Copilot works strictly within each employee's existing access rights. It makes no judgment about whether that access is legitimate: if an HR file, a contract or a strategic document is shared too widely, Copilot will find it and surface it, in a single prompt, to anyone who technically has access.

Copilot inherits your access rights, not your judgment

This is what most leaders discover too late: Copilot doesn't open a new door, it walks through the ones already open. A misconfigured SharePoint site, an "entire organisation" sharing link, an inherited permission no one ever reviewed: blind spots that go unnoticed day to day and become immediately exploitable the moment Copilot indexes that content and returns it on a simple natural-language query.

Oversharing, in numbers

Concentric AI's data is unambiguous: on average, 16% of an organisation's critical data is overshared, roughly 802,000 files accessible to people who shouldn't have access. On the usage side, a majority of employees already use AI tools without any governance. The intersection of the two is exactly what Copilot amplifies.

EchoLeak: a useful reminder, but not the real risk

The EchoLeak flaw (CVE-2025-32711, CVSS 9.3) showed that a zero-click data exfiltration, through a single email, was possible via Copilot. Microsoft fixed it (server-side patch, May 2026). But the most lasting risk isn't a vendor bug that's already patched: it's your own sharing configuration, which no patch fixes for you.

What to address before switching Copilot on

The good news: all of this can be handled upstream, with native Microsoft tools. The point isn't to buy yet another solution, but to set up what you already have:

  • Access and identity inventory (Entra ID): stale accounts, guests, over-permissioned groups.
  • Oversharing detection: over-permissioned sites, anonymous links, inherited access (SharePoint Advanced Management).
  • Sensitivity labels and DLP policies tuned for Copilot (Microsoft Purview).
  • Restricting the indexing scope before scaling up (Restricted SharePoint Search).

Microsoft itself recommends a phased approach: pilot, deploy, operate. The classic mistake is to switch Copilot on broadly first, and discover the oversharing later, through an incident.

The added obligation: AI literacy (AI Act, Article 4)

Since 2 February 2025, the AI Act requires every company to ensure the AI literacy of its staff, with enforcement by authorities from 2 August 2026. This obligation applies regardless of the risk level. Securing your Copilot deployment and training your teams to use it are two sides of the same effort to stay in control.

Our approach: Copilot Readiness

We address oversharing before Copilot is switched on: an inventory of access and usage, a risk score, and a prioritised remediation plan, with a concrete deliverable. It's the security layer, complementary to our AI ActReady offering focused on compliance.