KapacyberKapacyber
AI Security 8 min read

Microsoft 365 Copilot Security for SMBs — What to Lock Down First

Before rolling out Copilot, six configurations every small business should get right. The default settings will surface files your CEO didn't mean to share.

The model: Copilot exposes existing permissions

Microsoft 365 Copilot doesn't bypass your permissions. If a user can't open a file, Copilot can't use that file in a response to them. That sounds reassuring — until you remember how permissions actually work in most SMB tenants.

The typical small-business M365 tenant has years of accumulated “Everyone” permissions on SharePoint sites, “Anyone with the link” sharing on OneDrive, departed-employee accounts still active, contractors who got promoted-to-admin and never downgraded. Before Copilot, all of that was invisible — technically a problem, but nobody was browsing the entire tenant looking for misfiled HR documents.

Copilot will browse the entire tenant. Asked “summarise our comp philosophy,” it will find the salary spreadsheet that was shared with “Everyone” in 2022 and use it in the response. The intern asking “what are the salaries?” will receive the relevant figures. That's not a Copilot bug. It's Copilot doing exactly what it's supposed to do, on top of a tenant that nobody hardened.

The six pre-rollout configurations

01

Audit SharePoint oversharing first

Copilot can surface anything a user has access to. If your SharePoint has years of accumulated "Everyone" and "Anyone with the link" permissions, Copilot will happily surface the CEO's salary spreadsheet to the new intern. Run an oversharing audit before turning Copilot on, not after.

02

Deploy sensitivity labels — at minimum 'Confidential'

Microsoft Purview Information Protection lets you label sensitive documents. Copilot honours these labels and gates responses accordingly. A minimum viable rollout: a Confidential label applied to HR, finance, and client-data folders, with auto-classification rules where possible.

03

Tune the M365 Audit logs

Copilot interactions are logged in the unified audit log if E5 / Compliance is licensed. Without retention configured, that log defaults to 90 days. Extend it (at least 1 year, ideally per your regulatory requirement) and feed it to your SIEM if you have one. You want to be able to reconstruct ‘what did this user ask Copilot about that client?’ after an incident.

04

Conditional access on Copilot endpoints

Restrict Copilot access by device compliance (managed device only), location (block from sanctioned-country list), and risk score. The same Entra ID conditional-access policies that protect M365 should protect Copilot.

05

Data Loss Prevention rules for Copilot output

DLP policies in M365 Purview can be applied to Copilot-generated content. Useful for blocking accidental inclusion of credit card numbers, SSNs, regulated data categories in outputs that get emailed or shared.

06

Disable Copilot for unsanctioned plug-ins and connectors

Copilot Studio agents and Microsoft Graph connectors can extend Copilot's reach into third-party systems. Maintain a written allow-list of approved connectors and disable user-installable plug-ins until you've reviewed them.

What licensing actually requires

A few of the controls above require specific licenses:

  • Sensitivity labels (auto-classification): Requires M365 E5 or E5 Compliance add-on. Manual labels work on E3.
  • DLP for Copilot output: Requires M365 E5 or E5 Compliance.
  • Extended audit log retention: Requires M365 E5 or E5 Compliance for 1-year+ retention.
  • Conditional Access: Available on Business Premium and E3+. Most SMBs already license this.

If you're on Business Premium without E5 Compliance, you can still run a defensible Copilot deployment — you just lean more on manual labelling, SharePoint permission hygiene, and Conditional Access rather than DLP automation. Adding E5 Compliance is roughly $12/user/month at SMB pricing as of 2026, which becomes the right trade for businesses with regulated data.

The minimum-viable rollout plan

  1. Week 1: SharePoint and OneDrive oversharing audit. Remediate the worst “Everyone” permissions on HR, finance, and client folders.
  2. Week 2: Deploy 3 sensitivity labels (Public, Internal, Confidential). Apply Confidential manually to high-risk folders. Set Conditional Access to require managed devices for Copilot.
  3. Week 3: Extend audit log retention. Document allow-listed connectors and disable user-installable plug-ins.
  4. Week 4: Pilot Copilot to a small group (5–10 users). Validate sensitivity labels are honoured. Watch the audit log for surprising queries.
  5. Month 2+: Phased rollout. Auto-classification rules. DLP policies. Internal awareness session on how to prompt Copilot without leaking client data into unintended places.

The acceptable-use policy belongs in the rollout too

Technical controls are necessary but not sufficient. An acceptable-use policy tells employees what they can and can't feed into Copilot, what they should do if Copilot returns something that looks too sensitive, and how to report concerns. We cover the policy framework in our companion article AI Governance Policy for SMBs.

Copilot-readiness review

We audit your M365 tenant for the oversharing and labelling gaps that turn Copilot into a leak source, and produce a remediation roadmap. Free initial scoping call.

Book a Copilot-readiness review

Keep Reading

AI Security · Threat Landscape9 min read

AI Security for Small Business: The 2026 Threat Landscape

Read More
AI Security · Compliance9 min read

AI Governance Policy for Small Business — A Plain-English Framework

Read More
Threat Alert5 min read

Why Small Businesses Are the #1 Target for Ransomware in 2025

Read More

Explore Our Managed Security Services

EDR, 24/7 monitoring, backup, and incident response in one predictable plan.

Learn More