Now that Copilot is becoming a permanent part of Microsoft 365, a lot more businesses are about to switch it on. Before you do, here is the uncomfortable truth: the biggest risk with Copilot is not the AI. It is your permissions.
Copilot does not break any rules to see your data. It plays by the exact access rules you already have in place. The problem is that almost nobody’s access rules are as tight as they think. Turn Copilot loose on a messy SharePoint environment and it will happily find every file your team forgot it overshared.
Here is how that happens, and exactly what to lock down first.
How Copilot sees your data
Copilot answers questions by reading your company’s content in Microsoft 365: SharePoint sites, OneDrive files, Teams chats, emails, and more. It uses the same permissions the person asking already has. In theory that is safe. If you cannot open a file, Copilot cannot read it to you.
The catch is the phrase “files you can open.” Most employees technically have access to far more than they realize, because permissions pile up over years and nobody cleans them up. A file buried three folders deep on a site shared with the whole company is something a person would never stumble across. Copilot finds it in one sentence.
Why “it respects your permissions” is not reassuring
When people hear Copilot honors existing permissions, they relax. They should do the opposite. Here are the patterns that quietly exist in almost every tenant we audit:
- Sites and files shared with “Everyone except external users,” which means the entire company.
- “Anyone with the link” sharing links that were created once and never expired.
- Broken permission inheritance, where a folder or file ended up with looser access than the site it lives in.
- Ownerless sites that nobody is responsible for and nobody reviews.
- Default sharing settings left wide open from day one.
None of these are malicious. They are the natural result of busy people sharing things quickly. But each one is a door, and Copilot is very good at walking through doors that are already open.
The real-world failure mode looks like this. An employee asks Copilot something innocent like “what is our salary band for senior engineers,” and Copilot pulls the number from an HR spreadsheet that was technically shared too broadly two years ago. Nobody hacked anything. The data was sitting there the whole time. Copilot just made it findable.
The checklist: lock these down before you deploy
You do not need to boil the ocean. You need to close the obvious doors before you hand out Copilot licenses. Here is the order we work in.
1. Run an oversharing assessment first. Use Microsoft Purview Data Security Posture Management for AI to scan for sensitive data sitting in places with broad access. Pair it with SharePoint Advanced Management data access governance reports to surface your most overshared sites. This tells you where the real exposure is instead of guessing.
2. Kill company-wide and anonymous sharing where it does not belong. Find every “Everyone except external users” grant and every “Anyone with the link” share on sensitive sites, and rescope them to the specific people or groups that actually need access. This single step removes most of the risk.
3. Fix broken permission inheritance. Where a folder or file has looser permissions than its parent site, correct it so access flows from the top down in a way you can reason about. Broken inheritance is where surprises hide.
4. Label your sensitive content. Apply Microsoft Purview sensitivity labels to the data that matters most: financial records, HR files, contracts, client data, anything regulated. Labels are what the next two steps depend on, and auto-labeling can handle the bulk of it.
5. Use DLP for Copilot to wall off labeled data. Microsoft Purview Data Loss Prevention can stop Copilot from processing or summarizing files that carry certain sensitivity labels. That means even if a permission slips through, your most sensitive content stays out of Copilot answers.
6. Use Restricted Content Discovery for high-risk sites during cleanup. SharePoint Restricted Content Discovery hides a site’s content from Copilot and organization-wide search while leaving normal access untouched. It is the perfect temporary fence: wall off your riskiest sites now, then remediate them properly without holding up your whole rollout.
7. Assign owners, review access, and pilot small. Make sure every site has an owner, send site access reviews to those owners so they confirm who should have access, and roll Copilot out to a small pilot group before you license everyone. You will catch problems on ten people instead of two hundred.
A note on licensing
Some of these controls need the right plan behind them. The foundational tools, SharePoint Advanced Management and core Microsoft Purview features, are available at the E3 level, while the deeper data security and monitoring controls scale up with E5. SharePoint Advanced Management itself is part of SharePoint Premium. If you are not sure what your current licensing actually unlocks, that is worth confirming before you build a plan around tools you may not have. This ties directly into the Microsoft 365 pricing and Copilot changes landing on July 1, 2026, so it is a good moment to look at both at once.
Do not let this stop you from using Copilot
The point here is not fear. Copilot is a real productivity gain for the teams that use it well, and the businesses adopting it carefully are building a lead on the ones still waiting. The point is sequence. Clean up access first, then turn on the AI. Doing it in that order is the difference between a useful tool and a quiet data leak.
This is exactly the kind of project we handle for clients: a focused permissions and data governance review, the cleanup work, and a safe Copilot rollout with the right controls in place. If you run a business in Los Angeles and want Copilot switched on without opening up your data, we can run the assessment and tell you what needs fixing before anyone gets a license. It also pairs naturally with a broader security and compliance assessment if you are due for one.