Copilot for Security: Protecting Your Data, Sharing It with Microsoft

You already know that Copilot for Security can only access the data that its user has access to. But there's a small catch: certain data is automatically sent to Microsoft. Let's take a closer look at why this is the case and what it means for your company so that you can keep control of your company data.

SPOILER: Here are the instructions on how to switch off automatic customer data sharing with just one click!

https://www.bruehlsolutions.de/post/so-unterbindest-du-die-automatische-kundendatenfreigabe-in-microsoft-vom-copilot-for-security

What is automatic customer data sharing?

When using Copilot for Security, customer data is automatically forwarded to Microsoft if you do not actively prevent it. Microsoft uses this data to improve Copilot for Security and deletes it automatically after 90 days at the latest.

What data is passed on to Microsoft here?

Imagine you are searching for a specific file in Copilot for Security. This search query is recorded and helps Microsoft to understand which types of files are most important to you. Microsoft records the following interactions:

• User interactions: Every search, command and configuration a user makes with Copilot for Security is recorded. So if you frequently search for information on the security of IoT devices, Copilot for Security could provide you with targeted tips and warnings on this topic in the future.
• Threat data: Information about identified threats and the measures taken to defend against them.
• Configuration data: Information about the customer's IT environment, such as software and hardware used.

Microsoft accesses all customer data used, even if it is classified as protected and sensitive. This means that certain Microsoft employees theoretically have access to your protected company data and business secrets.

What is this data used for?

• Model improvement: Microsoft uses this data to continuously improve the algorithms of Copilot for Security. This enables the tool to recognise threats ever more accurately and combat them more effectively.
• Personalisation: Copilot for Security can adapt the recommendations and warnings to the individual needs of the customer based on the data collected.
• New functions: Analysing customer data enables Microsoft to develop new functions and services that meet customer requirements even better.

What does Microsoft do to protect company data?

The actual access to the collected data, which goes beyond user analyses, is subject to strict guidelines and controls. In very simplified terms, these guidelines can be summarised in the following three points:

1. Sensitive Uses Programme: Microsoft has a Sensitive Uses Programme that ensures that projects such as ‘Copilot for Security’ undergo a thorough review to identify and mitigate potential risks. This means that access to sensitive data is only granted under certain conditions and with appropriate authorizations.
2. Controlled access: Access to sensitive data is usually restricted to authorized employees who have a specific role or responsibility in relation to the security and protection of this data. Microsoft implements security measures to ensure that only the necessary information is used to improve services.
3. Transparency and accountability: Microsoft emphasizes the importance of transparency and accountability when handling customer data. The company has policies that govern the handling of sensitive information to ensure that customer privacy is maintained and that sensitive data is not misused.

Data protection concerns at Copilot for Security

The German General Data Protection Regulation (GDPR) severely restricts the collection, processing and use of personal data. It is questionable whether the comprehensive data sharing required for services such as Microsoft Copilot for Security is always compatible with these requirements, especially with regard to purpose limitation and data minimisation. I would therefore advise you to check carefully whether your company wants to support Microsoft with automatic customer data sharing.

Conclusion

Automatic data collection with Microsoft Copilot for Security is a double-edged sword. On the one hand, it makes it possible to develop a powerful cyber security tool. On the other hand, it raises important data protection issues that need to be carefully considered.

For organizations using Copilot for Security, it is important to carefully review Microsoft's privacy policy and ensure that data collection and use complies with your own privacy policies.

?? And if your organization has decided to disable automatic customer data sharing, you can find the instructions here ;) .