90 Days Gen AI Risk Trial -Start Now
Book a demo
["Data Breaches","IP Infringement","Algorithmic Bias","Rapidly Evolving Regulations"]·office.com

Microsoft 365 Copilot

Chat to start writing, planning, learning and more with Microsoft 365 Copilot

Visit websiteCompare with another tool
Risk Score
Medium
4/10

Independent assessment across data handling, compliance, security and transparency.

Risk factors

3
  • Cloud SaaS with data sent to Microsoft for processing.
  • Requires user input which may include sensitive information.
  • Opt-out for training on user data may not be straightforward.

Recommendations

4
  • Audit SharePoint permissions before rollout to prevent oversharing
  • Enable Purview data classification and DLP
  • Configure tenant-level training and retention controls
  • Monitor Copilot audit logs for sensitive access

Data handling

Storage
Customer data stored in Microsoft 365 tenant with EU Data Boundary options
Retention
Follows tenant retention policies; prompts/responses stored per M365 settings
Training on inputs
Does not use customer data to train foundation models