Microsoft just gave you the biggest reason yet to use Copilot instead of Claude or ChatGPT

I was reminded recently why I have routinely recommended the Microsoft ecosystem of apps and solutions over competitor products (in a corporate setting). I fully appreciate that they are not always at the forefront of new technologies (this often frustrates me too), but their walled-garden approach to company and client data has saved more businesses than I can remember, and their new security controls around AI are a game-changer when it comes to selecting AI tools for your business.

I suspect many of you reading this will already be using some form of AI tool, whether this is to help you draft emails, summarise meetings, or analyse documents. This has created a lot of new risks, and the pace of change and the launch of new apps has meant a lot of them have been overlooked due to added benefits or unlocked productivity gains.

I recently spoke with the CEO of a business that uses an AI note-taking app during all his meetings. The conversation quickly turned to ease of use, e.g., meeting summaries were automatically emailed to the recipients after the meeting. However, I likened the approach to asking a random stranger to join all his meetings on the agreement that they would email everyone a copy afterwards. The big question is: what are they doing with the notes after they have sent out the emails?

The natural assumption here is that AI companies have your best interests in mind. This is especially the case if the service is a paid subscription, but that’s most definitely not the case. In one instance, with a different client, we saw an AI tool that wanted full access to their Microsoft 365 environment and all mailboxes so one user could send some automated marketing emails. I’ll say that again: all mailboxes. Every single email in the company. This is far more access than most businesses would ever be comfortable granting, but they wanted the feature.

This Trojan horse effect, with AI tools gaining access inside the walled garden that is your business, can now be mitigated with new controls from Microsoft, which is very exciting, albeit is probably more exciting for security professionals, but it is relevant to every business owner.

They’ve called it Copilot Control System, and it has begun rolling out across Microsoft business tenants around the globe, with a view to better managing how AI tools, including Copilot and AI agents, interact with business data, that may be enough for some of you to reconsider your Claude or ChatGPT subscription.

What is the Copilot Control System?

At a high level, the Copilot Control System introduces additional governance and security controls around how AI is used within your Microsoft 365 tenant, particularly where sensitive information is involved, and attempts to restrict this information from leaking outside your organisation.

For clarity, Copilot Control System isn’t designed as a standalone product, but integrates within your existing tools in the Microsoft ecosystem to give you the ability to control the flow of data in and outside your organisation.

Copilot Control System ties together existing Microsoft security capabilities with new AI-specific guardrails, including

• Data Loss Prevention (DLP) for chat prompts: DLP can now apply to AI prompts and outputs.

  Example: HR drafts a staff communication that contains sensitive reports and figures, policies can restrict or block that request from being processed.

• Data Sensitivity respected by AI: Copilot respects existing Microsoft Purview sensitivity labels.

  Example: If a user does not have access to a file, Copilot will not process its content, even if prompted by users who lack permissions.

• AI agent approval/whitelist/blacklist: IT can now approve, restrict, or reassign AI agents across your environment, including 3rd party tools.

  Example: Your marketing team wants to try a new sales tool that asks you to link every mailbox to their system, providing them unlimited access to every email in your organisation in order to ‘do their job’.  

Why this matters

AI is already active in many Microsoft 365 tenants, often without explicit administrative oversight. Because Copilot operates on the same access rights your staff already have, overly permissive file access can inadvertently expose HR records, financial data, or board papers to AI processing.

In practical terms, it means AI tools operate using the same access permissions as your users. If access controls are too broad, AI can surface information more widely than intended. Data shared with external tools can quickly move beyond organisational control.

Without clear policies, it can be difficult to monitor how AI is being used.

I recently spoke with a senior IT leader who had opened Copilot up to a pilot group within their organisation and very quickly realised that several senior leaders had shared their entire desktop and documents folders via SharePoint. They had only meant to share them with their assistant, but Copilot didn’t care that they had used the wrong settings. Junior members of the team were now able to read the contents of these documents inadvertently. This led to a few interesting situations and a very quick response from the IT team to stop all sharing of user files.

The licensing catch

This is where many businesses may be caught off guard.

Full AI governance capabilities typically require enterprise-grade licensing (E5 or the newer E7). Business Standard and similar commercial plans do not yet include the advanced controls needed for automated label application, prompt monitoring, or agent governance. Organisations on lower tiers can still use Copilot, but they should be aware of the governance gap and plan their rollout accordingly.

Engaging with AI while using non-Enterprise licenses does not mean you should avoid AI, but it does mean you should understand the risks and make informed decisions about how it is introduced.

What should businesses consider today?

1. Which AI tools are our staff actively using across Microsoft 365 (and outside)?

2. Are your file permissions and access controls aligned with current data sensitivity?

3. Do you have clear policies on what information can and cannot be processed by AI?

You do not need to solve everything at once. Start with the obvious risks, make a few sensible policy decisions, and build from there as your use of AI grows.

What now?

AI is becoming a mainstream business tool because it delivers real productivity gains when used well. The challenge is that many businesses are adopting it faster than they are putting the right controls around it.

The message is simple: AI can deliver meaningful productivity gains, but only when the right controls, permissions, and governance are in place. Before you move ahead, make sure you understand what is enabled, where your data can flow, and whether your licensing and security settings are fit for purpose.

In this race to have the best features, Microsoft is not currently the leader, but when it comes to protecting one of your company’s most valuable assets, your data, they’ve taken a giant leap forward.

If you would like help reviewing your setup, understanding your risks, or putting the right guardrails in place, please get in touch.