Using Copilot Chat Safely: Best Practices
To protect University data while using Copilot Chat within Microsoft 365 apps (Word, Excel, PowerPoint, Outlook, Teams), follow these guidelines when writing, analyzing, summarizing, or creating content.
Stay Protected with Enterprise Data Protection (EDP)
- Always sign in with your Northwest University Microsoft 365 account
- Look for the green shield checkmark icon: This indicates Enterprise Data Protection (EDP) is active
- EDP ensures your prompts and organizational data stay within Microsoft’s secure service boundary
How Copilot Uses Web Search
When Copilot uses web grounding, there are three parts:
- Your prompt: Stays inside Microsoft 365 and is protected by EDP
- Web query (what goes to the internet): Copilot sends only a simplified set of keywords, not your full prompt, files, or sensitive data
- The response: Combines internal content + web results and includes citations for transparency
How to Recognize Web Grounding in Microsoft Copilot
Watch for these indicators in Copilot Chat:
-
Citations (links or numbered references): Show which websites were used
-“Sources” section: Click to expand and review details - Web search query (keywords): Display the exact terms Copilot sent to Bing
Work vs. Web Data Sources
Work (Internal Data) is used for prompts like:
- “Rewrite this paragraph”
- “Improve clarity or tone”
- “Summarize this document”
Web (Public Internet Data) is triggered when your prompt asks for current or external information:
- “Add the latest industry statistics”
- “Update with recent regulatory changes”
- “Include current market trends”
Best Practices
- Use Copilot only when signed in with your Northwest University account
- Confirm the green shield icon before entering University data
- Review AI-generated content for accuracy, tone, and context
- Use citations to verify sources and understand results
- Never include sensitive data (e.g., SSN, Personally Identifiable Information, Protected Health Information) in prompts
Sources: