top of page
Search

How to gain Control over all agents in Microsoft 365

  • Writer: Bjørnar Aassveen
    Bjørnar Aassveen
  • 3 hours ago
  • 3 min read

Agents have become a central part of the Microsoft 365 ecosystem. From Copilot to SharePoint and Copilot Studio, we’re seeing an explosion of intelligent (and not-so-intelligent) assistants that automate tasks, provide insights, and improve productivity.

But with this growth come new challenges:How do we ensure that agents operate securely, in line with company policies and compliance requirements?



What Is an Agent in Microsoft 365?

An agent is a digital assistant that performs tasks on behalf of the user or organization. In Microsoft 365, there are several types:

  • Copilot Agents: Personal or team-based assistants that help with documents, email, meetings, and data analysis.

  • SharePoint Agents: Automated processes working with document libraries, intranet, and workflows. These can be triggered by Copilot or Power Automate and operate on SharePoint data.

  • Copilot Studio Agents: Custom solutions built by the organization for specific needs, often integrated with external systems via the Power Platform.


Challenges with Agents

When agents can be created by users or developers without central control, several risks arise:

  • Data Access: What data do agents have access to? Is it sensitive information?

  • Compliance: Do agents follow the organization’s guidelines for GDPR, security, and archiving?

  • Shadow Agents: Agents that emerge without IT oversight can create unpredictable security issues.


How to gain control

ree

Microsoft has introduced several tools and features to help with governance. Here are the most important ones: Kontrollsystem for Copilot oversikt | Microsoft Learn


Microsoft 365 Admin Center 

The Copilot Admin Center provides an overview of active Copilot features and agents.

  • You can set policies for who can create agents.

  • Additionally, you can use audit logs to track agent activity.

ree

ree

Here you can manage most settings related to Copilot and agents, including whether users are allowed to start a trial license without involving you 😵.


Power Platform Admin Center 

  • Here you manage Copilot Studio agents and Power Automate flows.

    Key features:

    • Environment Management: Set up separate environments for development, testing, and production.

    • Data Loss Prevention (DLP) Policies: Restrict which data sources can be combined. (lRead more here: Power Platform - DLP policyer)

    • You can view all agents and classic chatbots under the admin center.

ree


SharePoint Admin Center 

Key features:

  • Agent Insights: A report showing all SharePoint agents. This report displays active agents within 1, 7, 14, or 28 days. In other words, not a complete list of all SharePoint agents, but those created and used within the specified time frame.

  • Site-Level Policies: Define which agents can operate on content.


ree
ree




In the End: Structure, Order, and Control

When securing Copilot and agents in SharePoint, structure and control are key.

It’s still boring to clean the room and take out the trash. But the boring stuff often works—simple, yet effective.

The same applies to data governance and access control. 🔒


Sensitivity Labels and DLP

Copilot and agents in all forms respect and enforce labels and DLP rules as defined.This means that if you’ve excluded files with a label, they won’t be available in Copilot Studio, M365 Copilot, and/or SharePoint agents. Read more here: Ekskluder innhold fra M365 Copilot - Del 2🕵️


⚙️ SharePoint Advanced Management

With SharePoint Premium, you gain access to advanced tools for content management, sharing control, and lifecycle regulation.This allows you to implement a comprehensive governance model that not only protects data but also provides insight and traceability.. SharePoint Advanced Management (SAM)


Bjørnar&AI

 
 
 
bottom of page