Share via


Phase 2: Architecture and design

In this phase, you establish a robust foundation for securing and managing your Copilot environments. Phase 2 focuses on creating an environment strategy, implementing advanced security measures, and ensuring proper governance to support development, testing, and production workflows. By following these guidelines, you can safeguard your organization's data, streamline application lifecycle management (ALM), and optimize the use of generative AI features while maintaining compliance with organizational policies.

Environment strategy

Security and access controls

  • Secure your tenant and environments: To secure your environments and tenant against attack, consider using and enabling features such as:

  • Network security: To minimize public exposure of any endpoints used by your Copilot agent, use Azure Virtual Network support, firewalls, or service endpoints for the different components of your Copilot and overall solution.

  • Conditional access: Apply Microsoft Entra Conditional Access for corporate devices and networks.

  • Allowed authentication: Establish the permitted user authentication model for the Copilot agent within your organization (for example, authentication via Microsoft Entra ID vs manual authentication, or no authentication required). Additionally, decide on restricting or permitting web channel access to ensure an appropriate security level for your web channel.

  • Restricted user access: Consider limiting authoring access to Copilot Studio to specific security groups to control authoring privilege by implementing security groups.

Data and access security

Governance and DLP considerations

  • DLP policies: Establish environment-level or tenant-level data loss prevention rules for your agent to restrict unused first-party (1P) and third-party (3P) connectors (business versus nonbusiness) based on the agent's use case and requirements.

  • Shared connections: Decide if Copilot agents run tools in a user context or dedicated service account (Copilot author account) to properly manage the access permissions of your Copilot agent.

  • Sharing and channel control: Enforce publishing channel restrictions to prevent unauthorized sharing and ensure all sensitive data is properly labeled in knowledge sources.

Generative AI features

  • AI orchestration type: Choose the appropriate orchestration type for your organization. Select between classic and generative orchestration based on your specific organizational and use case requirements.

  • Copilot agent types: Determine the suitable agent triggers for your organization. Choose either autonomous (trigger-based) or conversational agents based on your business scenarios and your organization's security policies.

  • Conversation language understanding model: Choose the language understanding model permitted for use in your organization. Decide between the default Microsoft Copilot Studio NLU or custom conversational language understanding based on your requirements, data complexity, and the available skill set within your team.

Next step