Copilot security readiness assessment

Gain detailed understanding of current Microsoft 365 tenant security posture and avoid unauthorized data access risks from over permissioned sites when rolling out Microsoft Copilot for M365. Focusing on Sharepoint and Teams environments, this offering provides both current state assessment and specific recommendations on improvements required. 

Your business challenges

Microsoft Copilot for Microsoft 365 presents only data that each individual can access using the same underlying controls for data access used in other Microsoft 365 services. Unfortunately, most Microsoft 365 tenants are over permissioned - average M365 tenant has 40+million unique permissions, 113K+ sensitive records shared publicly and 27K sharing links active. 

Your business challenges

Our Solution

Target audience

Are you a medium or large business preparing for the Microsoft Copilot rollout but concerned about data confidentiality risks?
Copilots are built to ease information retrieval.
Will your internal users be able to access information they are not entitled to?
Will Microsoft or third parties see any confidential data and will it use it to improve Microsoft services (which is different from using to train underlying LLMs)?

Our standard delivery process:

  • 1-month engagement.
  • Kick-off and Data Privacy and Security review.
  • M365 tenant data collection
    • Identity and Access Management policies
    • DLP policies
    • App Protection policies
    • Device Management
    • Endpoint protection
    • Teams collaboration
    • Sharepoint permissions.
  • Project closure meeting.

Engagement checklist and structure

1. Planning

  • Kickoff meeting, decision of configuration data collection strategies
  • Acquire permissions to access customer tenant (if required)

2. Collection

Data collection (either Squalio or customer led)

3. Analysis

Data analysis and report prep

4. Present

Project closure meeting -final report discussion and next steps

Your benefits and deliverables

Your benefits and deliverables


  • Copilot Security Readiness Assessment, including: 
    • Current M365 tenant security readiness overview 
    • Copilot-specific impact assessment 
    • Key recommendations :
      • Prior rollout 
      • During adoption 


  • Peace of mind – you will learn exactly what information will be available to your employees and Microsoft 
  • Improved cybersecurity posture – data provided can be used to narrow data sharing and access permissions scope. That will decrease cybersecurity risks even if you decide against the Copilot rollout 
  • The path towards Zero Trust – our methodology is grounded in the Zero Trust concept highly recommended by governments, security agencies, and industry associations 

We are ready to tell you more

Stay up-to-date

with the latest news and events from Squalio.

Stay up-to-date