Skip to content
Pro IT NW

Field notes · 9 min read ·

Share

Copilot Readiness: 12,000-Permission Problem

Most enterprises have 12,000+ unique permissions to remediate before Copilot can safely deploy.

The CEO read an article. The board asked the CIO. The CIO told the IT director: "make us AI-ready." The IT director licensed Microsoft 365 Copilot. Two weeks after rollout, the head of HR finds out an account manager just asked Copilot to "summarize what we know about Sarah" — and got back her salary, her last performance review, and her severance package details from a misfiled HR document on a SharePoint site nobody remembered restricting.

This is the Copilot readiness problem in one paragraph. The license is the easy part. The hard part is making sure your existing permission and labeling architecture doesn't turn Copilot into a real-time data exposure engine.

The 12,000-permission number

Industry research from data-governance vendors consistently puts the average mid-market and enterprise tenant at more than 12,000 unique sharing permissions across SharePoint and OneDrive (Concentric AI's 2024 data-risk report and parallel reporting from Varonis arrive at similar mid-five-figure numbers once "Everyone except external" grants and stale share links are counted). Most of them were granted organically — someone shared a file, someone added a guest user, someone clicked "Anyone with the link" because it was Tuesday afternoon and the meeting was about to start.

None of those decisions were audited. Most weren't documented. Many were made by people who no longer work at the company. The cumulative effect: a permission graph that even your IT team can't reason about.

Before Copilot, that graph mostly didn't matter. Files that were over-shared sat there and nobody read them. The only people who ran into the over-sharing were determined searchers — and the search experience was bad enough that most people gave up before they hit the sensitive stuff.

Copilot changes that completely. Copilot reads everything a user has access to. Not "everything they actively use." Not "everything they've opened recently." Everything. And it surfaces it in a friendly conversational interface, with summarization, with cross-document synthesis. The barrier to discovery just collapsed to zero.

The mental model to adopt: Copilot is your most curious, fastest-reading employee. It will find everything any user has access to. If you wouldn't be comfortable with an intern reading every document a user can open, you shouldn't be comfortable with Copilot reading them either.

Why "Copilot guardrails" is not a switch

The most common misunderstanding we hear: "We'll just turn on the Copilot guardrails." There is no guardrails switch. The guardrails ARE your existing Microsoft 365 architecture:

  • Permissions determine what Copilot can read for any given user.
  • Sensitivity labels determine what Copilot is allowed to redact, summarize, or output.
  • Microsoft Purview policies determine what gets flagged, retained, or DLP-blocked.
  • Conditional Access determines which devices and locations can invoke Copilot at all.

None of those are Copilot features. They're Microsoft 365 features Copilot relies on. If your tenant doesn't have sensitivity labels deployed, Copilot has no notion of "sensitive." If your permission inheritance is a mess, Copilot inherits the mess. There is no way to make Copilot safer than the underlying environment.

What "Copilot readiness" actually means

Concretely, a Copilot-ready tenant has the following in place. Most enterprises have one or two of these. Very few have all of them.

Permission inventory and rationalization

You know — at minimum, in a queryable report — every site, library, and folder that has unique (broken-inheritance) permissions, every "Everyone-Except-External-Users" grant, every guest user with content access, and every share link still active. You have a remediation plan for the worst offenders.

Sensitivity labels deployed and applied

Not just defined — actually applied to content. At minimum: General, Internal, Confidential, Highly Confidential (or your equivalent taxonomy). Auto-labeling rules in Purview catching the obvious sensitive content. End users trained on when to apply labels manually.

Purview DLP policies tuned

Data Loss Prevention policies that match your sensitivity-label taxonomy. At minimum: block external sharing of Confidential and Highly Confidential. Audit-only mode for new policies until you've validated false-positive rates.

Retention policies in place

A defined retention schedule for content categories. Old, irrelevant content is being purged on a schedule — not accumulating forever as Copilot food.

Conditional Access for Copilot

Copilot invocation gated to managed devices and trusted locations. Not "anywhere with M365 credentials."

License entitlement plan

You know who's getting Copilot, who isn't, and why. (Spoiler: probably not everyone needs it. The ROI math on Copilot licensing is not friendly to "just give it to everyone.")

The real costs of an unprepared rollout

Data exposure incidents

The HR / payroll / severance scenario at the top of this post is not hypothetical. It happens. The remediation cost is in legal time, possible regulatory disclosures, and the "we need to investigate every Copilot conversation that might have surfaced this" exercise. Six-figure incident in mid-market.

Compliance exposure

HIPAA, PCI, SOC 2, CMMC — every framework cares about who can access what data. Copilot can move you from "compliant with reasonable access controls" to "actively violating" overnight if labels and DLP aren't in place.

Revoked licenses

Companies that roll out Copilot too fast and then have an incident often respond by revoking everyone's Copilot license while they figure out what to do. That's $30/user/month of license you bought and aren't using, plus the political damage of "we tried Copilot and it didn't work."

Trust loss with the executive sponsor

Worst long-term cost. Once the CIO has had to explain a Copilot-related data incident to the CEO, the appetite for Microsoft AI investment evaporates for years.

The 2-week readiness assessment

What we deliver, in two weeks, fixed fee — and now listed as a Microsoft Marketplace consulting offer:

  1. Permission inventory across every SharePoint site and every OneDrive personal storage. Scored by exposure level.
  2. Oversharing report — every "Everyone except external," every active guest with content access, every still-live share link, every broken-inheritance hotspot.
  3. Sensitivity-label readiness audit — what exists, what's missing, what's defined-but-unused.
  4. Purview DLP and retention current state — what's deployed, what's in audit-only, what's in enforce.
  5. License entitlement plan — who should get Copilot first, who can wait, who shouldn't.
  6. Written go-live recommendation — green / yellow / red per workload, with a remediation roadmap if red.

The output is a written assessment for the CIO, board, IT director, and (with the customer's compliance program) the auditor — not a sales pitch with a deliverable label.

Common mistakes we see

"We'll do permissions later"

Permissions are not a "later" item. Copilot is reading them right now. Every day Copilot is enabled before permissions are rationalized is a day you're rolling the dice on a data incident. If the rollout is already done, the readiness work moves from preventive to remediative — but it doesn't get less urgent.

Treating Copilot as IT-only

Copilot readiness is a cross-functional project. HR, legal, compliance, and the security team all have stakes. The IT team can do the technical work, but the policy decisions about labels, retention, and DLP need business-side input. Don't try to do this entirely from IT.

Buying labels but not training users

Sensitivity labels rolled out without user training generate three classes of behavior: people who never label (default), people who label everything as Confidential out of caution (over-labels), and people who deliberately mislabel to avoid DLP friction (worst). All three undermine the system. Training and change management are not optional.

Skipping the audit-only DLP phase

Going straight from "no DLP" to "enforce DLP" generates a wave of false positives that breaks workflows and burns political capital. Always run audit-only first to surface the false-positive patterns, then enforce.

Related reading

Sources and further reading

The 30-second version

The Copilot license is the easy part. The hard part is the permission, label, and DLP architecture that makes Copilot safe to enable. There is no "Copilot guardrails" switch — the guardrails are your existing M365 architecture. Most enterprises need 4–12 weeks of remediation work before a safe Copilot rollout. We can scope that for you in two weeks via the Marketplace assessment offer, and the project intake form kicks it off.


Pro IT NW does senior-led Microsoft project work. Vendor-neutral. Labor-only. The Copilot Readiness assessment is a fixed-fee, 2-week engagement listed on Microsoft Marketplace.

Written by the team at Pro IT NW · Senior-led Microsoft project consultancy · Seattle / USA-wide.

Have a project on the runway?

Tell us the workload, the seat count, and the deadline. We'll come back inside two business days with scope and a fixed-fee range.