You’re offline. This is a read only version of the page.
Skip to main content
Power Platform Community
Cancel
Forums
Copilot Studio
Power Apps
Power Automate
Power Pages
Blogs
User groups
Galleries
Ideas
Copilot Studio
Power Apps
Power Automate
Power Pages
Resources
Community help
Community support
News
Leaderboard
Learn
Community events
Feedback
Search
Notifications
Announcements
Welcome to the Power Platform Communities
Community site session details
Session Id :
Copy
Close
Power Platform Community
/
Blogs
/
Copilot Studio Community Blog
/
Managing Copilot Security f...
Managing Copilot Security for Knowledge Sources
SaiRT14
1,961
Super User 2025 Season 1
Follow
Like
(
0
)
Share
Report
Explore best practices to manage security for Copilot’s knowledge sources, ensuring your data remains safe while enabling seamless collaboration and efficiency.
Understanding Knowledge Source Security in Copilot
Knowledge sources in Copilot are repositories of information that the AI uses to answer questions and provide insights. These sources can include documents, databases, SharePoint sites, or even custom APIs. Ensuring secure access and use of these knowledge sources involves:
Implementing role-based access control (RBAC).
Managing sensitive data within the sources.
Monitoring and auditing access.
Applying conditional filters to restrict access to specific users or groups.
Best Practices for Securing Knowledge Sources
Leverage Role-Based Access Control (RBAC)
RBAC ensures that only authorized users or groups can access specific knowledge sources. Here’s how to implement RBAC effectively:
Define User Roles: Identify roles based on access needs (e.g., Admin, Editor, Viewer).
Group Users: Use tools like Azure Active Directory (AAD) to group users by their roles or departments.
Assign Permissions: Assign granular permissions to roles for specific knowledge sources.
Example: Allow editors to upload and modify documents but restrict viewers to read-only access.
Use Conditional Access Policies
Conditional access policies restrict access to knowledge sources based on:
User Identity: Block access from unauthorized users or domains.
Location: Restrict access to specific IP ranges or geographic locations.
Device Compliance: Ensure users access knowledge from managed and compliant devices.
Example: Block access to sensitive knowledge sources for users logging in from unmanaged devices.
Encrypt Knowledge Sources
Enable encryption for all knowledge sources:
At Rest: Ensure that documents and databases are encrypted when stored.
In Transit: Use HTTPS/TLS protocols to encrypt data being transmitted to and from Copilot.
Use Metadata for Granular Access
Add metadata to your knowledge sources to tag sensitive or restricted information. Use this metadata to:
Filter access based on user roles or domains.
Implement restrictions on sharing or exposing specific content.
Restricting Knowledge Access Based on Context
To restrict access to specific pieces of knowledge based on the user’s domain, role, or query context. Here’s how to achieve this:
Domain-Based Filtering
Restrict access to knowledge based on the user’s domain (e.g., @company.com):
Add a custom condition in your knowledge source logic to check the user’s domain.
If the domain is not allowed, return a predefined message such as:
“You are not authorized to access this content.”
Query-Level Restrictions
Set up filters to ensure only specific questions are answered based on knowledge context.
Example: If a query relates to sensitive HR data, block responses for unauthorized users.
Setting Up Knowledge Source Security in Copilot Studio
To secure your knowledge sources in Copilot Studio:
Define Knowledge Sources
Add only trusted and verified repositories to Copilot.
Regularly review and update the knowledge sources.
Apply Access Controls
Use the Security Settings in Copilot Studio to assign roles and permissions.
Test Security Configurations
Simulate access scenarios to ensure proper restrictions are applied.
Regularly Update Security Policies:
Review access policies as organizational roles and requirements evolve.
Thank you for your time. For more updates and in-depth insights, visit my
YouTube
and
Blog,
Be sure to
Subscribe
for regular content.
Comments
Add new comment
Comment on this blog post
You don't have the appropriate permissions.
Welcome,
Profile
Messages
My activity
Sign out