Tobias Maestrini

Getting Your Organization Ready for Microsoft 365 Copilot


AI Copilot Best Practices

Microsoft explains Copilot as the “UI for AI” that makes use of information that is securely grounded on your work data.

Any lack of a good information architecture leads to “Dark data” (the information assets that organizations collect, process and store during regular business activities, but generally fail to use for other purposes) or “ROT data”:

  • R – Redundant: data that has duplacetes sotred actorss multiple locations, perhaps on a differen stystem entirely, perhaps on the system
  • O – Obsolete: information that is no longer accurate or no longer in use. It might be outdated information.
  • T – Trivial: data that refers to files that are insignificant or are not related to the organization such as unofficial emails and employees’ personal files (like pictures).

The data “iceberg”: only 11% is business critical data, whereas 23% is ROT data and 66% Dark data (!).

We have to tidy up that mess. 👆 But: this won’t be achieved by creating folders and folders and folders; cascading folder structures reveal that there is either a lack of governance or poor adoption (or probably both).

Tip

Governance and adoption go hand in hand.

In every organization / tenant / context of Microsoft Copilot, the following “Quadrants of knowledge” exist:

  • Known Knows

  • Known Unknowns (being fully aware of the stuff that an org / person doesn’t kno)

  • Unknown Knows (the org is not aware of the topics)

  • Unknown Unknowns (the org is unaware of risks and inefficiencies caused by their poor maturity level)

Governance

Governance matters: without metadata or proper permissions, documents are buried under layers of irrelevant or outdated files or not accessible. Retention policies are absent, ROT data clutters libraries. As a result known knowledge is not accessible anymore.

Key knowledge exists within the tenant: valuable documents, procedures, or historical data – but no one realizes it.

Steps to follow along when implementing Governance strategies BEFORE a Copilot rollout:

  1. Get rid of the ROT
  2. Check on important permissions
  3. Get help to do SharePoint in a right way
  4. Help users change how they work

To provide a foundation for a well-defined Copilot usage, introduce the following (in the following order):

  1. Restricted SharePoint Search (RSS) – exclude sites from being accessed by Copilot. RSS won’t fix anything; it only buys you some time.
  2. SharePoint Advanced Management – as such: external sharing management, site lifecycle and policy enforcement, data security and compliance, information barriers, conditional access policies, access control polices (unmanaged devices, limited access for sensitive files), enhance data classification and protection (for sensitive files)
  3. Microsoft Purview – will eleiminate ROT data by providing mechanisms for data discovery and classification (labeling), data loss prevention (DLP)

Rely on these three pillars:

To get there, implementing a “Copilot Governance” is a journey (not a destination) – by meaning: you need to continuosly work on it.

👆 There’s homework to do it:

  1. Implement a data cleanup plan – use retention policies and PèoSh to remove ROT data
  2. Strutucter metatdata – simplify folder structures and prioritize metadata tagging
  3. Search optimization – configure Micorosoft Search for better reulsts
  4. Use SharePoint Advanced Management features
  5. Governance and Permissions – Audit and enforce policies
#BishopTells