For customers looking to deploy Microsoft 365 Copilot but want to ensure it doesn’t accidentally discover data that wasn’t properly secured, Microsoft is providing a powerful solution that restricts discoverability & access of Microsoft 365 Copilot at no additional cost to M365 Copilot customers without requiring labelling, classification & security policies.
This solution is called “SharePoint Advanced Management” & customers with Microsoft 365 Copilot licenses will also get complimentary SharePoint Advanced Management licenses which will start appearing in GCC tenants in the next couple months.
- Set Restricted Access Control (RAC) at the SP/ODFB site level. Even if individual files/folders have broken inheritance and over shared, only RAC allowed users can access through Search and M365 Copilot – (available to GCC & in SAM)
- Set site level Restricted content Discoverability (RCD) to restrict content discoverability via Copilot and Org wide search– (available to GCC & in SAM)
- Data access governance reports for SharePoint sites: These reports help you discover sites that contain potentially overshared or sensitive content. You can use these reports to assess oversharing and apply appropriate security and compliance policies. ((available to GCC & in SAM)
- Conditional access policy for SharePoint sites and OneDrive: With Microsoft Entra ID authentication context, you can enforce stringent access conditions for users who access SharePoint sites. Authentication contexts can be directly applied to SharePoint sites or used with Microsoft Purview Information Protection sensitivity labels to connect Entra ID Conditional Access policies to labeled sites.
- Setup user access reviews to clean up group and site membership in Entra ID Governance.
- Data assessments in Data Security Posture Management for AI to identify, remediate, and monitor potential oversharing of data. (coming soon to GCC)
Not yet available for GCC however for customers with Non-Disclosure Agreements & Microsoft 365 Commercial test environments:
- PREVIEW: Use AI Powered Semantic matching to find similar sites (Requires signed agreement)
You discovered a site containing crucial business data that lacks proper protection. Are there more sites like this one that might have similar vulnerabilities? Soon, AI Powered Semantic matching helps you locate these sites using the site you discovered as the example. The AI powered semantic matching tool reads through all the sites you have, including content, files, metadata, and give you a list of similar sites based on your example site.
Sign up to participate in the preview by following instructions here.
kurtsh
Kurt Shintaku's Blog 
You must be logged in to post a comment.