FAQs
News
Webinars
Trustpilot

Call: 0191 466 1050

Microsoft Agent 365: A Governance Starter Pack for Copilot Agents

by | Jun 4, 2026 | Blog, IT Support Blogs | 0 comments

Four key controls govern Copilot Agents: who can create agents, what data they can access, who can share them, and what actions they can perform externally. Get those four right and Microsoft Agent 365 becomes a useful productivity layer for your business. However, without those controls, you create a quiet new oversharing surface that sits on top of all the data your tenant has accumulated since 2018.

Agent 365 reached general availability on 1 May 2026, and Microsoft’s Copilot data loss prevention for web search is rolling out worldwide through June 2026. For this reason, June is the right time to set the rules. Once staff start building agents at scale, governance becomes much harder to apply consistently.

What changed with Microsoft Agent 365

Microsoft Agent 365 brings agents into the same identity, security and management plane as users. Organisations can give Agents their own identity, assign them to specific data sources, enable them to perform actions across Microsoft 365 and selected third-party systems, and govern them using the same controls as human accounts.

For an SME already using Microsoft 365 Copilot, this is the point where AI moves from a chat feature to something staff can build with. Copilot Studio lets users assemble agents that summarise weekly inboxes, route customer queries, draft proposals from templates, or trawl SharePoint for an answer. The hard part is no longer building. It is governing.

The four Copilot Agents governance controls every business should set this month

A workable Copilot Agents governance starter pack starts with four decisions that organisations document and enforce within the tenant. Configure them in the Microsoft 365 admin centre, Copilot Studio settings and Microsoft Purview.

ControlWhat it doesWhere it lives
1. Who can create agentsRestricts agent authoring to named users or a security groupCopilot Studio settings
2. What data agents can ground inLimits which SharePoint sites, OneDrive locations or external sources an agent can useSensitivity labels and agent configuration
3. Who agents can be shared withControls internal-only, by-team, or cross-tenant sharingMicrosoft 365 admin and Copilot Studio
4. What agents can do externallyDLP rules that prevent sensitive data leaving the tenant via web search or third-party connectorsMicrosoft Purview DLP for Copilot

That is the starter pack. However, it is not the end of governance; it is the floor.

Control 1: Who can create agents

The default is rarely the answer. If everyone with a Microsoft 365 licence can build agents, they will appear quickly. As a result, your IT team may struggle to track them. Therefore, organisations should start by restricting authoring to a named group, typically IT and a small number of trained power users, before reviewing access quarterly.

When a team wants their own agent, the group helps them build it. That keeps the oversight loop in place without turning IT into a bottleneck.

Control 2: What data agents can ground in

This control sits on top of the work you have already done with Microsoft Purview. When your sensitivity labels are healthy, agents inherit the protection automatically. However, if those labels are weak or inconsistent, agents can pull from any SharePoint site they can reach.

Walk through the same logic we laid out in our Microsoft Purview starter pack and make sure labels are applied before turning agents loose. Without that base layer, the next control gets harder.

Control 3: Who agents can be shared with

Agents can be shared inside a team, across the tenant, or with external organisations. Each step outward changes the risk profile. Tenant administrators in Agent 365 can now govern who is allowed to share agents created in Copilot. Set the default to internal-only, require approval for external sharing, and audit external-shared agents monthly.

Take particular care with agents that touch customer or finance data. Those should not be shareable outside the team that owns them without a named approver.

Control 4: What agents can do externally

The June 2026 rollout of Copilot DLP for web search is the new control here. As a result, it prevents sensitive data from being included in prompts that hit web search. At the same time, it still allows the agent to ground its responses in internal data sources. Microsoft documents this in their Copilot blueprint for oversharing.

Set DLP rules for the data classes you already protect in email and Teams: customer records, financial data, payroll, anything regulated. The same rules now apply to agent web actions.

How this connects to what you already have

If your business has worked through the AI readiness check and rolled out Copilot, Agent 365 is the next layer. Furthermore, the Purview labels, conditional access policies and AI acceptable-use guidance you put in place earlier this year still apply. Agent 365 extends them; it does not replace them.

For businesses that have not started yet, the order matters. Labels and DLP first. Copilot second. Agents third. Skipping ahead means governing agents on top of an unlabelled tenant, which is the situation Microsoft’s own guidance describes as the oversharing problem.

A short readiness check

Three questions to ask before you let agents into the business at scale:

  • Have we restricted who can author agents in our tenant?
  • Are our SharePoint sites labelled with sensitivity that agents will respect?
  • Do we have DLP rules that apply to Copilot web search as well as email and Teams?

If two of the three answers are no, get the controls in place this month.

Set the rules before staff build the agents

Microsoft Agent 365 is moving fast. Therefore, organisations should govern Copilot Agents before staff start shipping them into business processes, not afterwards. The four controls above take a working day to set up and a quarterly review to maintain.

If you would like us to audit which agents already exist in your tenant, configure the four-control starter pack and check your Purview foundation, book a Copilot Agents governance review and we will produce a one-page agent inventory and a setup plan tailored to your Microsoft 365 estate.