Table of Contents
Microsoft Copilots
Microsoft Copilot isn’t a single service, but rather a suite of AI-powered assistants designed to enhance productivity and security across various Microsoft products and services. Here’s a breakdown of the different Copilots available:
- Copilot for Azure:
- Focus: Assists with Azure cloud development and management.
- Function: Provides intelligent code completion, resource management suggestions, and infrastructure optimization recommendations.
- Copilot for Dynamics 365:
- Focus: Assists with customer relationship management (CRM) tasks in Dynamics 365.
- Function: Offers data insights, automates repetitive tasks, and suggests next steps for sales and customer service interactions.
- Copilot for Sales:
- Focus: Specifically geared towards sales professionals within Microsoft products.
- Function: Analyzes customer data, suggests personalized communication strategies, and automates sales workflows.
- Copilot for Service:
- Focus: Assists with customer service tasks within Microsoft products.
- Function: Provides relevant customer data, suggests knowledge base articles, and automates repetitive service actions.
Microsoft Copilot for Service overview – Copilot for Service
Copilot for Service provides real-time responses to a human agent from your existing contact center content sources such as a website, SharePoint, and offline files. You can create powerful, agent-facing copilots to boost agent productivity and improve customer satisfaction.
- Security Copilot:
- Focus: Improves security outcomes for security professionals.
- Function: Analyzes data from various Microsoft security services, automates responses to incidents, and provides guidance to security analysts. (Now generally available)
What is Microsoft Security Copilot?
Microsoft Security Copilot is an AI-powered, natural language, security analysis solution designed to help security professionals defend against sophisticated attacks at machine speed and scale.
Security Copilot architecture, I could write a whole series of Security Copilot, love it!
You have two different interfaces, Standalone (securitycopilot.microsoft.com) and Embedded (directly in security.microsoft.com)
- Intune Copilot:
- Focus: Assists with managing devices and security policies in Microsoft Intune.
- Function: Provides insights into device configurations, helps generate compliant policies based on best practices, and helps summarize the impact of new policies.
Use Security Copilot to get device and policy information
You can use Security Copilot to get information about your Intune data, including devices, apps, policies, and groups managed in Intune. You can also compare policies, get device specific details, and get target info for policies.
M365 Copilot
Microsoft 365 Copilot is an intelligent assistant that leverages AI to enhance your workflow within various Microsoft 365 applications. Here’s a breakdown of its technical aspects:
- Understanding Your Work:
- Data Ingestion: Copilot taps into your emails, documents, chats, and other activities within Microsoft 365.
- Natural Language Processing (NLP): It utilizes NLP techniques to analyze the meaning and context of your data, understanding your intent and needs.
- Context-Aware Assistance:
- Machine Learning (ML): Copilot employs machine learning models to personalize its suggestions and actions based on your work patterns, habits, and past interactions.
- Predictive Capabilities: It can anticipate your needs and proactively surface relevant information, actions, or next steps within your workflow.
- Powering Different Features:
- Enhanced Search: Copilot refines search results by considering your context and past interactions, delivering more relevant information.
- Smart Replies & Suggestions: It offers contextually-aware suggestions for email replies, documents, and other tasks, saving you time and effort.
- Automation Workflows: Copilot can automate repetitive tasks based on your past behavior, streamlining your work.
- Underlying Technology:
- Microsoft Graph: Copilot leverages the Microsoft Graph, a comprehensive service that connects and indexes data across various Microsoft 365 applications, providing a centralized knowledge base.
- Azure Artificial Intelligence (AI): It harnesses the power of Azure AI services like NLP and machine learning to analyze user data and generate intelligent recommendations.
What is Semantic Index?
The Microsoft 365 Copilot leverages a powerful semantic indexing technology to enhance your search experience and personalize your workflow within various Microsoft 365 applications. Here’s a detailed breakdown of its technical aspects:
Foundation:
- Microsoft Graph: The semantic index builds upon the Microsoft Graph, a comprehensive service that connects and indexes data across different Microsoft 365 applications. This rich pool of information provides the foundation for understanding user activity and content within the M365 ecosystem.
Dual Indexing Approach:
- User-Level Indexing: Copilot creates a personalized index for each user. This focuses on emails, documents they interact with, and content shared with them. It utilizes techniques like Named Entity Recognition (NER) and Natural Language Processing (NLP) to extract key concepts, people, locations, and other relevant entities from the user’s data. This personalized understanding allows Copilot to surface highly relevant information tailored to each user’s work needs and habits.
- Tenant-Level Indexing (Optional): Additionally, the index can cover text-based SharePoint Online files accessible by multiple users within your organization (enabled through site inheritance). This broader organizational index provides access to company data, fostering collaboration and knowledge sharing. However, it only surfaces results to a specific user if they already have the necessary permissions to access the content, adhering to role-based access control (RBAC).
Vector Representations:
- Beyond traditional keyword matching, the semantic index employs a technique called Vector Space Retrieval. Here, data points (documents, emails, etc.) are mapped into high-dimensional vector spaces. Similar concepts or entities are positioned closer together within this space. This allows Copilot to identify relationships between information elements, even if they don’t share identical keywords. Imagine a web of interconnected ideas, where Copilot can navigate these connections to find the most relevant results for your specific needs.
Machine Learning Integration:
- The semantic index is further enhanced by machine learning (ML) algorithms. These algorithms are trained on user interactions, search queries, and other data points to continuously improve the accuracy and relevance of search results. Over time, Copilot learns your work style, preferences, and frequently used terminology, enabling it to anticipate your needs and proactively surface helpful information or suggestions.
Security baked in?
Well no but the same security constrains exist than with any other SaaS service.
By-default on Underlying Security Practices:
- Data Access Control: Copilot adheres to strict role-based access control (RBAC) within Microsoft 365. This ensures the LLM only accesses and processes data you have permission to see. It can’t access information beyond your individual permissions or organizational boundaries.
- Data Encryption: Data used by Copilot, including your emails, documents, and other activities, is encrypted at rest and in transit using industry-standard encryption protocols. This helps safeguard your information from unauthorized access.
- Microsoft Cloud Infrastructure: Copilot runs on Microsoft’s secure and compliant cloud infrastructure. This infrastructure benefits from rigorous security measures, including physical security, background checks, and multi-layered security controls.
How to make it more secure?
But there are always ways to do more for security
Protect your data
I’m currently making SC-400 study content, which will cover the “Know and Protect your Data” concept.
Using SITs
Section 1 – Implement information protection – Create and SITs and trainable classifiers
The first section of this Study guide is going to cover Information types and trainable classifiers but maybe first introducing the different trials that you can use to try them out, if you donR…
And Sensitivity Labels
Section 2 – Implement information protection – Rest of sensitivity label content and Design
This is the second part of Sensitivity labels. Sensitivity label content continued Configure auto-labeling policies for sensitivity labels Using Auto-labeling policies is called Service-side proces…
Also enable Encryption to those emails
Section 3 – Implement information protection – Design and implement encryption for email messages
Design and implement encryption for email messages Design an email encryption solution based on methods available in Microsoft 365 Features FeatureDescriptionMessage Encryption (OME)- Encrypts mess…
Don’t forget Data Loss
Section 5 – Implement DLP – Create and configure DLP policies
Design DLP policies based on an organization’s requirements Designing Data Loss Prevention could be based on the regulations of your industry or just internal security principles that should be mad…
Also cover those Endpoints
Section 6 – Implement DLP – Implement and monitor Endpoint DLP
Configure advanced DLP rules for devices in DLP policies Supported virtualization You can include virtual machines as monitored devices in the Microsoft Purview compliance portal, and the onboardin…
The traffic with In-browser protection
In-browser protection with Microsoft Edge for Business (Preview)
What is Microsoft Edge for Business? It’s a web browser designed specifically for organizations. It builds upon the standard Microsoft Edge browser, adding features that benefit both IT profe…
Plan you Identity governance
Section 4 – Mitigate identity threats part 1 of 2
Last part was a blast, let’s see how long this one will be as it’s about Identity! Just like you can see from the picture above, Identity is every where and it could be the same Identit…
Section 4 – Mitigate identity threats part 2 of 2
Identity protecting is challenging if you don’t know what you should protect and when you do, you should know how to protect it. In the second part we will be discovering more on Conditional …
And hey, Machine Learning will also help in that!
Reviewers Get AI Help with Access Decisions
Machine learning helps reviewers grant access quickly and securely by suggesting approvals based on past decisions and organizational structure. This is just the first step towards AI-powered access management.
Inactive User Scoping: Cleaning Up Dormant Accounts
New “inactive user scoping” helps admins identify and remove dormant accounts that pose security risks. It goes beyond sign-ins to consider all user activity.
Microsoft Entra ID Governance licensing fundamentals – Microsoft Entra ID Governance
This article describes shows the licensing requirements for Microsoft Entra ID Governance features.
Monitoring
Monitor those actions, use Activity logs to understand what’s happening, who is is logging from where.
Learn about the audit logs in Microsoft Entra ID – Microsoft Entra ID
Learn about the types of activities and events that are captured in Microsoft Entra audit logs and how you can use the logs for troubleshooting.
Access Microsoft Graph activity logs (preview) – Microsoft Graph
Microsoft Graph activity logs are an audit trail of all HTTP requests that the Microsoft Graph service received and processed for a tenant.
And hey, Machine Learning will help in that!
Microsoft will do their best.
- Security Monitoring: Microsoft continuously monitors Copilot and its underlying systems for potential security vulnerabilities. They take proactive steps to address any identified threats and strengthen security measures over time.
- Threat Modeling: Microsoft conducts regular threat modeling exercises to identify potential security risks associated with Copilot’s LLM. These exercises help mitigate risks and ensure the system’s overall security posture.
External resources
But you can do more for those Large Langue Models. See these excellent resources from Elli Shlomo
Meet MSEM
Super-charged next-gen version of Secure score, more comprehensive than ever.
Introducing Microsoft Security Exposure Management
Microsoft is leading the next chapter of attack surface management so organizations can proactively improve their posture and reduce their exposure, faster…
Security Exposure Management actively gathers security posture information and insights from workloads such as:
- Microsoft Defender for Endpoint
- Microsoft Defender for Identity
- Microsoft Defender for Cloud Apps
- Microsoft Defender for Office
- Microsoft Defender for IoT
- Microsoft Secure Score
- Microsoft Defender Vulnerability Management
- Microsoft Defender for Cloud
- Microsoft Entra ID
- Microsoft Defender External Attack Surface Management (EASM)
And it’s friend CSPM
Defender for Cloud simplifies cloud security posture management (CSPM) by continuously assessing your resources across Azure, AWS, and GCP. It offers recommendations to improve your security posture and provides a score to track your progress.
Cloud Security Posture Management (CSPM) – Microsoft Defender for Cloud
Learn more about CSPM in Microsoft Defender for Cloud.
Closure
Like we saw, there is a lot you do can for you SaaS GenAI and the components is uses to generate that information.
If you are developing your own solution for AI, you should also cover the infrastructure underneath, it’s a shared responsibility.
It’s not only about trusting the provider, they are doing their best but you must also.
RSS - Posts