Microsoft Copilot (Microsoft 365): Domain exclusion for web grounding

🚨 The Signal: Admins can now exclude specific websites from Copilot's web grounding, preventing it from using those sites for generating responses. This allows for better control over information sources and reduces the risk of Copilot accessing undesirable or untrusted external content.

The Impact

Security teams and Copilot administrators are affected, gaining a new control to mitigate risks from untrusted web content.

• Security Teams: Reduced risk of Copilot accessing malicious or inappropriate web content.
• Copilot Administrators: New configuration option to define trusted information boundaries.
• Users: Copilot responses will exclude information from specified domains, potentially altering answer scope.

The Action

1. Review existing Copilot usage policies and identify domains that should be excluded from web grounding.
2. Navigate to the Microsoft 365 admin center.
3. Locate Copilot settings and configure domain exclusions for web grounding.
4. Communicate changes to users regarding Copilot's information sourcing.

Domain: Agentic-AI · Impact: medium · Workload: Other