Copilot pages for IT Admins - Sep 2024 update

  • Thread starter Thread starter dancontoso
  • Start date Start date
D

dancontoso

Today we announced Copilot Pages, a first step in our new design system for knowledge work. Copilot Pages is a dynamic, persistent canvas in Copilot chat designed for multi-player collaboration. With Pages, you can turn insightful Copilot responses into something durable with a side-by-side page that you can edit and, when ready, share with your team to collaborate.



Copilot Pages starts rolling out today for Microsoft 365 Copilot users and soon for Microsoft 365 subscribers.



If you have a Microsoft 365 Copilot license, you and your team can work with Copilot directly on the page when you open it in full screen. In a multiplayer approach, prompt Copilot together as a team to improve and expand responses, learn from each other’s prompts, and organize complex information. With Copilot Pages, human to AI interactions come to life. We see collaborative prompting as the next great step forward in evolving Copilot from an individual, point-in-time exercise into a collaborative experience.



This update is to help IT Admins understand how Copilot Pages work and what it means for their organization. Copilot Pages are .loop files.



Who gets Copilot Pages?

Users with access to Microsoft 365 Copilot will be able to create Copilot Pages, and soon users with access to Microsoft Copilot our free commercial Copilot product will also be able to create pages



Copilot Pages are files that users can extend permissions to others using your organizations file sharing settings. If you need to further limit interaction with .loop files, use Conditional Access. Conditional Access can fully block users from opening the .loop file.


What is created when a user creates a Copilot Page?

A Copilot Page comes to life in your files ecosystem as a .loop file in a new user-owned SharePoint Embedded container. There are two main concepts to Loop: files and containers.

  • Files: Loop pages and components are .loop files. Copilot Pages are displayed to the right of a Copilot Business Chat. When shared as a component they are displayed as little interactive boxes in Microsoft 365 apps (this is how Loop components work). IT admins manage these .loop files just like any other files (.docx, .pptx, .xlsx, etc.). They support all the features of the SharePoint file system, including everything detailed here.
  • Containers: Copilot Pages are stored in a new user-owned SharePoint Embedded container, one per user. All content that Loop stores in SharePoint Embedded containers count against the tenant's SharePoint quota. All your governance and compliance processes apply the same way they would to a user's OneDrive. Management and graph APIs for these containers will soon be accessible to tools like AvePoint, ShareGate, your in-house tooling, and others.



IT Admin controls

Copilot Pages are rolling out to M365 Copilot users today and soon for M365 subscribers. Because they are .loop files, you can control them using Loop admin switches. Note that disabling Loop in your tenant does not disable Copilot Pages. We added a new switch specifically for Copilot Pages to ensure they're easily controlled in your organization.



Copilot Pages are default enabled in your tenant (like all Loop integrations). The diagram shows the existing controls and highlights the new Copilot Pages control:

Megan_Dohnal_0-1726175239386.png






This article covers the Cloud Policy controls for all Loop components, but we'll cover the "B" cloud policy explicitly here.


B: Create and view Loop files in Microsoft 365 Copilot Chat (Not Configured == Enabled) | To change the default configuration for Copilot Pages, follow these instructions:

  1. Sign in to https://config.office.com/ with your Microsoft 365 admin credentials.
  2. Select Customization from the left pane.
  3. Select Policy Management.
  4. Create a new policy configuration or edit an existing one.
  5. From the Choose the scope dropdown list, choose either All users or select the group for which you want to apply the policy. For more information, See Microsoft 365 Groups for Cloud Policy.
  6. In Configure Settings, choose this setting: For Create and view Loop files in Microsoft 365 Copilot Chat:
    • Enabled: Copilot chat experience is available to the users.
    • Disabled: Copilot chat experience isn't available to the users.
    • Not configured: Copilot chat experience is available to the users. Save the policy configuration. Reassign priority for any security group, if required. (If two or more policy configurations are applicable to the same set of users, the one with the higher priority is applied.)
  7. Save the policy configuration.
  8. Reassign priority for any security group, if required. (If two or more policy configurations are applicable to the same set of users, the one with the higher priority is applied.)

In case you create a new policy configuration, or change the configuration for an existing policy, there can be a delay in the change being reflected as described below:

  • If there were existing policy configurations prior to the change, then it may take 90 mins for the change to be reflected.
  • If there were no policy configurations prior to the change, then it may take 24 hours for the change to be reflected.



Manage Pages content

All Copilot Pages support the capabilities listed here. In summary, that includes admin toggles, GDPR and EUDB compliance, Intune device management, Conditional Access policies, Information Barriers, Customer Lockbox, individual file recycle bin, version history, audit logs, eDiscovery, export, legal hold, retention policies, sensitivity labels, and data loss prevention.



For many organizations, these capabilities are more than enough for the default Enabled state of Loop experiences. For larger organizations with advanced governance, sharing, and management tools, the following additional capabilities coming in Q4 CY2024 may be of interest to IT Admins:

  • Retention labels at the file level
  • Programmatic API access to content in SharePoint Embedded containers (enables third-party Governance, Management, and Compliance tools)
  • Guest/external access via Entra B2B config for tenants with sensitivity labels
  • SharePoint Admin Center columns to identify user-owned containers

New user-owned storage containers

Megan_Dohnal_1-1726175239388.png




The diagram illustrates where Copilot Pages are saved, in a new user-owned SharePoint Embedded container. This content is lifetime-managed with the user account and is deleted when the user account is deleted from the organization. There is a default timeline where it is first soft deleted (can be recovered by an IT Admin) and then purged.



Similarly, when a user leaves, there is an IT Admin workflow to enable access to these containers before deletion so that valuable content can be copied to new locations. The capability to see another user's Copilot Pages in the Loop app that were assigned before deletion is scheduled for Q4 CY2024.



User-owned containers will be identifiable in the SharePoint Admin Center by two new columns: Principal Owner and Ownership Type. Principal owner will be set to the username when the container is user-owned. And Ownership Type will be User.



Quota

All use of SharePoint Embedded storage counts against your tenant's SharePoint quota. This is documented here.



Purview and Compliance

There are several compliance and manageability capabilities built into the SharePoint platform that Loop fully supports. Please see this learn article for an inventory. In the next sections, we'll summarize the top areas we get questions about.



Legal Hold, eDiscovery, and export

Because .loop files are just like all the other files in your SharePoint ecosystem, Purview understands them and supports them natively with very little change. You can place SharePoint Embedded containers on legal hold using the URL to the container just like placing a SharePoint site on hold. You can search for content to place on hold using full text search in Purview. You can export the content in a review set that includes .loop files and automatically convert to .html for offline readable format using Purview Premium.



If you use third-party tools for eDiscovery or export for compliance, programmatic API access to content in SharePoint Embedded containers is coming in Q4 CY2024



Multi-Geo

The user-owned SharePoint Embedded container that holds Copilot Pages is created in the user's preferred data location.



Sensitivity Labels and Data Loss Prevention

Two ways to control over sharing in your organization are fully supported in .loop files. The first is sensitivity labeling, which you can configure per Copilot page. And, if Copilot finds content that has a source label higher than the page, when adding it onto the page by pressing “Edit in Page,” it will automatically upgrade the sensitivity label. Sensitivity Labels can control things like external sharing rights, encryption of data, and more.



The second is data loss prevention, a security conscious scanner that detects very sensitive information and immediately blocks all sharing and triggers the owner of the file to remove it before full collaboration can be restored.



Audit

Because all .loop files are stored in the SharePoint ecosystem, full audit activity is available in the unified audit log that SharePoint events are already part of. Creates, updates, reads and deletes are all logged with attribution.



Governance Tooling

Governance of a user-owned container is a lot simpler than shared content like an M365 group or a SharePoint site, or even a shared Loop workspace, since it is typically lifetime managed with the user account and no additional regular governance is required. However, if you use third-party tools for governing user-owned containers, programmatic API access to content in SharePoint Embedded containers is coming in Q4 CY2024.



We hope this summary leaves you feeling confident about Copilot Pages in your organization.

Continue reading...
 
Back
Top