Insight · Safe AI

Most stalled Copilot rollouts fail for the same reason: the assistant works exactly as designed. Copilot can surface any content the signed-in user can technically reach, and in most tenants that is far more than anyone realizes. Years of broad sharing links, oversized security groups, and orphaned sites mean the average employee can open thousands of files they have never seen. Before AI, that exposure was invisible because nobody went looking. An assistant that searches everything changes that overnight.

Surveys of early enterprise rollouts consistently find the same pattern: a large majority of organizations discover sensitive content was reachable by more people than intended, and oversharing is the single most common reason pilots get paused. The risk is not the AI. It is the permissions underneath it.

The fix is mechanical, not magical: inventory who can access what, tighten sharing defaults, break inheritance where it leaks, apply sensitivity labels to the content that matters, and put DLP policies behind them. Done in that order, Copilot becomes safe to enable in stages rather than a leap of faith.

For Canadian regulated organizations there is a second layer: PIPEDA and Quebec Law 25 both expect demonstrable control over personal information. Not knowing that an intern could open the salary file stops being a defensible position once an AI assistant makes that file one question away. Test your own exposure below.

Book a Microsoft 365 Health Check

← All insights