Short
Microsoft has released guidance for system administrators to prevent its Copilot AI from accessing and sharing too much information. The problem occurs when Copilot can see data beyond a user's intended access level, which can result in unwanted data exposure or responses containing information users shouldn't see. The guidance suggests admins should first identify SharePoint sites with lower security risks to test the AI's behavior in a more secure environment. They should then remove sensitive content from Copilot's reach. Finally, they should strengthen privacy by restricting access to pages to specific team members.