The importance of governance significantly increases after implementing Copilot in an organization, as it ensures that AI-driven processes continue to be secure, compliant, and effectively managed. Robust governance helps mitigate risks associated with data handling and user access, enhancing overall operational efficiency.
Implementing AI tools like Copilot in a tenant introduces several governance challenges, primarily because Copilot is a dynamic technology introduced into the M365 ecosystem. Some key issues on the horizon:
Addressing these challenges is crucial for maintaining a secure and efficient collaboration environment.
Effective governance is crucial for managing SharePoint environments in today's dynamic business landscape. With the increasing complexities of content management and the advent of AI tools, organizations need robust solutions to ensure security, compliance, and efficiency. SharePoint Advanced Management (SAM) is a powerful tool to address these challenges, especially when used alongside Copilot.
We recommendation that organizations explore the capabilities and benefits of SAM, use of AI Insights, and how they together elevate both your security posture and your Copilot experience.
Microsoft SharePoint Premium - SharePoint Advanced Management is an add-on for Microsoft 365 that provides IT administrators with tools to enhance content governance during the Microsoft Copilot deployment.
As your organization is investing into Copilot Technical Readiness or managing content post-implementation, you can take advantage of its capabilities, such as:
These 3 key pillars for SharePoint Advanced Management help organizations to manage their environment:
Users frequently add content and collaborate with others. Whether intentionally or unintentionally, they may share content with a wider audience than necessary, potentially exposing data through Copilot. SAM implements robust measures to prevent unauthorized access and sharing of sensitive information through features such as:
DAG insights in the Admin Center can be utilized to identify and remediate overshared content. Below reports are generated against OneDrive and SharePoint sites.
Initiate access reviews with the owners of sites identified in the Permission State and EEEU reports. Prompt site owners to assess and confirm whether the current access patterns are expected or if any action is needed.
Set up policies to prevent search and Copilot from indexing certain sites, ensuring site access is maintained while keeping the site's content out of Copilot and organization-wide Search. These can be selectively applied to any site type.
Set-SPOSite –identity <site-url> -RestrictContentOrgWideSearch $true
The risk of data exposure grows with the number of users having access. Admins should assess sensitive data exposure by reviewing site and item permissions.
💡 Most organizations will have oversharing, though where you want to govern are sites that are sharing with a large number of users. Generating a report based on the 'number of users', as one factor, helps to establish a baseline and track key contributors to potential 'oversharing.
Start-SPODataAccessGovernanceInsight -ReportEntity PermissionedUsers -ReportType Snapshot -Workload SharePoint -CountOfUsersMoreThan 100 -Name "ReportName"
SAM streamlines the creation, maintenance, and archiving of SharePoint sites to ensure efficient use and governance through:
A site that is active may eventually become inactive, potentially after several years. Copilot users could receive outdated results from inactive site content. The feature now allows the creation of policies that target specific site types that are inactive for a specified period. Site owners receive automated alerts and can choose to keep, delete, or archive these sites.
Managing SharePoint sites owned by employees who leave or join the organization is crucial. Ownerless sites pose a risk of unauthorized data exposure through Copilot, as there is no designated owner to manage permissions and content. With this policy admins can set a minimum number of required owners per site (recommended 2).
SAM manages and organizes content effectively to avoid cluttering and maintain a streamlined SharePoint environment, including:
With the new Restricted Site Creation feature, you can manage which groups of users in your organization can create various types of sites. This policy can be controlled granularly for Team sites, Communication sites, or all sites.
Set-SPORestrictedSiteCreation -Enabled:$true
These reports can increase visibility and let you monitor changes made to the SharePoint configuration across various levels of your organization.
As organizations continue to navigate the complexities of content management and AI integration, solutions like SAM become essential for robust governance. By enhancing security and compliance, improving content management, and reducing risks like content sprawl and oversharing through robust permissions, SAM ensures that Copilot operates within a controlled, regulated framework. This synergy allows IT admins and leaders to streamline governance, maintain data integrity, and optimize collaboration, ultimately enhancing the overall effectiveness of SharePoint environments and AI integration.
There are many more features on the roadmap, with additional updates expected to roll out over the next few months. We would recommend building out a tactical roadmap to manage change within your organization.
