How does enterprise data protection in Copilot work?
EDP is Microsoft's way of ensuring that any data that users expose through Copilot queries doesn't end up with third parties and isn't used to train the AI model.
Enterprise data protection is Microsoft's promise to prevent the ingestion of sensitive data if that data is a part of a Copilot query.
One of the primary risks of an AI copilot is that a user's query might expose their organization's sensitive data. In certain situations, the underlying AI engine might even train on that sensitive data. When it comes to the potential for accidental data exposure, it's important to understand that not all copilots are created equally: Microsoft 365 Copilot was created with data security and privacy in mind, and it is designed not to leak an organization's data.
Copilot keeps a record of prompts and responses, though that data is not used to train Copilot's foundational model. Microsoft refers to these prompts and responses as the content of interactions, and the data is stored as the user's Copilot interaction history. Admins can view and manage users' Copilot interaction history through Microsoft Purview, as shown in Figure 1.
Under its enterprise data protection (EDP) policy, Microsoft ensures an organization's sensitive data is not exposed to third-party organizations. It's worth noting that Copilot for Microsoft 365 does allow the use of third party plugins. Microsoft advises customers to review the privacy statement associated with any plugins they might use to ensure that sensitive data is not exposed through the plugin.
Microsoft allows Copilot to use plugins when they are required to formulate a response to a user's query. However, an organization can control which plugins Copilot is allowed to interact with. To view the list of plugins and their associated permissions, users can open the Microsoft Admin Center and click on the Integrated Apps option found within the Settings section. This screen displays which plugins are currently allowed. Users can also review the plugins' privacy statements and disable a plugin if necessary. Figure 2 shows the Integrated Apps screen, though no apps are deployed in this example.
Before enterprise data protection, Copilot for Microsoft 365 used commercial data protection, a feature that users needed to turn on to get the protections that are promised under EDP. Microsoft retired commercial data protection when it rolled out a series of updates to Copilot in September 2024. EDP protections now are enabled by default.
Brien Posey is a former 22-time Microsoft MVP and a commercial astronaut candidate. In his more than 30 years in IT, he has served as a lead network engineer for the U.S. Department of Defense and a network administrator for some of the largest insurance companies in America.
