Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
In this phase, you establish a robust foundation for securing and managing your Copilot environments. Phase 2 focuses on creating an environment strategy, implementing advanced security measures, and ensuring proper governance to support development, testing, and production workflows. By following these guidelines, you can safeguard your organization's data, streamline application lifecycle management (ALM), and optimize the use of generative AI features while maintaining compliance with organizational policies.
Environment strategy
Environment isolation: Build an environment strategy for your organization and maintain distinct environments for development, testing, and production. Define data loss prevention (DLP) policies for each environment. Ensure that each Copilot maker uses their own development environment for creating Copilot agents by enabling features such as environment routing.
ALM process: Implement a healthy application lifecycle management process within your organization and build deployment pipelines for solution versioning and deployment automation using in-product pipelines or an external DevOps platform such as Azure DevOps.
Security and access controls
Secure your tenant and environments: To secure your environments and tenant against attack, consider using and enabling features such as:
- Lockbox
- Dataverse audit
- IP firewall
- IP cookie binding
Network security: To minimize public exposure of any endpoints used by your Copilot agent, use Azure Virtual Network support, firewalls, or service endpoints for the different components of your Copilot and overall solution.
Conditional access: Apply Microsoft Entra Conditional Access for corporate devices and networks.
Allowed authentication: Establish the permitted user authentication model for the Copilot agent within your organization (for example, authentication via Microsoft Entra ID vs manual authentication, or no authentication required). Additionally, decide on restricting or permitting web channel access to ensure an appropriate security level for your web channel.
Restricted user access: Consider limiting authoring access to Copilot Studio to specific security groups to control authoring privilege by implementing security groups.
Data and access security
Geographic data residency: Understand and evaluate the security and geographic data residency and data locations in Copilot Studio agents against the data residency and compliance requirements of your organization.
Role-based access control: Administrators are advised to use Power Platform RBAC and leverage security groups to assign appropriate roles (for example, admin, maker, or end-user) to each Copilot Studio user within the Power Platform admin center to ensure proper access management across all environments.
MFA and identity: Enable multifactor authentication for all Power Platform and Copilot users through Microsoft Entra ID across your entire environment to ensure secure access.
Least privilege: Restrict agent permissions to essential data sources and consider using a service principal account for production environment deployment and custom connector authentication.
Governance and DLP considerations
DLP policies: Establish environment-level or tenant-level data loss prevention rules for your agent to restrict unused first-party (1P) and third-party (3P) connectors (business versus nonbusiness) based on the agent's use case and requirements.
Shared connections: Decide if Copilot agents run tools in a user context or dedicated service account (Copilot author account) to properly manage the access permissions of your Copilot agent.
Sharing and channel control: Enforce publishing channel restrictions to prevent unauthorized sharing and ensure all sensitive data is properly labeled in knowledge sources.
Generative AI features
AI orchestration type: Choose the appropriate orchestration type for your organization. Select between classic and generative orchestration based on your specific organizational and use case requirements.
Copilot agent types: Determine the suitable agent triggers for your organization. Choose either autonomous (trigger-based) or conversational agents based on your business scenarios and your organization's security policies.
Conversation language understanding model: Choose the language understanding model permitted for use in your organization. Decide between the default Microsoft Copilot Studio NLU or custom conversational language understanding based on your requirements, data complexity, and the available skill set within your team.
Related information
- Power Platform environment strategy
- Microsoft Entra Conditional Access
- Information barriers in Microsoft 365