Use Zero Trust security to prepare for AI companions, including Microsoft Copilots
Security, especially data protection, is a top concern when introducing AI tools into an organization. Security recommendations for AI are anchored in Zero Trust. As a leader in security, Microsoft provides a practical roadmap and clear guidance for Zero Trust. By implementing recommended protections as you introduce AI tools and companions, you are building a foundation of Zero Trust security.
This series of articles helps you apply the principles of Zero Trust to Microsoft’s Copilots and similar AI companions. Zero Trust is a security strategy. It isn't a product or a service, but an approach in designing and implementing the following set of security principles:
- Verify explicitly
- Use least privileged access
- Assume breach
Implementing the Zero Trust "never trust, always verify" mindset requires changes to cloud infrastructure, deployment strategy, and implementation.
Layer in protections for AI companions
Microsoft helps you prepare for AI tools and companions and build a Zero Trust foundation at the same time. Take a staged approach starting with protections for web-grounded prompts and maturing to protections for Microsoft 365 graph-grounded prompts. Protections for prompts grounded with data provided by your security tools (Security Copilot) focus on tuning up least privilege practices and honing threat protection.
In the illustration:
- Web-grounded prompts are issued by Copilot for Bing, Edge, and Windows. Microsoft 365 Copilot can also be configured to allow web-grounded prompts.
- Microsoft 365-grounded prompts are issued by Microsoft 365 Copilot. If integration with Copilot for Bing, Edge, and Windows is configured, these copilot experiences can include graph-grounded data (for example, when the web/work toggle is set to work).
- Prompts grounded with your security tools are issued by Microsoft Security Copilot.
Get started with Zero Trust by preparing your environment for AI companions
You can build a Zero Trust foundation by preparing your environment for AI companions.
The following table summarizes the illustration and links to articles for implementing the recommended protections.
Prepare for | Protections | See these Zero Trust articles |
---|---|---|
Web-grounded prompts | User accounts, devices, and some app data. | Microsoft Copilot |
Microsoft 365 graph-grounded promtps | Includes the previous protections plus more robust protection for app data and cloud apps. It also includes adding in threat protection. | Microsoft 365 Copilot |
Prompts grounded with security tools | Focuses on tuning up least privilege access, a key principle of Zero Trust. | Microsoft Security Copilot |
For more information on implementing Zero Trust, see the Zero Trust Guidance Center.