i really love your videos, this one is great. Especially i love the part (starting from 18:25) how you explained the access to the SharePoint doc library where "All members" have access but the confidential label has been applied. With this Microsoft and Microsoft partners have now a big chance to sell "higher" licenses to the customers so that they can use the Security and Compliance features like Sensitivity labels, DLP policies etc.
Amazing video, really well explained. I have a question, around the minute 37:45 you mentioned that the account might have access to more data based on the SharePoint Administrator Role, can you explain a bit more on that point? I thought you would need access to the data itself to incorporate within your Copilot range and administrative roles will not change the scope that you have access to.
Hi Joilson, I believe I know what he's referring to. A number of organisations I've seen have granted an elevated account or role (such as the SharePoint Service Administrator role) site collection admin over all site collections. This has its benefits and its drawbacks. It makes administration much easier at times (think trying to set an attribute across many or all sites simultaneously), but it also causes issues identified here where a single account or role (and consequently all accounts capable of elevating to that role) has the ability to see data across everything all at once - so a search or Copilot interaction will return far more information in this scenario. As mentioned, this would be a bad actors dream scenario, getting access to everything they could possibly want to inquire about. The use of copilot doesn't actually cause this scenario in any way, it's just potentially easier to extract data using Copilot given the nature of the interaction.
Excellent video, congratulations!! Query: at minute 2:45 of the video, you say that “Copilot searches even in files that are locally on the hard drive”, so it accepts C:\Users\ paths, or am I wrong? Thanks.
I have disabled the copilot in Office 365 and will never grant access to my emails, documents, etc. I only use external AI when needed, and I do not provide it with sensitive data.
i really love your videos, this one is great. Especially i love the part (starting from 18:25) how you explained the access to the SharePoint doc library where "All members" have access but the confidential label has been applied. With this Microsoft and Microsoft partners have now a big chance to sell "higher" licenses to the customers so that they can use the Security and Compliance features like Sensitivity labels, DLP policies etc.
Very good and informative video
thanks!
This is great information and well presented! Thank you for sharing!
Thank you!
Great stuff Nick!
Thanks!
Brilliant presentation, Nick. Got yourself a new sub. Here's to the future!
Thanks for subbing!
Thanks ,Nick ! Really good .
Glad you liked it!
Amazing video, really well explained.
I have a question, around the minute 37:45 you mentioned that the account might have access to more data based on the SharePoint Administrator Role, can you explain a bit more on that point? I thought you would need access to the data itself to incorporate within your Copilot range and administrative roles will not change the scope that you have access to.
Hi Joilson,
I believe I know what he's referring to. A number of organisations I've seen have granted an elevated account or role (such as the SharePoint Service Administrator role) site collection admin over all site collections. This has its benefits and its drawbacks. It makes administration much easier at times (think trying to set an attribute across many or all sites simultaneously), but it also causes issues identified here where a single account or role (and consequently all accounts capable of elevating to that role) has the ability to see data across everything all at once - so a search or Copilot interaction will return far more information in this scenario. As mentioned, this would be a bad actors dream scenario, getting access to everything they could possibly want to inquire about. The use of copilot doesn't actually cause this scenario in any way, it's just potentially easier to extract data using Copilot given the nature of the interaction.
Microsoft 365 E5 Compliance is an add on to E3 to get you some of those E5 Labeling and classification features that you don't get with E3.
Excellent video, congratulations!!
Query: at minute 2:45 of the video, you say that “Copilot searches even in files that are locally on the hard drive”, so it accepts C:\Users\ paths, or am I wrong? Thanks.
He said OneDrive, not local drive (at least the version I was watching 😅 )
What equipment you are using in this presentation?
Interesting. Thanks!
So this could be applied in the company if we are using Copilot from Edge (not on the Office365 platform).
Hi, if you set permission on the payroll folder, can bruce still see it?
I have disabled the copilot in Office 365 and will never grant access to my emails, documents, etc. I only use external AI when needed, and I do not provide it with sensitive data.
Thank you ❤😊
👍👍👍 there is no quality practical information