Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Microsoft Purview Data Loss Prevention (DLP) can help you protect interactions with Microsoft 365 Copilot in two ways:
Restrict Microsoft 365 Copilot and Copilot Chat from processing sensitive prompts (preview), you can create a DLP policy to help protect against the use of sensitive information types (SIT), such as credit card numbers, passport identification, or social security numbers in Microsoft Copilot 365 prompts. This includes Microsoft provided SITs and custom SITs that you create. This real-time control helps organizations mitigate data leakage and oversharing risks by preventing Microsoft 365 Copilot and Copilot Chat, including pre-built agents in Microsoft 365 Copilot and Copilot Chat, from returning a response when prompts contain sensitive data and from using that sensitive data for both internal and external web searches.
Restrict M365 Copilot and Copilot Chat processing sensitive files and emails (generally available), you can create a DLP policy to help protect against the inclusion of files and emails that have sensitivity labels from being used in the response summarization to prompt in Microsoft 365 Copilot and Copilot Chat.
Important
You can't use both content contains sensitive info types and content contains sensitivity labels conditions in the same rule. You can create a rule for each condition in the same policy, but not in the same rule.
Block sensitive information types in prompts
This feature is in preview. It's available in Microsoft 365 Copilot, Copilot Chat and Copilot in Word, Excel, PowerPoint.
Tip
During preview, the user messaging in Word, Excel, PowerPoint might not clearly state that the interaction with Copilot in those products is blocked due to an organizational policy. The sensitive prompt is still restricted and Copilot will not provide a response.
Block SITs in prompts use case example
Contoso encourages their employees to use Microsoft 365 Copilot to enhance productivity, but they don't want their users placing Canada physical addresses or EU debit card numbers into prompts.
To meet this business need, Contoso creates a DLP policy that targets the Microsoft 365 Copilot and Copilot Chat location and has a rule that uses the Content contains > Sensitive information types > Canada physical addresses or EU debit card numbers condition to identify prompts that contain those SITs. The actions in the rule are configured to Restrict Copilot from processing content > Processing prompts.
When a user attempts to submit a prompt that contains either of these sensitive information types, they receive a message indicating that the request can't be completed because it contains sensitive information that the organization has blocked Micropsoft 365 Copilot from using.
Block files and emails with sensitivity labels from being used in response summaries
To set this up, create DLP policies that use the Microsoft 365 Copilot and Copilot Chat policy location with the Content contains > Sensitivity labels condition to exclude items from being processed. Identified items still appear in the citations of the response, but the content of the item isn't used in the response or accessed by Copilot.
Block items with sensitivity labels example use case
Contoso establishes and applies a sensitivity label taxonomy to their data. The taxonomy includes these labels:
- Highly Confidential
- Confidential
- Internal
- Public
- Personal
They deploy Microsoft 365 Copilot and Copilot Chat to help users find and use Contoso enterprise information in their organization. They want to minimize the risk of General Data Protection Regulation (GDPR) data being included in Microsoft 365 Copilot and Copilot Chat summaries and also exclude private information from summaries. They create a DLP policy that uses the Microsoft 365 Copilot and Copilot Chat policy location with the Content contains > Sensitivity labels condition to exclude items that have the Personal sensitivity label from being processed in the response summary and also to exclude items that have the Highly Confidential sensitivity label from being processed in the response summary.
Permissions
The account you use to create or edit DLP policies must have the permissions discussed in Permissions.
In addition, to create or edit a DLP policy that protects against SITs being used in Microsoft 365 Copilot and Copilot Chat prompts, the account must have any of these roles/role groups assigned:
- Data Security AI Admin - Role for editing Data Loss Prevention policies related to Copilot and viewing AI content in Data Security Posture Management. This role does not have access to read prompts and responses of AI interactions.
- Data Security AI Admins - Use this group to assign editing capabilities for Data Loss Prevention policies related to Copilot and viewing AI content in Data Security Posture Management. Review the role description for access details. It contains the Data Security AI Admin role.
Coverage types of content email and files
The DLP for Microsoft 365 Copilot and Copilot Chat policy location supports specific content that Copilot processes across various experiences.
Microsoft 365 Copilot and Copilot Chat rule configured to protect items with sensitivity labels supports:
File items, which are stored and items that are actively open. For more information on supported file types, see: file types supported by sensitivity labels.
Emails sent on or after January 1, 2025.
Calendar invites are not supported. Local files are not supported.
DLP for Copilot in Microsoft 365 apps such as Word, Excel, and PowerPoint support files, but not emails.
Note
When a file is open in Word, Excel, or PowerPoint and has a sensitivity label for which DLP policy is configured to prevent processing by Microsoft 365 Copilot and Copilot Chat, the skills in these apps are disabled. Certain experiences that don't reference file content or that aren't using any large language models aren't currently blocked on the user experience.
Availability
- The Microsoft 365 Copilot and Copilot Chat policy location is only available in the Custom policy template.
- When you select the Microsoft 365 Copilot and Copilot Chat policy location, all other locations for that policy are disabled.
- DLP alerts, DLP notifications, and policy simulation mode are supported.
- Updates to a DLP policy can take up to four hours to reflect in Microsoft 365 Copilot and Copilot Chat experience.
Admin unit support
The Microsoft 365 Copilot and Copilot Chat policy location doesn't support Admin units.
Supported Conditions and Actions
The Microsoft 365 Copilot and Copilot Chat policy location supports the following conditions and actions:
| Conditions | Description | Supported policy actions | Description |
|---|---|---|---|
| Content contains > Sensitivity labels | Detects when a file or an email in Exchange has a chosen sensitivity label | Prevent Copilot from processing content | The content of the item isn't processed by Copilot or used in the response summary, but the item could be available in the citations of the response. |
| Content contains > Sensitive information types | Detects when a prompt contains chosen sensitive information types | Prevent Copilot from processing content > Processing prompts | Copilot does not respond to the prompt. Prompt is not used for internal or web searches. |
Note
All Microsoft 365 Copilot prompts run in the security context of the user who initiates the prompt. This means for a user to see an item in a prompt response, they must first have the necessary permissions to access the content of the item. You can then use the Microsoft 365 Copilot and Copilot Chat policy location feature to exclude items from being processed in the response summary.