Navigating the GenAI Course with Microsoft Copilot

Generative artificial intelligence (GenAI) is a hot topic these days, and not just in the IT world. The statistics indicate off-the-charts interest in GenAI’s capabilities, with AI spending predicted to more than double to $300 billion by 2026. Organizations are gearing up, determining how to best incorporate GenAI to significantly enhance their customer relations, revenue growth, cost optimization, business continuity and more. Our own recent white paper discusses the rapid rise of GenAI and how organizations can make the most of this incredible technology while also recognizing and balancing the inherent risks.

Determining where and how to start can be daunting. We talk with clients every day who are evaluating which AI solution will be best for their needs in both the short- and long-term. After identifying meaningful use cases, some of the first questions clients ask is “is my data safe and secure?” and “how will my information be used?” When answering these questions, we advise clients to think both about deployment approach and model architecture: how will this solution be trained, and what are the different models within each type of AI? We encourage clients to consider:

  • Is this AI supervised (includes labeled information that tells the model what’s what)? If so – who labeled and sourced the data?
  • Is this unsupervised (the model finds its own patterns within data)? If so – how much transparency and explainability do we need?
  • Is this reinforced (there was an objective the model was rewarded for accomplishing)? If so – what was the optimization?
  • Is the data used organizational or public?
  • How is this solution architected? Is it public cloud, private cloud, on-premise?

Microsoft has formed a partnership with OpenAI to collaborate on the development of artificial intelligence technologies. The partnership aims to accelerate the development of advanced AI systems and bring the benefits of AI to more people. To begin the AI journey with Microsoft, options range from out-of-the-box solutions to hybrid or custom models. Azure OpenAI, for example, is a hybrid solution that enables users to integrate generative AI into enterprise applications using pre-built large language models. Azure AI empowers users to create and customize models without needing to be data science experts and it can be easily integrated within existing applications or workflows. AI models built within Azure can be created once and deployed almost anywhere, reducing the time and resources needed to scale AI effectively. The solution is designed to be transparent and accountable, enabling organizations to build trust with customers and stakeholders.

One of the fastest, most operationally ready ways to dive into GenAI is to leverage Microsoft Copilot, which is an “out-of-the-box” AI offering that integrates GenAI solutions in Microsoft technologies.

Microsoft Copilot navigating the way

Microsoft Copilot, which has similar functions to ChatGPT, is a combination of Microsoft and OpenAI models and technologies. There are a variety of Copilots available (see chart below), offering productivity, security, development and analysis solutions.

Microsoft 365 Copilot, as just one example, is comprised of a series of digital assistants powered by Microsoft AI. It is generally available now (on or after November 1, 2023). It incorporates a natural language model and leverages data, including calendars, emails, chats, documents, meetings and more and integrates them into Outlook, Word, Excel, PowerPoint, Teams, Viva Engage, Whiteboard and other Microsoft 365 products.

As well, there are some recommended practices to optimize the experience with Microsoft 365 Copilot.

​Prerequisites for Microsoft 365 Copilot:​

  • Data must reside in the Microsoft Cloud​
  • Users must have a Microsoft 365 E3 or E5 license and an Entra ID (Azure AD) Account​
  • For the Microsoft 365 Apps deployed to endpoints, users must be on the Current Channel or Monthly Enterprise Channel.​
  • For some Copilot experiences within OneDrive, users must have a OneDrive for Business account.
  • For some Copilot experiences within Outlook, the new Outlook for Windows or Mac must be used (which is currently in Preview). Users can switch to the new Outlook by clicking ‘Try the new Outlook’ in their existing Microsoft Outlook app.
  • For some Copilot experiences within Microsoft Teams, such as having Copilot summarize meeting notes and actions, the transcription capability in Microsoft Teams must be enabled.
  • Align the organization’s network with the Microsoft 365 network connectivity principles. For example, WebSockets (wss://) must be unblocked from user endpoints to endpoints listed in the Microsoft Endpoint taxonomy for some Copilot experiences in Word, Excel, PowerPoint, Teams and Loop. Review the Microsoft Endpoint Taxonomy for more information.
  • Users must purchase Microsoft 365 Copilot licenses for each user of Copilot ($30/user/month)​


  • Establish sound content and permissions management practices; clean up permissions and instances of oversharing in SharePoint Online, OneDrive for Business and Microsoft Teams. Organizations may utilize either Microsoft Syntex – SharePoint Advanced Management’s Data Governance reports or the Microsoft Graph Connect for SharePoint to identify and clean up oversharing of content​
  • Enable plugins using the Teams admin center to leverage cross-app intelligence experiences ​
  • Learn about, and be aware of, the Semantic Index capability coming to Microsoft 365 later in 2023 for enhanced results in Search and Microsoft 365 Copilot. Note: The Semantic Index also requires a Microsoft 365 E3 or E5 license.

Microsoft Copilots are designed to use the organization’s data, along with its own large language models, to develop results that are relevant to each organization’s needs. For example, Microsoft 365 Copilot utilizes emails, documents, contacts, meeting invitations, chats and other data that is accessible through the Microsoft Graph, to provide responses that are relevant the work being done.

Microsoft Copilots respect the permissions, security controls and boundaries already assigned to the data. While Copilot may feel very much like ChatGPT, let’s be clear, it does not connect Microsoft SaaS applications with ChatGPT. And while Copilot will use each organization’s data, Microsoft has built the platform to ensure that user data is not used for training models, data mining or any other purpose.

Microsoft protecting its Copilot customers

An important consideration when utilizing a generative AI solution to produce new content is potential of copyright infringement, depending on the content sources utilized and output that is produced by the generative AI solution. This can create significant concerns and blockers to organizations adopting a GenAI solution. However, on September 7, 2023, Microsoft announced its Copilot Copyright Commitment, which states that it will indemnify and defend its customers from copyright infringement lawsuits that result from the usage of its Microsoft Copilot generative AI solution. There have been a number of legal articles written on this announcement, and it appears that Microsoft believes its Copilot solution is unlikely to produce content that so closely resembles its source material that it would violate copyright law. This shows that Microsoft has tremendous confidence in its Copilot solution providing significant value to its customers, and that it considers the risk of copyright infringement low.

In its announcement, Microsoft states that indemnity is contingent on the following: “as long as the customer used the guardrails and content filters.” Microsoft has built filters and other technologies designed to reduce the likelihood that Copilot returns infringing content. These include a range of guardrails such as classifiers, metaprompts, content filtering, operational monitoring and abuse detection, including identifying potential infringements on third-party content. Microsoft requires that customers use these technologies in order to qualify for its Copilot Copyright Commitment.

As well, Copilot customers must not attempt to generate infringing materials, including not providing input to a Copilot service that the customer does not have appropriate rights to use

The Copilot Copyright Commitment applies to Copilot output generated from paid versions of Microsoft commercial Copilot services and Bing Chat Enterprise, including Microsoft 365 Copilot which integrates generative AI into Microsoft Word, Excel, PowerPoint, Outlook, Teams and more. It also includes GitHub Copilot.

Ready for AI?

Many organizations are now testing the AI waters and are uncertain where to jump in. As with any technology investment, having a strategic plan is critical to avoiding unhappy users and wasted technology resources. We offer this overview of the critical questions companies should ask to determine their AI readiness:

For those organizations already invested in Microsoft products, we suggest considering one or more Copilot solutions to quickly get started with AI. However, leveraging Microsoft Copilot effectively within an organization involves careful planning, integration, and management to maximize its benefits. As organizations prepare, it is essential to establish a solid foundation to ensure a smooth transition. Listening to the replay of a recent webinar we conducted, titled Are You Ready for (Responsible) AI? How to Embrace the Future of Productivity and Limitless Innovation with Microsoft AI may be a good starting point to gain familiarity with AI, generative AI and the selection of AI options offered by Microsoft. Protiviti has also developed a Microsoft Copilot Readiness Assessment designed for organizations who are ready to start using Copilot but are unsure where to start. The assessment provides an actionable approach to prepare organizations for the implementation and rollout of Microsoft Copilot, including which Copilot is best for your organization’s needs.

Innovations are happening at lightning speed, making it critical to develop AI investment plans around a solution that will sustain itself as innovation happens. Protiviti’s emerging technology experts are also available to help craft a viable, expandable AI strategy for organizations of all sizes.

Read the results of our 2023 Global IT Executive Survey: The Innovation vs. Technical Debt Tug of War.

To learn more about our Microsoft, AI and emerging technologies solutions, contact us.

Christine Livingston

Managing Director
Emerging Technology Solutions

Antonio Maio

Managing Director
Technology Consulting - Microsoft

Subscribe to Topics

In the latest episode, Protiviti’s @KonstantHacker and guest @JulienCamirand from Nord Quantique discuss a new approach to qubit error correction. Listen now! #ProtivitiTech #Quantum #Podcast

#Protiviti is a 2024 Compliance #Microsoft Partner of the Year Finalist. Congrats to this year’s award recipients who were selected based on their commitment to customers, the impact of their solutions, and their exemplary use of Microsoft tech. #MSPartner

How can you tell if a #fintech firm is competent with #GenAI? Certification can certainly distinguish a firm from its competitors, says Protiviti’s Christine Livingston, but is also doesn’t tell the full story about how well they leverage the tech overall.

Generative #AI is set to revolutionize the field of enterprise architecture. Get a comprehensive overview of the impact of #GenAI on EA activities, plus challenges, risks and limitations in the latest Technology Insights blog post. #ProtivitiTech

Protiviti’s @KonstantHacker will join a panel to speak on “Quantum Leap: Securing Manufacturing's Next Frontier with Post Quantum Cryptography” on July 18 in Chicago, IL. Register today for this in-person event. #ProtivitiTech #Quantum

Load More