DLP for
Microsoft Copilot
Copilot is built into Microsoft 365, the browser, and a native desktop app. Without DLP controls, confidential data flows freely into all three. Aona detects, redacts, and hard-blocks sensitive data in real time, across Microsoft 365 Copilot, Copilot in the browser, and the Copilot desktop app that network and CASB tools never see.
What Gets Leaked into Copilot
These four data types appear most frequently in Copilot prompts and uploads, and create the most significant compliance and competitive risk.
Customer PII
Names, email addresses, phone numbers, account details, pasted into Copilot during customer service, sales, or data analysis tasks.
Financial Records
Revenue data, forecasts, earnings reports, payment card numbers, and budget documents shared with Copilot before public disclosure.
Source Code
Proprietary algorithms, API keys, database credentials, and internal codebases submitted to Copilot without restriction.
Internal Strategy Docs
Board minutes, M&A information, competitive strategy, and legal correspondence dropped into Copilot for drafting or summarisation.
How Aona DLP Works
Three-stage pipeline from prompt to protection, all in real time, before data leaves your environment.
Real-Time Prompt Inspection
Aona intercepts every prompt and file upload before it is submitted to Copilot, in the browser and in the native desktop app. The content is inspected in milliseconds, with no latency impact on the employee experience.
Classification
Aona classifies the prompt content server-side against your data policies, identifying PII, financial data, source code, and custom data types using AI-native pattern recognition.
Block or Redact
Depending on your policy, Aona hard-blocks the prompt or automatically redacts the sensitive portion, in real time. There is no acknowledge-and-continue override.
Where Aona Covers Copilot
Aona DLP works across every surface Copilot runs on, including the native desktop app that network and CASB tools cannot inspect.
Microsoft 365 Copilot
Microsoft
Copilot in browser
Microsoft
Copilot desktop app
Microsoft
ChatGPT
OpenAI
Google Gemini
Claude
Anthropic
Perplexity
Search AI
+ 5,600 more
All AI tools
How Aona DLP for Microsoft Copilot Works
Real-time prompt and file inspection across the browser and the native desktop app, protecting data before it ever leaves your organisation.
Deploy on Every Surface
The Aona browser plugin (Chrome, Edge, Firefox) covers Copilot in the browser, while the Windows and macOS native endpoint app intercepts the Copilot desktop app on the device. One policy, both surfaces, including the desktop app network and CASB tools miss.
Inspect Every Prompt and Upload
Aona intercepts prompts and file uploads before they reach Copilot. Every prompt is scanned server-side for PII, financial data, source code, healthcare records, and custom data types, in real time, with zero latency impact.
Hard-Block or Redact
Depending on your policy, Aona hard-blocks sensitive prompts with no acknowledge-and-continue override, or redacts the sensitive portion of an uploaded DOCX or Excel file while preserving layout. Full audit log captured for every event.
of employees use unsanctioned AI tools
Gartner, 2025
average cost of an AI data breach
IBM Cost of a Data Breach Report, 2024
Network and CASB tools miss the Copilot desktop app
Most DLP and CASB tooling inspects browser traffic only. The Copilot desktop app runs natively on the device, so prompts typed into it never pass through a proxy that those tools can read. Aona's Windows and macOS native endpoint app inspects the desktop app directly, so the same hard-block and redaction policy applies whether an employee uses Copilot in the browser or the desktop app, with no blind spot.
Copilot is grounded on your Microsoft Graph, which is the point and the risk
Microsoft 365 Copilot does not answer from a generic model alone. It is grounded on your tenant's Microsoft Graph: the emails, files, chats, and calendar items the signed-in user can already access.
Tenant grounding on Graph data
Because Copilot reasons over SharePoint, OneDrive, Exchange, and Teams content, a single prompt can pull regulated or confidential material into a response and into whatever an employee does next with it. Aona inspects the prompt an employee types and the files they attach, so sensitive content is caught on submit rather than after it has been surfaced and reused.
Commercial vs consumer Copilot
Microsoft 365 Copilot carries commercial data protection inside the licensed tenant. Consumer Copilot, signed into with a personal Microsoft account, does not give your organisation those guarantees. Staff frequently have both on the same device. Aona enforces one policy across both, so data does not quietly leave through the consumer path.
Copilot lives inside Word, Excel, Outlook, Teams, and a desktop app
Copilot is not one window. It is embedded across the apps your team uses all day, plus a native desktop app, and each surface is a separate way for data to reach the model.
Copilot inside the M365 apps
In Word it drafts from documents, in Excel it analyses spreadsheets of financial or customer data, in Outlook it summarises and drafts email, and in Teams it recaps meetings. Employees feed real business content into all of them without thinking of it as sending data to an AI. Aona's browser plugin for Chrome, Edge, and Firefox applies the same hard-block and redaction policy across Copilot in the browser.
The Copilot desktop app
The Copilot desktop app runs natively on Windows and macOS, so prompts typed into it never pass through a proxy that network DLP or CASB tools can read. Aona's native endpoint app intercepts the Copilot desktop app directly on the device, closing the blind spot those tools leave open.
DLP for other AI assistants
Aona applies the same real-time, server-side DLP across every major assistant your team uses. Explore the tool-specific guides.
DLP for ChatGPT
Cover ChatGPT Enterprise, Team, and free, plus custom GPTs and memory, with one consistent policy.
DLP for Google Gemini
Cover Gemini on the web, Gemini across Google Workspace, and Google AI search with one consistent policy.
DLP for Claude
Cover Claude on the web and the Claude desktop app intercepted natively, including Projects and MCP connectors.
Turn DLP policy into a real AI governance program
Use these templates and resources to define what data can reach AI tools, document controls, and create the audit trail security reviewers expect.
AI Security Audit Checklist
Audit AI tool usage, data flows, prompt controls, and governance gaps before sensitive data leaves your organisation.
AI Incident Response Playbook
Give security teams a repeatable process for investigating AI data leakage, prompt abuse, and policy violations.
AI Security Statistics 2026
Use current benchmarks on AI risk, leakage, and adoption to build urgency with leadership and procurement teams.
Frequently Asked Questions
Stop Copilot Data Leaks Today
Start your free 90-day trial. Full DLP coverage for Microsoft 365 Copilot, Copilot in the browser, and the Copilot desktop app, plus 5,600+ AI tools in the catalog.