Skip to content
M365 Copilot Partner Hub

Track 2: Data Workers

Goal: Own the environment assessment, security hardening, governance setup, and ongoing compliance that makes Copilot deployments safe and successful.

Module 2.1 — Identity & Access Foundations (Week 1)

Section titled “Module 2.1 — Identity & Access Foundations (Week 1)”

Learning objectives:

  • Configure Conditional Access policies for Copilot
  • Enforce MFA across the tenant
  • Set up identity protection alerts
  • Understand how access controls impact Copilot and Agent responses

Content to study:

  • LUCSP Deck: “03. Secure and Govern Copilot and Agents Part 01” — Identity & Data Protection section
  • Security Lab 1.1: Access Control (from Skillable platform)

Exercises:

  1. Complete Security Lab 1.1 on the Skillable platform (configure Conditional Access, MFA, identity protection)
  2. Document the baseline Conditional Access policies you would recommend for every Copilot deployment
  3. Create a pre-deployment checklist for identity readiness

Module 2.2 — Data Classification & Protection (Week 1–2)

Section titled “Module 2.2 — Data Classification & Protection (Week 1–2)”

Learning objectives:

  • Create and publish Sensitivity Labels
  • Apply baseline data classification policies
  • Build DLP policies for Outlook, Teams, and SharePoint
  • Test and validate DLP with real-time policy tips

Content to study:

  • LUCSP Deck: “03. Secure and Govern Copilot and Agents Part 01” — Data Protection section
  • Security Lab 1.2: Data Protection
  • Security Lab 2.2: Data Loss Prevention

Exercises:

  1. Complete Security Labs 1.2 and 2.2 on the Skillable platform
  2. Design a sensitivity label taxonomy for a fictional 500-person company (HR, Finance, Engineering, Sales)
  3. Create 3 baseline DLP policies and document what each one catches and where

Module 2.3 — Oversharing Remediation (Week 2–3)

Section titled “Module 2.3 — Oversharing Remediation (Week 2–3)”

Learning objectives:

  • Audit sharing links across SharePoint and OneDrive
  • Identify and reduce broad access (Everyone, Everyone except external users)
  • Apply sensitivity labels at the file, folder, and site/library level
  • Understand how oversharing directly impacts Copilot and Agent responses
  • Use SharePoint Advanced Management for access governance

Content to study:

  • LUCSP Deck: “03. Secure and Govern Copilot and Agents Part 01” — Oversharing section
  • Security Lab 2.1: Oversharing

Exercises:

  1. Complete Security Lab 2.1 on the Skillable platform
  2. Run an oversharing audit on our own tenant — document findings and remediation steps
  3. Create a client-facing “Oversharing Assessment” deliverable template that we can use in Phase 2 engagements

Why this matters: Oversharing is the number one risk with Copilot. If a user has access to sensitive files they shouldn’t, Copilot will surface that content in responses. This module is critical.

Module 2.4 — AI Governance & Compliance (Week 3)

Section titled “Module 2.4 — AI Governance & Compliance (Week 3)”

Learning objectives:

  • Configure Purview audit logging for Copilot and Agent activity
  • Set up retention policies and lifecycle controls for AI interactions
  • Use eDiscovery to investigate AI/agent activity
  • Configure Insider Risk Management policies
  • Understand compliance requirements for AI in regulated industries

Content to study:

  • LUCSP Deck: “03. Secure and Govern Copilot and Agents Part 02” — Governance deep dive
  • Security Lab 1.3: AI Auditing
  • Security Lab 2.3: Govern AI

Exercises:

  1. Complete Security Labs 1.3 and 2.3 on the Skillable platform
  2. Set up a Purview audit dashboard for Copilot activity on our own tenant
  3. Create a “Copilot Governance Readiness Report” template for client engagements

Module 2.5 — Agent Security & Governance (Week 3–4)

Section titled “Module 2.5 — Agent Security & Governance (Week 3–4)”

Learning objectives:

  • Configure Copilot Studio access with Conditional Access (Zero Trust)
  • Manage agent publishing approvals and permissions
  • Apply DLP to agent interactions
  • Use Agent 365 for unified agent inventory, policy-based controls, and monitoring
  • Set up agent cost controls (departmental billing, consumption monitoring, budget limits)
  • Use the Agent Consumption Estimator

Content to study:

  • LUCSP Deck: “02. Copilot Agents Part 01” — Agent governance, cost controls, and CCS sections
  • LUCSP Deck Day 2: Agent Governance Controls module
  • Day 2 Lab: Governance of Copilot Studio Agents

Exercises:

  1. Complete the Day 2 Governance Lab on the Skillable platform (configure, access, deploy, manage agents)
  2. Set up departmental billing policies on our own tenant with mock departments
  3. Run the Agent Consumption Estimator for 3 scenarios (low, medium, high usage) and document projected costs
  4. Create an “Agent Governance Checklist” template for client deployments

Certification: Complete the Level Up CSP Copilot Technical Badge assessment at aka.ms/Level-UpTechnicalAssessment (Access Code: XJEY-ZQGW). Score 80% or higher.