Copilot for Microsoft 365 – Game Changer or Risk Maker?
Summary
TLDRThe webinar, hosted by Chris Goff and Craig Fretwell, delves into the transformative potential of Microsoft 365 Co-Pilot, a tool that integrates generative AI across Microsoft's productivity suite. It emphasizes how Co-Pilot can streamline business operations, automate tasks, and enhance data analysis, thereby increasing efficiency and fostering innovation. The discussion also addresses the critical need for robust security measures and data governance to mitigate risks associated with AI adoption. The speakers highlight the importance of aligning AI integration with organizational goals and operational needs, adhering to ethical AI principles, and leveraging tools like Microsoft's Purview for data governance. The webinar concludes with a Q&A session, addressing queries about Co-Pilot's security, meeting scheduling capabilities, data analysis in Excel, and licensing requirements.
Takeaways
- 🚀 **Co-Pilot as a Game Changer**: Microsoft 365 Co-Pilot is seen as a significant stride in leveraging ongoing digitization in business landscapes, exemplifying the shift towards more efficient and intelligent enterprises through generative AI.
- 🛡️ **Security and Compliance**: Co-Pilot adheres to Microsoft's stringent data protection and privacy policies, ensuring that personal data is safeguarded and access complies with organizational policies and industry standards.
- 📈 **Productivity Boost**: Co-Pilot can automate mundane tasks, generate content, and analyze data more effectively, leading to increased productivity and allowing users to focus on higher-value work.
- 🤖 **Integration Across Microsoft 365**: Co-Pilot is embedded across all Microsoft 365 apps, enhancing capabilities in Word, Excel, PowerPoint, Outlook, and Teams.
- 📊 **Data Analysis in Excel**: Co-Pilot assists with interpreting data through natural language queries, creating complex formulas, and generating summaries, making data analysis in Excel more accessible.
- 🔍 **Search Capabilities**: Co-Pilot can search through large volumes of data, emails, and chats, helping to manage the digital debt that outpaces human processing abilities.
- 📅 **Meeting Scheduling**: Co-Pilot can schedule meetings directly from email conversations, understanding context and preferences to automate the coordination process.
- 📝 **Document Processing**: Co-Pilot can summarize long documents, such as PDFs, focusing on specific areas to provide key points for users, saving time and effort.
- 🔗 **Collaboration and Workflow**: Co-Pilot streamlines workflows and automates tasks, enabling more efficient collaboration and communication within teams.
- 📈 **AI-Powered Hiring Process**: Co-Pilot can assist in creating a more efficient hiring process by summarizing candidate CVs, generating interview questions, and even drafting offer letters.
- ⚖️ **Ethical AI Development**: Both OpenAI and Microsoft are committed to the ethical development and deployment of AI, with Microsoft's investment supporting ongoing AI research and development.
Q & A
What is the main topic of the webinar?
-The main topic of the webinar is discussing whether Microsoft 365 Co-pilot is a game changer or a risk maker in the context of business operations.
Who are the presenters of the webinar?
-The presenters of the webinar are Chris Goff, the COO of Cyber One, and Craig Frettwell, a three-time Microsoft Security MVP.
What is the foundation of Cyber One's business?
-Cyber One is a multi-award-winning organization that provides a range of cyber services to a diverse portfolio of customers, focusing on managed services, security, and technical expertise.
How does Microsoft 365 Co-pilot aim to transform business operations?
-Microsoft 365 Co-pilot aims to transform business operations by integrating generative AI across the Microsoft productivity tools suite, automating mundane tasks, generating content, and analyzing data more effectively.
What are the potential risks associated with the rapid adoption of AI in business?
-The potential risks include insufficient management risk controls, increased regulatory scrutiny, and possible regulatory consequences for non-compliance in data protection and AI governance.
What is the significance of the partnership between OpenAI and Microsoft?
-The partnership merges OpenAI's cutting-edge artificial intelligence research with Microsoft's robust infrastructure and market reach, leading to key developments such as Azure's AI supercomputing infrastructure and the integration of advanced AI features into Microsoft 365 products.
What are the six AI principles that form the foundation for responsible AI?
-The six AI principles are fairness, reliability, safety, privacy, security, inclusiveness, transparency, and accountability.
How does Microsoft ensure that Co-pilot adheres to security and compliance standards?
-Microsoft ensures Co-pilot's adherence to security and compliance standards by inheriting the organization's security and compliance policies from Microsoft 365, ensuring data is managed in line with current commitments, and not training the large language model on the tenant data.
What is the minimum requirement for adopting Microsoft 365 Co-pilot?
-There is no minimum requirement for the number of licenses. Organizations of any size, from 1 to thousands, can adopt Co-pilot, but they should ensure they have the necessary infrastructure and resources to support AI initiatives.
How can organizations prepare for the adoption of AI technologies like Co-pilot?
-Organizations should establish clear goals for using AI, review their current pain points, develop a data strategy, ensure they have the necessary infrastructure and resources, and prepare for AI by understanding their business case and reviewing risks.
What steps should be taken to safeguard against the risks of AI?
-Steps include establishing comprehensive governance frameworks, data protection measures, understanding the shared responsibility model, developing a clear strategy for AI integration, and ensuring robust security controls are in place to counteract adversarial actions.
Outlines
😀 Introduction to Microsoft 365 Co-Pilot Webinar
The webinar is introduced by Chris Goff, COO of Cyber One, and Craig Frettwell, a three-time Microsoft security MVP. They discuss the topic of Microsoft 365 Co-Pilot, exploring whether it's a game-changer or a risk-maker. Cyber One is presented as a trusted cyber experience provider, founded in 2004, with a global presence and a wide range of cyber services. The company's focus on customer-first approach and strong technical expertise is highlighted, along with their commitment to ethical AI development and deployment.
🚀 Transformative Impact of Microsoft 365 Co-Pilot
The speakers delve into how Microsoft's involvement with AI is leading to significant transformations across various industries. They discuss the concept of 'digital debt' and its impact on productivity, emphasizing the need for AI to enhance human capabilities. The potential of AI to automate routine tasks, unearth insights, and drive decision-making processes is highlighted. The importance of developing a clear strategy for AI integration is stressed, along with the ethical considerations and the partnership between OpenAI and Microsoft in advancing AI technologies.
⚠️ Navigating the Risks of AI Adoption
The paragraph addresses the challenges and risks associated with the swift adoption of AI in businesses. It discusses the need for comprehensive governance frameworks and data protection measures, referencing the Microsoft shared responsibility model. The importance of understanding and fulfilling organizational responsibilities in AI deployment is emphasized, along with the functional layers of AI-enabled applications and the necessity for robust security measures to ensure safe AI usage.
🤖 Utilizing AI for Enhanced Productivity and Efficiency
The discussion shifts to how organizations can leverage AI to improve day-to-day tasks and automate repetitive processes. It outlines the importance of having a data strategy, considering the infrastructure and resources needed to support AI initiatives. The transformative potential of Microsoft 365 Co-Pilot across various Microsoft apps is explored, including its ability to streamline workflows and automate tasks, enabling users to focus on high-value work.
📈 Co-Pilot's Capabilities in Data Analysis and Scheduling
The speakers provide examples of how Co-Pilot can be utilized in practical scenarios, such as improving the hiring process and assisting with data analysis in Excel. They also discuss the AI principles that underpin responsible AI and the governance framework, emphasizing the importance of continuous monitoring and ethical AI development. The paragraph concludes with a scenario illustrating a CEO's day enhanced by Co-Pilot's functionalities.
🛡️ Security and Compliance in AI Adoption
The focus is on the security risks associated with AI and the importance of having robust security controls in place. It emphasizes understanding sensitive data, access controls, and the risks of data exposure. The paragraph outlines steps for protecting data, including data classification, access controls, and data protection measures. It also stresses the importance of preparing for AI adoption by considering goals, pain points, and the current state of technology infrastructure.
📝 Data Classification and Access Management for AI
The paragraph discusses the importance of data classification and access management in the context of AI. It covers the need for automatic classification, data labeling, and ensuring that sensitive documents are correctly labeled and secured. The discussion extends to the necessity of identity verification, role-based access control, and the implementation of data protection controls to prevent data leakage and enforce data governance.
🔍 Monitoring and Mitigating Risks in AI Integration
The speakers emphasize the importance of monitoring high-privileged accounts and the risks of phishing attacks in the context of AI. They discuss the need for regular phishing campaigns and the importance of data leakage prevention through tagging, classification, and applying watermarks. The paragraph concludes with a recommendation for a 5-day workshop to prepare organizations for the adoption of Co-Pilot, covering stakeholder engagement, data classification, governance, and a phased implementation plan.
❓ Addressing Questions on Co-Pilot's Security and Capabilities
The session concludes with a Q&A where the speakers address questions about the security of information processed by Co-Pilot, its ability to schedule meetings based on email conversations, and assist with data analysis in Excel. They also discuss the minimum requirements for Co-Pilot, emphasizing the importance of having the right licensing levels and security measures in place to ensure data protection and compliance.
Mindmap
Keywords
💡Microsoft 365 Co-Pilot
💡Digital Transformation
💡Artificial Intelligence (AI)
💡Data Governance
💡Shared Responsibility Model
💡Ethical AI
💡Identity and Access Management (IAM)
💡Data Protection
💡Regulatory Compliance
💡Business Risk
💡Workshop for AI Readiness
Highlights
Microsoft 365 Co-pilot exemplifies the shift towards leveraging AI and cloud technologies to create more efficient, agile and intelligent enterprises.
Co-pilot integrates generative AI across the Microsoft productivity suite, automating mundane tasks and enabling more effective content generation and data analysis.
The rapid digitization of business landscapes is revolutionizing operations, communication and value delivery to customers.
Microsoft labels the challenge of managing the sheer volume of data, emails and chats as 'digital debt', which hinders creative work.
AI adoption offers unprecedented opportunities for innovation, efficiency and customer engagement.
87% of leaders believe AI will give their organization a competitive edge.
The partnership between OpenAI and Microsoft merges cutting-edge AI research with robust infrastructure and market reach.
Co-pilot enhances productivity by streamlining workflows and automating tasks across all Microsoft 365 apps.
Co-pilot can help create a more efficient hiring process by summarizing candidate CVs, generating interview questions and creating offer letters.
Co-pilot can act as a research assistant, providing in-depth answers to complex questions and saving time and effort.
Microsoft has mapped Co-pilot development to AI principles and the responsible AI standard, emphasizing fairness, reliability, privacy, security and transparency.
Co-pilot automatically inherits your organization's security, compliance and privacy policies from Microsoft 365.
Adopting Co-pilot requires a clear AI integration strategy aligned with your organization's goals and operational needs.
Establishing comprehensive governance frameworks and data protection measures is crucial to navigate the challenges of AI adoption.
The shared responsibility model outlines the tasks handled by AI service providers versus those managed by your organization.
Co-pilot can interpret data in Excel by providing natural language insights, analyzing trends, creating complex formulas and generating summaries.
There is no minimum license requirement for Co-pilot anymore - it can be used with any number of Microsoft 365 Business Premium licenses.
Co-pilot can facilitate evaluation of SQL data, assist in data extraction using PowerBI queries, and help generate reports and dashboards.
Transcripts
morning everybody uh welcome to
um another cyber one webinar today's um
topic is co-pilot for Microsoft 365 Game
Changer or risk maker um I'm Chris Goff
I'm the COO of cyber one and with me I
have Craig fretwell as well hi my name
is Craig fretwell I'm a three times
Microsoft security
MVP uh and we've got a great uh
presentation for you for for this
webinar today
so I without further Ado I'll uh run
through our intro quickly and then we'll
get into the uh meat and potatoes of the
uh the
presentation so for any of you that
aren't familiar with who we
are uh we're cyber one um and we are the
most trusted cyber experience in the
Digital World um we provide a whole
range of cyber services for a whole
range of
customers um a couple of facts about the
business very quickly founded in 2004
and privately owned operate out of three
main Global uh locations both in the UK
and our main um um uh sock Hub also in
the
Philippines um we are a
multi-award-winning Organization for the
quality and capability of our services
over 200 customers uh 45 plus Money
Services across a whole variety of
customer segments so across cyber we we
have a um a diverse port portfolio of
services we cover the full managed
Services everything from sock fully
managed um uh uh Microsoft 365 uh
Services which we call rore 365 um
service platform uh noock Services
secure nox services and and Pen testing
and everything you could possibly expect
um we um we're a strong technical
focused business um and we uh operate
our technical teams both leading out to
the UK but also again support by our
team in the Philippines um and we also
have a diverse range of skills
everything from solution Architects
right through to security and cyber
analysts um we're all about putting
customers first uh and we have some
great customer relationships that that
we've held on to and and grown over many
many years and also our credentials that
you would expect any um capable cyber
provider we have those um
also so um just moving forwards
um apologies um so let's talk about um
the um uh webinar topic for today and
Craig over to
you you there Craig just to do the the
syro oh yeah sorry yeah my bad uh yeah
so uh we've got a great um webinar
schedule for today on coop Game Changer
or risk maker um and it all starts with
how uh Microsoft first involved with the
partnership and then looking at um how
productive uh co-pilot can be within
your environments while also having
those safeguarding methods of you know
releasing co-pilot securely and safely
within your environment without opening
up to too much business
risk so we are doing a follow-up um face
Toof face session as well for anyone who
finds US interest Ing and wants to know
more that's in the sh on the Thursday
the 25th of April and at the end of this
session um we will be um also taking
some questions and answers as well so
without further Ado let's kick off the
the world is changing with the
integration of co-pilot from Microsoft
365 into business operations represents
a significant stride in leveraging the
ongoing digitization or of business
Landscapes so this this era is not just
about the transformation of Industries
or shifting macroeconomic
environments it's about acknowledging
and embracing the technological
inflection points that we're uh
experiencing
today and this digitization of
businesses is is revolutionizing you
know how we operate how we communicate
how we deliver value to
customers and it's not not merely about
transitioning from paper to digit
digital anymore it's about harnessing
the power of data Ai and Cloud
Technologies to create more efficient
agile and intelligent
Enterprises so Microsoft 365 copilot
exemplifies this shift by integrating
generative AI across Microsoft Suite of
productivity tools enabling businesses
to automate mundane tasks generate
content and analyze data more
effectively than ever
before Industries across the board from
healthc care to finance from education
to manufacturing are undergoing profound
Transformations so this evolution is
driven by digital technologies that
enable new business models and
streamline
operations a Microsoft 365 copile really
stands at the Forefront of this
inflection point symbolizing how AI can
enhance human capabilities and redefine
what's possible with within the
workplace and the pace of volume of work
is is unlike anything we've experienced
before so we're spending too much time
searching for information and navigating
inefficient meetings which leaves less
time for for deep thinking uh creating
content and and social
collaboration but the sheer volume of
data emails and chats has really
outpaced our ability to to process it
all and Microsoft are labeling this as
digital debt so every minute spent
managing this digital debt is a minute
not spent on Creative work and in a
world where creativity is the new
productivity digital debt is more than
an inconvenience and it's impacting
business
so a recent study shows that nearly two
in three people say they don't have
enough time and energy to do their job
and those same employees are 3.5 times
more likely to struggle with Innovation
and strategic
thinking and this recent study from
Microsoft found that 87% of leaders
believe that AI will give their
organization a Competitive Edge and
adopting AI technology offers
unprecedented opportunities for
Innovation uh efficiency and and
customer engagement so by leveraging AI
organizations can automate you know
routine tasks unearth insights from data
analytics Drive decisionmaking process
with predictive
analysis the challenge lies in
harnessing ai's full potential to stay
ahead of the curve and this really
involves uh develop in like a clear
strategy for AI integration that aligns
with your organization's goals and
operational needs so this includes
identifying key areas where AI can have
the most significant impact such as you
know customer service uh product
development or operational
efficiency and the number one question
we get asked at side one is how will our
organization be able to seize the full
potential of AI while safeguarding our
business our data and our employees and
we'll and we'll talk about that
shortly um but before we do I want to
talk about the partnership between open
Ai and Microsoft and this is obviously a
groundbreaking collaboration that merges
you know open eyes Cutting Edge
artificial intelligence research with
Microsoft's robust infrastructure and
Market reach and markof to investment in
open air I shared you know a vision for
the future of of artificial intelligence
and and this collaboration has led to
several key developments such as you
know azure's AI supercomputing
infrastructure to open our uses
Microsoft aures powerful uh Computing
capabilities to train and run
increasingly complex AI
models and the joint Innovations has
made the partnership committed to
Bringing New Market
and new AI technologies that can benefit
people and organizations and throughout
this collaboration we've seen the
integration of advanced AI features into
to Microsoft 365 products enhancing
productivity and creating tools like you
know natural language summarization code
generation and much more and both open
Ai and Microsoft are deeply committed to
the ethical development and deployment
of
AI and Microsoft's investment in open AI
also includes funding for ongoing AI
research and development ensuring that
the partnership you know continues to
drive innovation in AI Technologies and
this long-term commitment supports open
A's mission to ensure that artificial
intelligence benefits from uh
Humanity right now
leading right now this is obviously
leading to the rapid adoption of AI but
it it doesn't come without you know it
set of
risks and the Swift of adoption of AI in
the business realm is is surfacing
significant challenges with with any
size organization and it's not just the
technology engineering side you know
concerns are widespread with many
organizations you know recognizing the
urgent need for oversight on AI usage
you know indicating a substantial
portion grappling with insufficient
management risk
controls you know looking ahead there's
there's an exception or an
expectation of increased regulatory
scrutiny and predictions suggest
potential regulatory
consequences for non-compliance in data
protection and AI
governance and this landscape calls for
immediate attention to establish
comprehensive governance Frameworks and
and data protection measures to really
to really navigate these challenges you
know effectively and ethically and it
really all starts with you know the
Microsoft shared responsibility model so
when you look at integrating AI into
your operations it it's crucial to
comprehend the shared responsibility
model and this framework outlines the
tasks handled by the AI service
providers versus those your
organizations must manage so the extent
of your responsibilities will depend on
whether you're utilizing you know SAS
pass or I
Technologies and each model requires a
different level of oversight and control
over operations and security
policies so it's pivotal to identify and
fulfill your obligations to ensure that
the safe deployment of AI
Technologies and in the architecture of
AI uh enabled applications there are
three functional layers where tasks are
divided between the AI service provider
and the client and the AI platform is
the foundation supplying AI capabilities
through
apis and it's vital to develop and
defend this platform's infrastructure
which encompasses the AI models training
data and model specific
parameters so a key objective for this
layer is to establish defense against
dangerous inputs to the AI
model and to monitor for any harmful
outputs that generative models might
produce adapting safeguards as as
threats
evolves so the AI application layer is
where users directly interact with AI
functionalities so it can range from
simple to complex systems you know
simple applications might only pass I
don't know user prompts to an AI model
whereas more complex ones might pass
additional context connecting with other
data sources or other data streams to
enhance uh that response which makes it
a more complex process because it has to
hit more data
points so security within this layer is
obviously Paramount and it involves
rigorous inspection of both the prompts
sent to the AI and the data exchanged
with the plugins or other you know
Integrations from that complex
model so the AI layer usage really
pertains to the practical application of
AI technology so unlike traditional
interfaces generative AI is is highly
interactive molding itself to the
users's
intentions so this Dynamic nature places
more control in the user's hand thereby
underscoring the need for robust
security
measures ensuring safe AI usage really
involves comprehensive identity and
access
management Vigilant monitoring of
devices and stringent data governance
and these are fundamental for
safeguarding the system's integrity
and the stakeholders involved which is
why when you look at adopting AI you you
need to prepare for
it and when you're looking at preparing
for artificial intelligence it doesn't
matter what it is obviously this is
focused on co-pilot but you need to be
asking yourself you know what are your
goals for using AI do you want to
implement artificial intelligence driven
analytics or product development for
Competitive Edge or or just use you know
co-pilot to be more efficient for your
day-to-day
tasks and then what are your current pay
points is there anything where you think
you can leverage AI to help with you
know automating repetitive tasks you
know reducing that human
error you may think you might be using
AI at the minute you know leveraging
existing Cloud
infrastructures might be you know able
to Pilot AI projects into customers and
and segment you know Target marketing
the biggest thing is does your
organization have a data strategy now
this this is this is a really big topic
we won't go into it that much into this
webinar but you need to look at you know
data collection and storage do do you
have large amounts of structured and a
structured data and where is it stored
are you leveraging uh a data governance
model like perview for data Discovery
you know ensuring that data is managed
accordingly with controls uh compliance
like gdpr and
Hippa do you have any data protection
are you leveraging tools for data
classification and ensuring that secured
data is at rest and in transit and is it
labeled with any
watermarks and finally does does your
organization have the necessary
infrastructure and resources to support
the AI initiatives you know for for
copal you just need a valid 365
subscription um and then that gives you
access to the uh components I'll talk
about right now with um the
365 and then once you understand the bus
your your business case and you've
reviewed the risk then you can start
leveraging Microsoft 365 for copilot and
yes this is an absolute GameChanger and
Copart really frees your mind from the
tools and repetitive tasks so you can
spend more time focusing on what matters
like running your day today business you
know growing your customers building
your brand and and scaling
securely and copilot is embedded across
all the Microsoft 365 apps that you use
today so you can be more creative in
word more Analytical in Excel more
expressive in PowerPoint more productive
in Outlook and and more collaborative in
teams and copon it really helps you with
everyday workday effic
icies so you can ask copilot to to
summarize a long PDF you know if there's
a service description or some sort of
legal document and you only want to know
you know the key points of this maybe
it's something to do with financials or
you know how long is a project going to
take Etc you know you can drop the PDF
in and as co-pilot to summary it
focusing on on on specific
areas maybe working on a PowerPoint
presentation you need visuals well
copilot's got you covered you know it
generates images that can enhance your
presentations and reports you know
making them more
engaging and if you need you know
specific answers for complex questions
you know when you've got tough queries
copilot can really act as your as your
research assistant offering indepth
answers to to complex questions and
saving you a lot of time and
effort and I just want to talk about
this this scenario right here because
this is the great scenario
um to really help you understand the art
that possible so so goet for 365 can
help you create a more efficient hiring
process from a HR perspective you know
this can help reduce cost improve
productivity and help ensuring that
you're selected the most suitable
candidates for the right
role so you could use word to create a
job description for a sock engineer or
based on your internal sock requirements
and then leverage co-pilot based on the
candidate CV to provide you know a
summary of the skills experience and
qualifications and then you can use
co-pilot Loop to create a set of
interview questions for the position you
know ask about previous experience goals
include some questions about you know
personal interests Etc and then conduct
a group interview in teams and ask
co-pilot to summarize the
contributions of that candidate
and then if they are successful and
you've agreed then use cobet to create
an offer letter you know in word for the
position of the sock engineer with the
start date of whatever whatever it may
be and then include benefits from our
handbook so you may have a handbook
benefits right and just get that thrown
straight in there and copilot for 365
really
enhances efficiency by streamlining
workflows and automating tasks
enabling users to focus on you know high
value
work and another scenario is is really
based on uh CEO Dominic so Dominic
obviously starts the day at 7 a.m. and
he has a customer call and he uses cilet
to in teams to help understand you know
customers requirement because they might
be interested in in sock services at
8:30 he realizes co-pilot he he utilizes
coopy outl sorry to manage his emails
more efficiently replying to you know
all the sales team to ask how the
proposals coming on then at 9:00 a.m. he
catches up on his Miss meetings with
copilot and teams and notify him of any
actions that he needs to follow up
on so Chris is who's a ceoo he's
probably had an action to say you know
what time are we getting to the event on
on this day um is there anything that we
need to prepare for Etc and then at 2 pm
you know Dominic kicks off uh his event
speech and he uses co-pilot in word to
really add a section about you know new
schemes coming up new Ventures that
we're working on then at 3 p.m.
Dominic's notified of a of a critical P1
you know in the sock so he uses co-pilot
to summarize relevant communication to
understand the situation and the
scenario and the severity and at 7 p.m.
after the incident is resolved Dominic
then starts working on a speech for the
Cyber one kickoff event and he has
co-pilot in word for you know humorous
opening
lines and this is really just a a small
preview of the capabilities that copilot
can
provide now there is obviously some
foundational aspects of 365 which are
designed for the needs of the
Enterprise so Microsoft as always they
do a lot of research before they go
release products to make sure that it is
business ready and Microsoft have mapped
their efforts to the AI principles and
responsible AI standard which are built
on Decades of research and privacy
preserving machine learning and these
principles emphasize you know fairness
reliability safety privacy security
inclusiveness transparency and
accountability and by here aering to
these standards copilot represents a new
era of AI that is ethical
responsible and obviously aligned with
human
values so copal automatically inherits
your organization security and
compliance and privacy policies from
365 so data is managed in line with your
current commitments so copala large
language model is not trained on your
tenant
data and Microsoft have worked to design
that experience that prioritizes human
agency and puts the user in
control and the technology under linning
copilot is it's not an overnight
Innovation you know it's built on
Decades of research um natural language
processing and machine learning and this
research is focused on understanding and
processing human language in a way that
respects privacy security and really
laying the groundwork down for co-pilot
capabilities but there needs to be a
level of governance in place before
organizations should even think about
you know adopting copilot even if it's
only you know a couple of
licenses so I want to talk about the the
six AI principles which are the
foundations for the responsible Ai and
governance
framework so this fan Foundation frames
the raai standard and your internal
policy which serve as strict guidelines
for the development of AI technology now
I won't go into too much detail here but
I just want to cover these off really
quickly so auditing and in responsible
AI is is pivotal for ensuring that AI
systems adhere to ethical standards
throughout their life cycle continuous
monitoring by Microsoft guarantees the
Integrity of these systems by E
emphasizing a commitment to ethical AI
you know adherence to Legal Frameworks
and ensuring that AI development is in
lined with ethical considerations
through comprehensive implementation
strategies so this includes the
integration of Ethics from the outset
establishing clear oversight roles and
leveraging specific tools designed to
maintain ethical
standards so even with you know these
comprehensive AI security principles in
place there is still a risk and it's a
very big risk of AI behaving in
undesirable ways and this would result
in human activity controlling this
Behavior so it's crucial for
organizations to have a set of robust
security controls in place to hopefully
you know counteract adversarial actions
in the event of a breach and this starts
with you know knowing your data and
understanding your
risks so first we have to look at you
know what is sensitive data to you what
could be sensitive dat it could be
anything so it could be passport numbers
driving license numbers credit card
numbers bank account numbers Trade
Secrets you know Network topology
diagrams that have you know IP addresses
with the port numbers on there you know
this is sensitive
data and where does that data live so
the data stored in on premise in
physical service is it in SharePoint um
teams one drive is it St locally on on
an employees
laptop then who has access to that what
content is being created that employees
can access and is it internal and
external to the organization or is it
one or the other
and who has that access control you know
is there access management controls in
place to
prevent you know things being shared
with other people that don't have the
right access and and how is it used you
know are there certain parts of
sensitive data exposed to third parties
or individuals you know like
contractors that that shouldn't you know
have permanent access but only
temporarily
access and then and then what is the
risk you know what is the
risk the risk of date exposure could
really lead to financial loss
reputational damage legal consequences
for an
organization and the impact and the cost
of a data breach could
substantially you know give you huge
financial losses regulatory
fines and long-term reputational harm
and then with all the areas and risks
identified we need to understand how we
can protect
that and it's all starts with data
classification which kind of brings me
back to beginning quite nicely so start
by you know classifying your data
leverage automatic classification if you
have purview available you know then tag
your data with data labeling enure that
correct labeling is in place for each
sensitivity area so that if a user opens
a Word document and copies a passport in
a passport number in sorry then you can
be sure that it's going to
automatically classify that document
regardless if they set the label to say
General because perview is going to know
that it contains a passport number and
that level has already been set up with
the top level
hierarchy and then data access controls
you know if you look at identifying and
Authentication so ensuring that only
verified users can access systems you
know MFA that I mean that should be
enabled
globally I don't care what what
environment or what organization you
work in MFA is is the the first control
which should ever be turned on and it
should be turned on for everything you
know managed endpoint security devices
conditional access and if we look at
authorization you know defining what
users and what resources can they access
once they're authenticated making sure
that you leverage role base Access
Control you know group memberships you
no individual users should be assigned
to to to to any one given access uh
control and then data protection
controls enforcing watermarks on
statement of works and purchase order
the documents you know that's going to
help prevent data leakage you know
forcing time based restrict restrictions
you know limiting access to systems two
specific times of the day or the week
geographical restrictions you know
ensuring that access is only based on
the geographical location of that user
you know conditional
access a data life cycle you know having
a good data hygiene in place is is
absolutely crucial for something like
copilot you know where is the data being
collected where is it being process
where is it stored how often are these
files being accessed is if a file's not
been accessed for I don't know a year
two years do we still need this file
let's have a look at archiving that do
we have a sharing data
process and you know that's that's a lot
of good points to really focus on but
before you go en aable copal you really
need to look at you know the security
risks as we've mentioned you know
identity and in any organization the
overarching principle for for user
access you know users should only have
the concept of lease privilege you know
granting user access for that necessary
role and Regulatory monitoring of user
access is essential to ensure you know
compliance with this principle and it's
also critical to verify access
explicitly to avoid any implicit
trust additionally always assume breach
you know this is the mindset that should
be maintained which means operating
under the belief that breaches can and
will occur thereby staying Vigilant and
prepared to respond
effectively and obviously the most
common attack Vector in cyber security
is fishing so monitoring High privileged
accounts you know if it admins have
access to everything Ensure that they
are being monitored you know with like
micros Sentinel or something like
that but if their account did get
breached an adversary could take you
know full control of co-pilot asking
them to you know summarize an email in
the same tone as before and attach a
fishing
link for malware to damage the com
company so this is why identity needs to
be taken very seriously regular fishing
campaigns
monitoring of those High privileged
accounts and users are going to help you
know really mitigate that down the long
long
time and if we look at data so data
leakage so tagging and classification
needs to be in place you know automatic
tagging for unclassified documents that
you know include sensitive information
you know applying watermarks to
confidential documents forcing labels to
ensure you know documents are secured
and and labeled with the right
classification and this you know kind of
to to to recap you know Game Changer or
risk maker it's both really yes it is
absolutely a GameChanger but it also is
a risk
maker without having the fundamental
controls and boundaries and policies in
place
it would
be so much reputational damage if you
went an enabled co-pilot and you know a
user might have access to something that
you don't even know for
example someone might be in the same
team they get co-pilot enabled and they
may see you know performance reviews or
you know pay increases because that
information is set in a SharePoint site
or a team site which they may not have
access to but a simple keyword search
with copilot and it will go and find
that information if it has access to if
it doesn't have access to it's still
going to respect the Privacy boundaries
of that it's not going to say you don't
have access to this it's just going to
say it can't find any information from
that but yes it's a game Cher obviously
use AI responsibly you know you can
achieve a lot with Microsoft 365 for
co-pilot
but again security controls in your
organizations you must understand the
risk you must improve your security
protection and with that I'd like
to showcase our uh 5-day
Workshop which really gets you ready for
uh for co-pilot so first we'd establish
some stakeholders to talk to up to up to
five of them we' outline you know the
activities which are going to be DEC
discovered we'll give you an overview of
copilot have a look at the uh uh the pre
workshop and then explore the data
classifications and governance within
the Microsoft
ecosystem we review a joint assessment
with you now this would cover data
security identity and endpoint
management and then once you've analyzed
that we' then look at having okay we've
got the technical co-pilot
configurations here how we're going to
prioritize uh your deployment who we
going to roll out this to First and we'd
look at having a phased implementation
of a road map and then a an adoption of
continuous Improvement and provide you
with communication of uh an effective
communication
plan thanks Craig um hopefully everybody
found that useful we have had a couple
of questions in so um let's quickly take
a look at what we have so first uh we've
got got question that's um asking how
secure is the information processed by
Microsoft 365 co-pilot Craig do you want
to have a crack at that yeah sure um
that's a really good question actually
so so Microsoft really
prioritizes um security and compliance
across all of the 365 services including
including copilot um the information is
processed by copilot and it adheres to
Microsoft's uh stringent data protection
and privacy policies so it really
employs you know the advanced security
measures to safeguard you know your
personal data ensuring that access and
uh the process complies with um
organizational policies and your
industry
standards thanks Greg um I have a second
question here is Microsoft 365 copilot
capable of scheduling meetings based on
conversations yeah yeah absolutely it is
uh and this is this is one of the great
features of co-pilot which you know it
can help schedule those meetings
directly from an email conversation so
it understands the context and the
preferences mentioned in the emails and
then it can propose like meeting time so
the participate uh participants that are
involved within this email and then
manage the responses and it even sets up
the meeting in your calendar by
automating uh this coordination process
in the
background fantastic um and I think this
is the last question that we have um how
does Microsoft 365 co-pilot assist with
data analysis in
Excel yeah that's a good one um so so
using Excel with 365 for co-pilot you
know it can interpretate data you know
by providing natural uh insights through
the natural language uh queries so it
can analyze like Trends from uh
different types of data create like
complex formulas um generate you know
summaries of the data making it easier
to to help really like draw a conclusion
for um for that
type thanks great and actually we've had
another question so uh it is great
explanation about Ai and co-pilot um
thank you uh is a Min requirement for
all this to work what is the minimum
requirement for all this to work what is
or at what point do you look and suggest
the licensing levels
required so so there used to be a
minimum requirement of 300 licenses for
co-pilot but now Microsoft has removed
that limit so now it's any you can have
1 10 a th000 it doesn't matter um but
the but the focus boundaries for the
security principles are to to really
make sure that you're stringent on your
on your data protection needs so if you
don't have um you know licenses for like
perview this is the biggest driver for
for Microsoft co-pilot because it helps
understand your data a high container
architectural layer and having perview
really helps understand you know what
users can access how we can enforce
policies and um you know protect data at
that point so if you have macrosoft 365
business premium I think you can get the
add-on for perview which is which is
great for that um uh for that
license brilliant and just I think just
to clarify also Craig
um co-pilots available for is it
business premium e35 I got that right
yeah that's right yeah so um most
licensing levels will cover it obviously
you need to make sure you've got access
to the Security Suite to make sure you
can put your data classification in
place so there might be I think it's a
couple of other add-ons that if you're
an E3 um or um uh uh yeah if you're an
E3 uh user that that you'll need to
implement as well for to for Access for
for perview impr yeah um another another
question can co-pilot evaluate SQL date
and can and provide reporting into
powerbi uh yes it can so it can easily
facilitate the uh evaluation of SQL data
um it would first then assist uh in like
data extraction from the SQL database by
using uh powerbi queries and then
transform and load that data in the
powerbi model um and then you can
copilot can help assisting in generating
reports and dashboards along that and
helping visualize that
invited to come along and if you want a
bit more of a face tace dive into into
um um co-pilot and and The Game Changer
risk maker conversation please do do
come along in the meantime um both
thanks um from both Craig and myself and
and hopefully you've enjoyed this and we
look forward to delivering another
webinar to you very soon thank you very
much
Browse More Related Video
5.0 / 5 (0 votes)