How to Protect Sensitive Information in Copilot

Imagine this: you’re using Copilot, and you accidentally input something confidential. Now you’re left wondering what happens to that information, how to keep it safe, and what steps to take afterwards. This is a common concern for many users.

Proactive Measures for Information Security

Instead of waiting to deal with problems after they arise, let’s talk about how you can actively protect the data you enter into Copilot. Understanding how Copilot sends prompts to Bing Search can help. While it’s a handy feature for getting more context, it also poses risks, as any information sent beyond your organisation’s control falls outside the privacy protections you expect from Microsoft agreements.

Addressing the Challenges

Initially, one solution was to disable web grounding altogether. This closed the security gap but limited the functionality of Copilot. Luckily, Microsoft has introduced a new solution: extending Purview’s data loss prevention (DLP) to cover Copilot prompts. This offers IT teams more proactive controls, which is a significant step forward.

How It Works

During a recent discussion with Arlie Hartman, a Principal Solution Engineer, we explored how effective DLP for Copilot prompts can be. The first enhancement deployed by Microsoft ensures that if a prompt triggers a DLP rule based on a sensitive information type or a custom keyword list, Copilot will simply inform the user: “This request cannot be completed because your organisation has blocked Copilot from processing or responding.”

Enhanced Functionality

However, users wanted more flexibility. Now, Copilot can continue to process prompts without resorting to web searches, even if it cannot retrieve extra data from the internet. This means Copilot can still provide answers based solely on the information already available in your organisation’s Microsoft Graph data.

Setting Up DLP Policies

You can create a DLP policy in Purview, specifically tailored for Microsoft 365 Copilot and Copilot Chat workloads. Here’s a simple approach:

1. Define who the policy applies to — users or specific groups.
2. Establish your rules: if a prompt contains sensitive information, a keyword from your custom list, or aligns with a sensitivity label, you can either block the prompt outright or just prevent a web search.

Be mindful that each rule can only enforce one action at a time. If you want to use both a sensitivity label and a sensitive information type, you’ll need to create two separate policies.

The Role of Sensitivity Labels

Sensitivity labels can add another protective layer. For example, tagging a document as “Highly Confidential” can either stop Copilot from processing it entirely or allow for summary and reformulation while preventing web searches based on that content.

Monitoring and Simulation

With the full Purview suite, you can monitor every interaction in Copilot via Activity Explorer. Here, you’ll find details like the prompt, matched rules, confidence scores, and whether an action was blocked or merely flagged. You can also filter the results based on different policies and timeframes to gauge performance.

This is where simulation mode comes into play. Before you activate a rule, test it in simulation mode for a week. This allows you to log DLP violations without disrupting users. Fine-tune your rules to effectively capture real issues while minimising false positives.

Getting Started with DLP in Copilot

Implementing DLP for Copilot prompts requires the Information Protection and Governance option, which is part of the Purview suite offered under E5. Unfortunately, E3 doesn’t include this feature.

One policy can cater to both Copilot Chat and the full Microsoft 365 Copilot. Even if you license this feature only for certain users, the DLP policy will safeguard everyone, ensuring organisational security.

Conclusion

Historically, security around AI tools has often been reactive. This approach provides a way for IT teams to enhance user experience while simultaneously protecting sensitive data from leaks. If you’re part of the E5 programme and haven’t yet explored these features, consider setting up a simulation policy this week to understand your current security landscape better.

FAQs

What is the purpose of DLP in Copilot?

DLP (Data Loss Prevention) helps organisations protect sensitive information by preventing it from being exposed or shared without authorization.

How do I set up DLP policies in Purview?

You can create DLP policies in Purview by defining conditions (like sensitive information types) and specifying actions (like blocking commands) tailored to your organisation’s needs.

What happens if a prompt matches a DLP rule?

If a prompt matches a DLP rule, Copilot will inform the user that the request cannot be completed due to security restrictions in place.

Can I test DLP policies before implementing them?

Yes! You can use simulation mode to test DLP policies for effectiveness without affecting users, allowing you to adjust parameters accordingly.