Enabling Copilot safely: 3 minimum DLP settings for your SMB

Microsoft Copilot is activated. An employee types in their new Word chat: "Summarise all salary information I've seen today." Copilot dutifully works — and pulls from an accidentally-shared HR spreadsheet, a last-quarter email and a document in a SharePoint this employee should never have had access to. Done — data leak.

This isn't hypothetical. At every SMB we review, we see the same pattern: SharePoints that filled up over the years, users with more permissions than they need, shared folders everyone can access. Before Copilot that was a latent problem; with Copilot it becomes actively exploited by your own AI.

Below the three minimum DLP settings you must have before enabling Copilot.

Why such a risk with Copilot?

Before Copilot, an employee had to actively search for, open and read specific data. Most people don't scroll through SharePoint for hours to find HR data. Copilot does it in 4 seconds, on request.

Specifically: Copilot sees everything the logged-in user can see. So mailboxes others delegated, SharePoint sites the user is member of (even unknowingly), OneDrive folders shared "with everyone in the company", Teams channels, personal notes.

In a typical SMB with 30-50 staff and 5-10 years of M365 history more sensitive data sits in these corners than anyone thinks.

The three minimum DLP settings

1. Restricted SharePoint Search (RSS)

An M365 feature built specifically for Copilot. By default Copilot can search all SharePoint sites and OneDrives the user has rights to. With Restricted SharePoint Search you limit this to a pre-defined "allowed" list.

Time investment: 1 day's work for SMBs up to 100 staff.

2. Sensitivity labels with "Do Not Share with AI" restriction

Sensitivity labels (Microsoft Purview Information Protection) exist for specific documents and files. You define labels like "Public", "Internal", "Confidential", "Strictly Confidential" and tie them to rule-based auto-classification.

For Copilot, critical: documents with "Strictly Confidential" label get a "Do Not Share with AI" property. Copilot then doesn't read these — even if the user has rights.

Time investment: 2-3 days. Requires M365 E3 or higher.

3. Audit and monitoring of Copilot interactions

By default Copilot sits in a black box: you don't know who asked what and what they got back. For compliance that's unacceptable.

Microsoft Purview Audit (Premium) logs every Copilot prompt and response per user, with retention up to 10 years. For SMBs with NIS2 obligations, NEN 7510 or strict legal/healthcare compliance this is mandatory.

Time investment: 1 day. Requires E3 + Purview Audit Premium add-on, or E5.

What we usually advise

Don't activate Copilot before these three pillars stand. Not a single user, not even as pilot. The risk is asymmetric: a Copilot-driven data leak in a Dutch healthcare or legal environment is a bigger incident than a few months delay.

Concrete path:

1. Week 1: Activate Restricted SharePoint Search + identify 2-3 priority-sensitive sites
2. Week 2: Sensitivity labels framework + auto-classification for BSN/medical/customer-ID
3. Week 3: Audit + monitoring setup + management report
4. Week 4: Pilot with 3-5 staff, monitor what Copilot retrieves, run checks
5. Week 5+: Broader rollout if pilot is clean

Want a DLP check on your M365 environment before enabling Copilot? Book a Copilot readiness call. We do a quickscan on your current SharePoint permissions, sensitivity setup and DLP policies, and give a concrete plan within 1 working day.