3.2. Copilot Data Security

💡 First Principle: Microsoft 365 Copilot accesses data through the Microsoft Graph API using the permissions of the signed-in user — nothing more. It cannot access files the user can't access. What Copilot does is make it faster and easier for users to reach what they're already permitted to reach. The data security risk isn't Copilot — it's overpermissioning that existed before Copilot arrived.

Think of Copilot as a very fast research assistant who can only look at documents you've already given them access to. Copilot can't pick locks — but it can instantly read every file in every unlocked cabinet. The security risk isn't what Copilot can access; it's what you've inadvertently left unlocked.

⚠️ Exam Trap: Copilot doesn't bypass permissions — it respects them exactly. The problem is that "technically has access" and "should have access" often diverge. Fix the permissions, not Copilot.

This mental model is the most important thing you can carry into the Copilot data security section of the exam. Organizations that deploy Copilot and suddenly "discover" sensitive data being surfaced didn't have a Copilot problem — they had a pre-existing oversharing problem that Copilot made visible.

Getting this right matters: an organization that deploys Copilot without first reviewing permissions may expose sensitive data to users who were already technically allowed to access it, but never would have found it without AI assistance.

⚠️ Common Misconception: Copilot can access any data in the tenant, including data the signed-in user cannot access. This is false — Copilot operates strictly within the user's existing permissions. Oversharing is a governance problem, not a Copilot problem.