisation rolling out Copilot, SAM is increasingly mandatory.

Sensitivity labels and Copilot

Sensitivity labels with encryption affect Copilot:

  • Files the user can decrypt (their rights match) → Copilot can use as grounding.
  • Files the user cannot decrypt → Copilot cannot use; not surfaced.

This is a critical filter: highly sensitive content with encryption requiring specific groups is automatically excluded from Copilot grounding for users not in those groups.

For sensitive-content governance, encrypt-by-default sensitivity labels on confidential content make Copilot safer by default — Copilot only sees what's appropriate.

DLP and Copilot

Microsoft Purview DLP policies apply to Copilot interactions:

  • DLP rules trigger on Copilot-generated content matching policy.
  • Sensitive information types detected in Copilot output trigger appropriate actions.
  • DLP-restricted content can be excluded from grounding.

Practically, the same DLP policies covering email and file sharing extend to cover Copilot.

For tenants with significant oversharing, Restricted SharePoint Search can scope Microsoft Search (and Copilot's grounding) to only specific allowlisted sites — preventing Copilot from surfacing content from the broader tenant during initial deployment.

Used as a temporary mitigation while you fix oversharing rather than long-term posture. Allows safer Copilot pilot while remediation happens.

Audit logging

Every Copilot interaction is logged in Microsoft Purview audit:

  • The prompt.
  • Optionally the response (configurable).
  • The grounding files referenced.
  • The user and timestamp.

Searchable in eDiscovery. Compliant with audit requirements.

Pre-rollout hygiene checklist

Before activating Copilot for users:

  1. Run SharePoint Advanced Management oversharing reports — identify high-risk sites.
  2. Restrict access on those sites.
  3. Archive stale sites that shouldn't be in scope.
  4. Publish sensitivity labels taxonomy.
  5. Apply encryption to sensitive content via labels.
  6. Configure DLP for relevant data types.
  7. Test with pilot users and observe what Copilot surfaces.
  8. Iterate based on findings.

This pre-rollout work is the difference between a Copilot deployment that delights users and one that exposes the organisation's oversharing problems publicly.

Ongoing governance

After rollout:

  • Quarterly oversharing audit — new risks emerge.
  • Sensitivity-label adoption monitoring — users applying labels properly.
  • Audit Copilot interactions for compliance.
  • Adjust restricted-search scope as the environment matures.

For Microsoft 365 customers serious about Copilot, the governance investment is comparable in size to the licence investment. Don't separate them — the licence is the start; the governance is what makes Copilot useful and safe at scale.