M365

Microsoft Purview Data Security Posture Management (DSPM for AI) is designed to enhance data security for the following AI applications: Microsoft Copilot...

Gaurav Anand, CVP, Microsoft 365 Engineering   Recent advancements in reasoning models are transforming chain-of-thought based iterative reasoning,...

File sharing is at the heart of SharePoint Online. Being able to report file sharing events by analyzing the audit log is a good skill for administrators.

To continue my posts on external access on Microsoft 365. I have considered why you need it but what are the options? I cover this point in…

For a little while now, Microsoft offers a Data Loss Prevention (DLP) policy that can be specifically scoped at Microsoft 365 Copilot (Hereafter called ‘Copilot’). This feature lets you…

Compare Microsoft 365 Copilot and Copilot Chat, including features, licensing, and security to choose the best AI tool for your organization.

You know that saying "another day, another dollar"? Pretty sure when the songwriters came up with that, they weren’t talking about handing over your hard-earned cash to big tech. Yet, here we are, watching Microsoft introduce another premium pay-as-you-go product that will probably have you paying a little more.Data Security Investigations - AI-powered deep content analysis: useful or just another expense?Look, I’m a firm believer that organisations should be putting their money into preventativ

Recently, we added new Copilot value to our Microsoft 365 Personal and Family subscriptions. We are excited to announce our rollout of new Copilot features...

You can bring your SharePoint Agents experience to Microsoft Teams and share it with other users in the chat experience.

The Facilitator agent can make sense of the messages posted to a Teams chat and summarize the discussion and extract to-do items and unanswered questions.

The AI assistant adds personalization, web actions, podcast creation, and more.

Big things happening.

The digital landscape presents an ever-increasing array of sophisticated cyber threats targeting businesses of all sizes. For small to medium-sized enterprises (SMBs) in Australia, the need for rob…

Samantha Kloos-Kilkens an ex-Microsoft Entra PM and owner of Argus IT joins us to delve into the complexities of B2B collaboration, cross-tenant access, and guest management in Microsoft Entra ID.

Track file-sharing activity logs in Microsoft Teams to ensure data protection and compliance by auditing shared files across teams.

A reader asked if it's possible to discover who made retention label assignments for SharePoint files. The Files Graph API can't, but audit log searches can.

Let’s face it, most jobs involve some level of interaction with customers, colleagues, or partners. Whether you're collaborating with your team, attending meetings, or simply making small talk in the break room, how you handle these social situations can have a big impact on your relationships, performance, and even your reviews.   While developing comfort and confidence in social settings is a skill that can be cultivated over time, it presents unique opportunities for both neurodivergent and neurotypical individuals to connect and support one another. Every interaction offers a chance for growth and mutual understanding.   With innovative tools, strategic preparation, and practice, we can enhance our ability to engage effectively with colleagues, recognizing that social interactions are a shared journey. This approach fosters stronger connections and opens doors to new opportunities, meeting each person where they are.  Social scripting can help build confidence in workplace interactions. What is social scripting?  Social scripting is the practice of establishing behavior patterns for interacting with others. These mental maps help us navigate situations by suggesting expected behaviors, actions, and responses. Social scripts can reduce anxiety and build confidence in what to say or do.  Some examples of social scripts in the workplace include:  Making small talk with coworkers  Participating in one-on-one or group meetings  Handling compliments or criticism  How Copilot Chat can help with social scripting  Like many neurodivergent folks, I find that certain types of social interactions drain my batteries or trigger an avoidance response more than others. Fortunately, Copilot Chat can simplify these interactions by breaking them down into manageable elements, providing context for in-person or meeting interactions, and offering practice conversations to build familiarity and confidence. Here’s how:  Clarifying implicit social rules  Social scripts can be learned from observing family members, peers, and even popular culture. They span basic interactions to more complex dynamics, and they shift along with changes in societal norms. While many people process social cues intuitively, neurodivergent individuals may find unspoken rules more complex. Copilot can assist by clarifying these social cues and providing guidance. For example:  Breaking down social interactions: Copilot can take something as simple as greeting a colleague in the café and break it down into clear steps – what to say, how to say it, and even tips on body language and tone.  Providing context: Ever wonder why the weather is such a common topic in small talk? Copilot can help explain the why behind certain conversational norms such as topics and tone, so you don’t just learn what to say, but also why it works in context.  Here are some related prompts to try:   What are some good "small talk" topics I can prepare for my team's next happy hour? I'd like to avoid politics and sports.  What are some ways I can gracefully exit a conversation at a work networking event?  Role-playing and simulation  When it comes to social interactions, there’s no substitute for practice. But replicating real-life scenarios in a safe and supportive way can be tricky. Here’s how Copilot can help:  Practice conversations: You can simulate realistic workplace dialogues, like navigating a one-on-one with your manager or jumping into a group meeting. Copilot can create different scenarios, giving you the chance to rehearse responses and refine your approach.  Dynamic feedback: As you role-play, Copilot offers real-time suggestions to help fine-tune your tone and phrasing. For instance, do you need to practice how to ask for feedback? Copilot can provide coaching on how to make your request less stressful and more effective.   Related prompts: I'd like help preparing for my annual review with my manager next month. I want to bring up the topic of my promotion, but I'm a little anxious about it. Provide some ideas of how I can start the conversation and some simulated dialogue?  I have a meeting with my colleague Deepti in two days. Provide some questions and discussion points? My goal is to get help with budgeting my time on the community management project.   Real-time prompts and coaching  Imagine you’re in a meeting and, suddenly, you’re not sure how to respond. No worries! With Copilot’s real-time assistance, you’ll have a discreet assistant offering suggestions as things unfold.  Contextual cues: If you’re taking time to process what’s being said in a meeting or an unexpected distraction pops up during a discussion, you can ask Copilot to recap what’s been discussed so far and if you’ve been mentioned in the discussion.   Meaningful interventions: Want to contribute follow-up questions or get clarity on what’s been said so far in a meeting? Ask Copilot in Teams for real-time suggestions on what you can ask or for an analysis of what’s been discussed.  Related prompts: Recap what’s been discussed so far and inform me if I’ve been mentioned. Have any asks been made of me?  Provide feedback on how my portion of the presentation was received? How effectively did I present on the topic of our new editorial calendar and process for publishing new blogs?  Provide key takeaways from what Jeff has shared so far in this discussion. Help me draft some follow-up questions for Jeff based on what we’ve discussed so far in this meeting. I’d like to focus on questions that drive clarity and ensure that we walk away from this meeting on the same page about our next steps.   Customized communication templates  Workplace communication can sometimes feel like it follows a script. Whether it’s sending an email, preparing for a meeting, or crafting feedback, you can lean on Copilot to make sure your communication is spot-on.  Generate custom templates: Copilot can create tailored templates for all sorts of workplace interactions such as drafting emails, structuring meetings, and requesting and providing feedback. Copilot will help ensure you’ve got the right approach for every situation.   Adapt to different audiences: Every audience has its own vibe. Copilot can help you adapt your message, so whether you’re speaking to a small team or a larger group, you’ll always hit the right note.  Related prompts: Create an email template I can use to request stakeholders provide a status update on their deliverables by the end of this Friday? Make the tone friendly but assertive, as I want them to understand it's important to keep the project moving.  I'd like to create business connections with some of my colleagues. Help me draft an intro email for a person I'd like to work with? Include info about who I am and the projects I work on. Include open-ended questions for my colleague and suggest that we meet soon to elaborate on our work assignments. Make it professional and friendly but not too enthusiastic. I'm shy and I don't want my email to be too bold.  Create precision questions about the discussion in my last team meeting that emphasize learning over criticizing in their tone? I'm curious about work projects but I don't want people to think I'm critical of their ideas.  Data-driven insights  Sometimes, we don’t realize our communication habits until they’re pointed out. Copilot can help identify patterns in communications and suggest areas for improvement.  Spotting communication pitfalls: If your emails tend to come off too direct, Copilot will flag it and suggest ways to soften your approach.  Identifying winning strategies: Copilot can highlight communication patterns that have led to positive outcomes in the past or are likely to lead to the specific outcomes you are looking for. This can help you connect effectively with anyone.  Related prompts: Review my emails from the past three weeks and suggest ways to make my communications clearer and more action-oriented.  I need to draft an email to Giovanna, a colleague I have never engaged with before. I need to introduce myself and request a meeting so we can discuss the project timeline and dependencies. Help me draft an email with a professional and friendly tone.   I just met with my manager about the next steps in my career. Provide coaching on how I conducted this meeting: [insert Teams meeting or transcript file].   Copilot and social scripting – tools that help build confidence and team cohesion  Navigating social situations at work can be challenging regardless of your neurotype. However, the right prompts and AI tools can help you prepare, practice, and refine your social scripts. By fostering meaningful conversations, offering actionable feedback, and building confidence, Copilot helps you shine in every social interaction.  Give these tips a try, and don’t forget to share your experiences in the comments! If you’ve discovered any neurodivergent-friendly Copilot prompts that have worked for you, let’s swap ideas so we can all embrace our strengths and succeed together! 

Microsoft releases its answer to OpenAI and Google's Deep Research.

Short VersionMicrosoft Teams users will soon be able to report security risks and concerns regarding external users in one-on-one chats, group chats, and meeting chats. Due early to mid-May 2025. DetailsAfter this rollout and if enabled in your organisation, you will be able to hover on a Teams chat message select the three-dot menu

For years, Microsoft has told us that items held by retention policies or eDiscovery holds are immutable and cannot be removed. Well, that's not quite the case as proven by the launch of the Purview Priority Cleanup solution, which is able to find and remove held items (only in Exchange Online for now). There's lots of interesting technology to discuss, but I wonder if Priority Cleanup is too complex and a tad slow to succeed.

It takes an average of 292 days – almost a year – to identify and contain data breaches involving stolen credentials.[1] During those critical months,...

Photo by Danist Soh on Unsplash Microsoft Features: DSPM for AI Estimated Read Time: 5 minutes In my previous blog, I gave an introduction to DSPM for AI. I discussed some key data security concern…

With Copilot Chat now available for all M365 users, we invite you to join our Coffee and Copilot learning sessions to unlock the full potential of your new AI assistant. No matter your role or experience level, in just 90 minutes, our expert-led sessions will transform you from a beginner to a pro in Copilot Chat. We'll guide you through the foundations of AI, the basics of navigating Copilot, and understanding how Copilot handles your most sensitive data. Here's what you'll learn: Foundations of AI: Get a solid understanding of AI principles. Navigating Copilot: Master the basics and explore its capabilities. Content Creation: Learn how to create compelling content effortlessly. Research: Discover efficient ways to conduct research using Copilot. File Upload: Understand how to manage and upload files seamlessly. Prompt Library: Explore a variety of prompts to enhance your workflows. Don't miss this opportunity to elevate your productivity! Our sessions are offered every Friday, until June 20th, so choose the date that suits you best and get ready to transform your workflows. Reserve your spot below and take your AI skills to the next level. See you there! Registration Dates:(Currently, only dates until April 25th are available for registration. More dates will come soon) DateRegistration Link March 28th Coffee and Copilot (March 28)April 4thCoffee and Copilot (April 4)April 11thCoffee and Copilot (April 11)April 18thCoffee and Copilot (April 18)April 25thCoffee and Copilot (April 25)      

Introduction to DSPM for AI In an age where Artificial Intelligence (AI) is rapidly transforming industries, ensuring the security and compliance of AI integrations is paramount. Microsoft Purview Data Security Posture Management (DSPM) for AI helps organizations monitor AI activity, enforce security policies, and prevent unauthorised data exposure. Microsoft Purview Data Security Posture Management (DSPM) for AI addresses three primary areas: Recommendations, Reports, and Data Assessments. DSPM for AI assists in identifying vulnerabilities associated with unprotected data and enables prompt action to enhance data security posture and mitigate risks effectively. Getting Started with DSPM for AI To manage and mitigate AI-related risks, Microsoft Purview provides easy-to-use graphical tools and comprehensive reports. These features allow you to quickly gain insights into AI use within your organization. The one-click policies offered by Microsoft Purview simplify the process of protecting your data and ensuring compliance with regulatory requirements. Prerequisites for Data Security Posture Management for AI To use DSPM for AI from the Microsoft Purview portal or the Microsoft Purview compliance portal, you must have the following prerequisites: You have the right permissions. Monitoring Copilot interactions requires: Users are assigned a license for Microsoft 365 Copilot. o   Microsoft Purview auditing enabled. Check instructions for Turn auditing on or off. Required for monitoring interactions with third-party generative AI sites: Devices are onboarded to Microsoft Purview, required for: Gaining visibility into sensitive information that's shared with third-party generative AI sites. (e.g., credit card numbers pasted into ChatGPT). Applying endpoint DLP policies to warn or block users from sharing sensitive information with third-party generative AI sites. (e.g. a user identified as elevated risk in Adaptive Protection is blocked with the option to override when they paste credit card numbers into ChatGPT) The Microsoft Purview browser extension is deployed to users and required to discover site visits to third-party generative AI sites. Things to consider Recommendations may differ based on M365 licenses and features. Not all recommendations are relevant for every tenant and can be dismissed. Any default policies created while Data Security Posture Management for AI was in preview and named Microsoft Purview AI Hub won't be changed. For example, policy names will retain their Microsoft AI Hub -prefix. In this blog post we are going to focus on Recommendations. Recommendations Let's explore each of the recommendations in detail, which will encompass one-click policy creation, data assessments, step-by-step guidance, and regulations. The data in the reports section will be contingent upon the completion of each recommendation. Figure 1: Recommendations – DSPM for AI Control unethical behaviour in AI Type: One-click policy Solution: Communication Compliance Description: This policy identifies sensitive information within prompts and response activities in Microsoft 365 Copilot. Action: Create policy to setup a one-click policy. Conditions: Content matches any of these trainable classifiers: Regulatory Collusion, Stock manipulation, Unauthorized disclosure, Money laundering, Corporate Sabotage, Sexual, Violence, Hate, Self-harm By default, all users and groups are added. The customisation of the policy is also available during the one-click policy creation process.   Figure 2: Recommendations – One-click policy Guided assistance to AI regulations Type: New AI regulations Solution: Compliance manager Description: This recommendation is based on the NIST AI RMF regulations, suggesting actions to help users protect data during interactions with AI systems. Action: Monitor AI interaction logs: Go to Audit logs, configure search with workload filter, select copilot and sensitive information type and review search results. Monitor AI interactions in other AI apps: Navigate to DSPM for AI and review interactions in other AI apps for sensitive content and turn on policies to discover data across AI interactions and other AI apps. Flag risky communication and content in AI interactions: Create Communication compliance policy to define the necessary conditions and fields and select Microsoft Copilot as location. Prevent sensitive data from being shared in AI apps: Create Data loss prevention (DLP) policy with sensitive information type as conditions for Teams and Channel messages location. Manage retention and deletion policies for AI interactions: Create a retention policy for Teams chat and Microsoft 365 Copilot interactions to preserve relevant AI activities for a longer duration while promptly deleting non-relevant user actions. Protect sensitive data referenced in Copilot responses Type: Assessment Solution: Data assessments Description: Use data assessments to identify potential oversharing risks, including unlabelled files. Action: Create Data Assessments, Navigate to DSPM for AI - Data Assessments and Create Assessments. Enter assessment name and description Select users and data sources to assets for oversharing data Conduct the assessment scan and review the results to gain insights into oversharing risks and recommended solutions to restrict access to sensitive data. Implement the necessary fixes to protect your data. Discover and govern interactions with ChatGPT Enterprise AI (preview) Type: ChatGPT Enterprise AI (Data discovery) Solution: Microsoft Purview Data Map Description: Register ChatGPT Enterprise workspace to discover and govern interactions with ChatGPT Enterprise AI. Action: If you’re organisation is using ChatGPT Enterprise, then enable the Connector In Microsoft Azure, use Key Vault to manage credentials for third-party connectors: Use Key Vault to create and manage the secret for the ChatGPT Enterprise AI Connector. In Microsoft Purview, configure the new connector using Data Map: How to manage data sources in the Microsoft Purview Data Map Create and start a new scan: Create a new scan, select credential, review, and run the scan. Protect sensitive data referenced in Microsoft 365 Copilot (preview) Type: Data Security Solution: Data loss prevention Description: Content with sensitivity labels will be restricted from Copilot interactions with a data loss prevention policy. Action: Create a custom DLP policy and select Microsoft 365 Copilot as the data source. Create a custom rule o   Condition: content contains sensitivity labels. o   Action: Prevent Copilot from processing content.   Figure 3: Custom DLP policy condition and action Fortify your data security Type: Data security Solution: Data loss prevention Description: Data security risks can range from accidental oversharing of information outside of the organization to data theft with malicious intent. These policies will protect against the data security risks with AI apps. Action: A one-click policy is available to create a data loss prevention (DLP) policy for endpoints (devices), aimed at blocking the transmission of sensitive information to AI sites. It utilises Adaptive Protection to give a warn-with-override alert to users with elevated risk levels who attempt to paste or upload sensitive information to other AI assistants in browsers such as Edge, Chrome, and Firefox. This policy covers all users and groups in your org in test mode. Figure 4: Block with override for elevated risk users Information Protection Policy for Sensitivity Labels Type: Data security Solution: Sensitivity Labels Description: This policy will set up default sensitivity labels to preserve document access rights and protect Microsoft 365 Copilot output. Action: Create policies will navigate to Information protection portal to set up sensitivity labels and publishing policy. Protect your data from potential oversharing risks Type: Data Security Solution: Data Assessment Description: Data assessments provide insights on potential oversharing risks within your organisation for SharePoint Online and OneDrive for Business (roadmap) along with fixes to limit access to sensitive data. This report will include sharing links. Action: This is a default oversharing assessment policy. To see the latest oversharing scan results: Select View latest results and choose a data source. Complete fixes to secure your data.   Figure 5: Data assessments – Oversharing assessment data with sharing links report Use Copilot to improve your data security posture (preview) Type: Data security posture management Solution: Data security posture management (DSPM) Description: Data Security Posture Management (preview) combines deep insights with Security Copilot capabilities to help you identify and address security risks in your org. Benefits: Data security recommendations Gain insights into your data security posture and get recommendations protecting sensitive data and closing security gaps. Data security trends Track your org's data security posture over time with reports summarizing sensitive label usage, DLP policy coverage, changes in risky user behaviour, and more. Security Copilot Security Copilot helps you investigate alerts, identify risk patterns, and pinpoint the top data security risks in your org.

This guide breaks down how Loop Components and Pages are stored, their impact on tenant-wide storage, and what actions administrators can take to manage storage efficiently.

Introducing Live chat in Microsoft Teams, a new way for small businesses to connect with customers, vendors, and partners. Learn more.

Starting next week, following our popular series “Microsoft 365 Copilot Training Series on Demand,” Microsoft’s Darryl Rowe and Michael Gannotti will begin a new series titled “Microsoft 365 Copilot and Copilot Agents Management Series.” The series will run over 8 recorded podcasts that will be posted to the HLS Blog and be linked in here as well. Microsoft 365 Copilot and Copilot Agents Management Series: Introduction to Copilot Chat Microsoft 365 Copilot and Copilot Chat Administration Introduction to agents Agent management controls Agents built in SharePoint Agents built in Agent Builder Agents built in Copilot Studio Analytics and Monitoring Be sure to mark this page in your browser favorites and check back each week. The above bullet items will be updated to active links as the podcast sessions are released. Recording begins Monday 3/24/2025 with the first podcast, “Introduction to Copilot Chat,” dropping late Monday afternoon. In the meantime check out the following resources: Meet Copilot, Your AI Assistant for Work | Microsoft 365  Microsoft 365 Copilot – Microsoft Adoption  Adoption resources for Microsoft 365 Copilot | Microsoft Learn  Microsoft 365 admin center scenarios that configure Copilot | Microsoft Learn Extend Microsoft 365 Copilot | Microsoft Learn 

Today’s blog is one that I’m very excited about - I’m going to show you all about how to use the brand new Copilot Prompt Gallery, or as they are calling it, “Prompts”, which is rolling out now. It’s a place to store your favorite prompts and share prompts with your teams. Two things to note: One is that, as of right now, this does require an M365 Copilot license to use as an app in Teams.

In this video, we dive into the exciting news that Microsoft has made their E5 Security License available to Microsoft 365 Business Premium users for just $1...