![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 71%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESR%3C/text%3E%3C/svg%3E)
Microsoft Copilot | Microsoft Security Copilot
AI-powered assistant that helps security teams detect, investigate, and respond to threats
Copilot Studio is designed for secure, enterprise use and includes multiple controls to protect sensitive information, but organizational configuration and governance remain essential.
Key security and privacy protections:
- Enterprise‑grade security, privacy, and compliance
- Copilot capabilities in Power Platform are powered by Azure OpenAI and inherit the existing security, privacy, and regulatory controls of Dynamics 365 and Power Platform, such as multifactor authentication and compliance boundaries.
- Copilot Studio is treated as an Online Service and is compliant with major standards and frameworks (HIPAA coverage, HITRUST, FedRAMP, SOC, ISO, PCI DSS, CSA STAR, and others). See the compliance overview for details.
- Data protection and isolation
- Organizational content is encrypted at rest and in transit using service‑side technologies (for example, TLS for connections and Microsoft cloud encryption mechanisms).
- Requests to shared AI models are segregated by tenant using authentication and authorization, so one tenant’s data is logically isolated from others.
- Microsoft AI models used by Copilot are not trained on and don’t learn from tenant data or prompts, unless the tenant admin has explicitly opted in to data sharing.
- Environment‑level and tenant‑level controls
- Admins can control generative AI capabilities and publishing of custom agents at the tenant level via the Power Platform admin center.
- Admins can restrict which knowledge sources can be used (for example, SharePoint, public websites, documents) using data policies, and apply these at environment or tenant scope.
- Data movement across geographic locations for generative AI features can be allowed or restricted per environment to meet data residency requirements.
- Encryption with customer‑managed keys (CMK)
- Copilot Studio supports turning on customer‑managed keys for the environment. When CMK is enabled, all Copilot Studio data in that environment is encrypted with the organization’s own key, and the organization can rotate or revoke keys as needed.
- Sensitivity labels and Purview integration
- For supported knowledge sources (such as SharePoint, OneDrive for Business, SQL, Dataverse, and others), Copilot Studio can honor Microsoft Purview sensitivity labels, helping classify and protect sensitive content while allowing collaboration.
- When used with Microsoft 365 services, Copilot respects encryption and usage rights applied via sensitivity labels or Information Rights Management.
- Safety, content filters, and responsible AI controls
- Copilot Studio includes responsible AI checks, content safety filters, grounding in trusted data, and guardrails to reduce harmful or ungrounded outputs.
- Data is encrypted in transit and at rest, and protected with role‑based access control, secure API integrations, and continuous vulnerability scanning.
- Data leakage risk management
- Data leakage across tenants is mitigated by tenant and environment isolation and by honoring user permissions on underlying data sources. Copilot uses only data the signed‑in user is authorized to access.
- However, preventing inappropriate internal access (for example, a user seeing documents they should not see) depends on correct configuration of permissions, data loss prevention policies, and knowledge‑source access in the organization.
In summary, Copilot Studio provides strong, enterprise‑grade security and compliance features, including encryption, tenant isolation, CMK support, Purview integration, and safety filters. Residual risk primarily depends on how environments, permissions, and data policies are configured and governed inside the organization.
References:
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 21%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAP%3C/text%3E%3C/svg%3E)