Copilot governance checklist

Copilot is not a security product. It inherits your existing security posture. If your data governance is good, Copilot is safe. If it is not, Copilot will expose every problem you have been ignoring.

This checklist covers what to do before enabling Copilot. The order matters.

This is the single most important step. Copilot uses Microsoft Graph to search content, and Graph respects SharePoint permissions. Every site with broad access groups, every file shared with 'Anyone in the organisation', Copilot can surface all of it.

Run the SharePoint Admin Center sharing reports. Prioritise: HR, Finance, Executive, Legal, and any site with PII. For each site: remove broad access groups, replace with specific security groups, verify external sharing settings.

If you do not have labels deployed, do this before Copilot. Labels with encryption ensure that even if permissions are wrong, sensitive content stays protected.

Minimum taxonomy: Public (no restrictions), Internal (visual markings only), Confidential (encryption, internal only), Restricted (encryption, specific groups only).

Publish to all users with a default of Internal so new content gets a baseline label automatically.

DLP policies can monitor and block sensitive content in Copilot interactions. Detect regulated data types in prompts and responses, block Copilot from surfacing Restricted content, and alert on sensitive data in prompts.

Start in simulation mode for 2 weeks. Review matches. Then enforce with user notification.

If your permissions cleanup is not complete but you are under pressure to deploy Copilot, Restricted SharePoint Search limits which sites Copilot can index. It is a blunt instrument, not a permanent solution. Use it to buy time while you clean up permissions.

If users cannot use Copilot yet, they are probably pasting data into ChatGPT or other external tools. That data leaves your tenant entirely.

Use Defender for Cloud Apps to identify which external AI tools are in use and create a block or monitor policy.

Never enable Copilot tenant-wide on day one. Start with 20-50 users on sites you have already cleaned up. Monitor for 2-4 weeks using the Copilot usage reports. Expand gradually based on confidence in your permissions and labelling posture.

• [ ] SharePoint permissions audit complete
• [ ] Broad access groups removed from sensitive sites
• [ ] External sharing settings reviewed per site
• [ ] Sensitivity labels published with default label
• [ ] DLP policies for Copilot interactions in simulation
• [ ] Restricted SharePoint Search configured (if needed)
• [ ] External AI tools blocked or monitored
• [ ] AI acceptable use policy drafted and signed off
• [ ] Pilot group identified and briefed
• [ ] Copilot usage monitoring configured