How to keep Microsoft 365 Copilot safe and useful

by Matthieu Silbermann

This article delves into the integration of Microsoft 365 Copilot into workplace practices, showcasing its ability to enhance productivity with AI assistance significantly. It discusses Copilot’s functions, the potential risks of oversharing and data breaches, and underscores the necessity of stringent information governance. Readers will gain insights into the complexities of handling confidential information within Microsoft 365 frameworks and learn how Powell Software’s tools—Powell Teams and Powell Intranet—provide comprehensive solutions for securing digital environments. This article informs on balancing innovation with information safety by offering a detailed overview of optimizing Microsoft 365 Copilot use while maintaining data protection and security through effective workspace and intranet management.

The rise of Microsoft 365 Copilot

Microsoft 365 Copilot is like a new team member that’s super-powered because it uses artificial intelligence. It’s designed to make working with Microsoft 365 a breeze for all kinds of use cases. The [Microsoft Official Blog] ( tells us that more people can now use Copilot to help with their work. This is exciting, but it also means we must be careful. Copilot is powerful, but if we’re not careful, it could accidentally show private stuff to people who shouldn’t see it. This problem has happened before with Microsoft Delve, where people saw things, they weren’t supposed to.


In this article, we will see how the risk of oversharing files can lead Microsoft 365 Copilot to leak confidential information or provide contradictory information. We will also see how Powell Software solutions can mitigate these risks by governing workspaces and the Intranet.

Understanding the risks

With Microsoft 365, we can talk, share, and work together using many different tools. This is handy but makes it easy to find stuff we didn’t mean to accidentally. This could be anything from a small mistake to something bigger, like letting everyone see secret company stuff or private details about the people we work with. Now that Copilot is here to help us use our files better, there’s an even bigger chance that we might share things by accident. It’s like having an intelligent assistant who can find and share documents quickly, but sometimes, it might share the wrong things if we’re not careful.

See Microsoft Post on how to prepare to Copilot: Microsoft Copilot for Microsoft 365 overview | Microsoft Learn

The oversharing problem

Don’t get me wrong: Microsoft 365 Copilot provides answers based only on the documents an employee has access to. The problem is that many people share documents with “overly broad” rights.

Consequently, relying solely on Copilot is like leaving a water tap on all day and night. If we don’t watch it, it can flood our workplace with information that was supposed to be kept quiet. Let’s say someone from the HR department slips up and shares a document that lists everyone’s salaries in a public team: everybody will have the right to discover it. That kind of mistake is serious. It can make people lose trust in the company and even get the company in trouble with the law. And Copilot, with its ability to find and show any file, could spread that mistake even more if we’re not careful.


When things get mixed up

Now, think about a company with two rules for traveling for work. The actual, correct rules are posted on the company’s official news page, but there’s also a rough draft with some old rules sitting in a shared folder somewhere. If someone asks Copilot for the travel rules and it explains to them the old draft instead of the actual rules, that person might do something wrong because they got confused. This mix-up can cause problems, from people not following the correct procedures to the company having issues with running things.

mixed up

Putting information governance in place

Like digital librarians, you must avoid these problems and keep Copilot working well. You should review everything shared in your company and ensure each information is in the right place: some things are okay for everyone to see, but others should be kept private. You need to make clear rules about making and sharing your work files. You should use standard templates that have been checked and approved by the people in charge, and You should have special checks in place to ensure everything follows the rules. This way, the IT team can quickly spot and fix any problems.

See Gartner study: Mitigate Copilot for Microsoft 365 Risks Through Information Governance (

How Powell Software helps keep things organized

Powell Software has two great tools to help keep our digital workspaces neat and safe: Powell Teams and Powell Intranet.

Organizing Teams effectively with Powell Teams

Powell Teams is more than just an M365 Administration platform; it’s a comprehensive framework for efficiently managing Microsoft Teams and SharePoint sites. Using the Understand, Manage, Control framework clarifies how teams are organized and operated.

Understanding Your Workspace: Before managing your teams and SharePoint sites, you must understand them. Powell Teams gives you an oversight of all the workspaces across your organization. It helps you see which teams are active, which have guest members, and which are open to all employees. This understanding is crucial to prevent oversharing.

Managing Team Creation and Access: Once you understand your workspace, you can start managing it. Powell Teams lets you set up rules for creating a new team and SharePoint site space. This means you can control who can create teams and what information they can share there. For example, it can ensure that HR managers can only create private teams where sensitive employee information is discussed, thus preventing accidental sharing through a public team.

Control with Governance Policies: Control is about implementing the right governance policies. Powell Teams allows you to define and enforce these policies so that team spaces follow the rules set by your organization. This can include who can join a team, ensuring there is always a team owner, and even how teams should be named. It’s like having a set of traffic lights and signs within Microsoft Teams to guide everyone safely and avoid mishaps.

Powell Teams

Governing the Intranet with Powell Intranet

Powell Intranet is the command center for your company’s communications, ensuring that the information flow is smooth and secure.

  • Architecting the Intranet: Powell Intranet allows you to architect your intranet strategically. It enables you to define the structure and organization of your intranet content, ensuring that information is easy to find and accessible to those who need it. The architecture is designed to prevent confusion and to keep everyone on the same page.
  • Framing Content Creation: The platform promotes consistent and efficient content creation using Content Types and Templates. These tools ensure that every content, whether a news post, policy update, or document, follows a standard format and meets the company’s governance criteria before publication. This means that an HR representative, for example, can only create and share content that fits within the established guidelines, reducing the risk of sharing incorrect or outdated information.
  • Content Approval: With Powell Intranet, you can set up approval workflows for content, so nothing goes live without the proper checks. This means if a draft of the travel policy needs approval, it won’t be visible to the broader company until it has been reviewed and approved by the necessary authorities. Only the final, approved document version will be shared, ensuring the accuracy and reliability of the information that reaches your team.

govern pintra

In short

Microsoft 365 Copilot can be incredible for making our work more accessible, but we need to use it wisely, as oversharing and misinformation can rapidly come out of control.

By leveraging Powell Teams and Powell Intranet, you will establish a robust framework that enhances collaboration and maintains the integrity and security of your digital workplace. The combined capabilities of understanding, managing, and controlling team spaces, along with governing the architecture and content creation on your intranet, provide a comprehensive approach to managing corporate information in the era of Microsoft 365 Copilot.

Together, these Powell Software solutions cultivate an environment where effective collaboration and strict information governance go hand in hand, ensuring your company’s digital communication is efficient and secure.

In short, do you want to be prepared for Microsoft 365 Copilot? Put a governed Workspaces and Intranet framework with Powell Intranet and Powell teams solutions first.

We’ll have more to share soon. Keep an eye out for our next piece, where we’ll dive into how to create a safe space for all our work knowledge using Powell Software AI governed capability. That’s how we’ll make sure our digital workplace is not just smart, but also secure and well-organized.

Subscribe to our newsletter and receive the latest information about the Digital Workplace every month.