1
00:00:03,600 --> 00:00:06,080
Welcome to episode 427
2
00:00:06,080 --> 00:00:08,820
of the Microsoft Cloud IT Pro podcast,
3
00:00:09,439 --> 00:00:12,419
recorded live on 04/30/2026.
4
00:00:12,639 --> 00:00:14,960
This is a show about Microsoft three sixty
5
00:00:14,960 --> 00:00:17,195
five and Azure from the perspective of IT
6
00:00:17,195 --> 00:00:19,434
pros and end users, where we discuss a
7
00:00:19,434 --> 00:00:21,835
topic or recent news and how it relates
8
00:00:21,835 --> 00:00:24,474
to you. In this episode, Ben and Scott
9
00:00:24,474 --> 00:00:26,875
open with a quick peek at Merrill's latest
10
00:00:26,875 --> 00:00:30,530
project, Yako, a browser extension to make navigating
11
00:00:30,530 --> 00:00:33,750
to your Microsoft three sixty five services quicker.
12
00:00:34,289 --> 00:00:36,770
Then they move into an extended follow-up on
13
00:00:36,770 --> 00:00:39,490
Copilot CoWork and some of the recent hands
14
00:00:39,490 --> 00:00:40,229
on hardships,
15
00:00:40,770 --> 00:00:42,870
artifact management, and integration
16
00:00:43,250 --> 00:00:43,990
with Anthropic,
17
00:00:44,534 --> 00:00:48,214
including a potential security risk related to sensitive
18
00:00:48,214 --> 00:00:48,714
data.
19
00:00:50,854 --> 00:00:52,934
So we're trying something new today, Scott. We
20
00:00:52,934 --> 00:00:54,155
are recording in Riverside
21
00:00:54,695 --> 00:00:56,375
so that we can maybe try to do
22
00:00:56,375 --> 00:00:59,320
some shorts. And who knows? Maybe we'll even
23
00:00:59,619 --> 00:01:02,259
broadcast live to LinkedIn and YouTube here in
24
00:01:02,259 --> 00:01:04,659
the future. Start incorporating some video. I've been
25
00:01:04,659 --> 00:01:06,659
told we should do actually, nobody's told me
26
00:01:06,659 --> 00:01:08,439
we should do video. The SEO
27
00:01:09,060 --> 00:01:12,765
people and everybody that grows podcasts tell me
28
00:01:12,765 --> 00:01:14,924
we should do video. Our AI overlords are
29
00:01:14,924 --> 00:01:16,844
back. They're just gonna have us do this
30
00:01:16,844 --> 00:01:18,525
until we're done with it. We've tried it
31
00:01:18,525 --> 00:01:20,924
before and then quit. I don't know, Scott.
32
00:01:20,924 --> 00:01:23,984
Maybe this time it'll stick. Maybe Riverside will
33
00:01:24,125 --> 00:01:24,944
make it easier.
34
00:01:25,450 --> 00:01:27,770
The AI has definitely made some of it.
35
00:01:27,770 --> 00:01:30,090
It's compelling stuff here. We we should probably
36
00:01:30,090 --> 00:01:30,670
get into,
37
00:01:31,130 --> 00:01:32,969
get get into our topic of the day.
38
00:01:32,969 --> 00:01:35,210
Yeah. Before we get into our topic, though,
39
00:01:35,210 --> 00:01:37,069
did you see Merrill's latest
40
00:01:37,930 --> 00:01:39,710
invention development project,
41
00:01:40,344 --> 00:01:43,644
etcetera? I have not. Okay. So go into
42
00:01:43,944 --> 00:01:46,765
whatever browser you use and go search for
43
00:01:47,305 --> 00:01:47,884
Yako, y a
44
00:01:49,944 --> 00:01:51,704
c o, or you can go to the
45
00:01:51,704 --> 00:01:54,299
website, get Yako, yaya,
46
00:01:54,299 --> 00:01:56,459
not c,yako,.com.
47
00:01:56,459 --> 00:01:57,819
I'll send you a link. I should've done
48
00:01:57,819 --> 00:01:59,500
this earlier because now I don't know where
49
00:01:59,500 --> 00:02:01,819
our Teams chat is. It is a browser
50
00:02:01,819 --> 00:02:02,319
extension
51
00:02:03,019 --> 00:02:03,519
that
52
00:02:03,819 --> 00:02:06,459
changes the home page of your browser. So
53
00:02:06,459 --> 00:02:08,719
he created it for Edge, Chrome, and Firefox.
54
00:02:09,235 --> 00:02:10,914
And now when you click a new tab
55
00:02:10,914 --> 00:02:13,574
in your browser, it gives you
56
00:02:14,194 --> 00:02:14,675
the
57
00:02:15,074 --> 00:02:16,354
like, it gives you a bunch of links
58
00:02:16,354 --> 00:02:19,715
that you can customize to whatever Office March
59
00:02:20,034 --> 00:02:23,469
well, Microsoft Cloud, really, Cloud links. So, like,
60
00:02:23,469 --> 00:02:23,969
mine,
61
00:02:24,349 --> 00:02:25,550
I hit a new tab, and I can
62
00:02:25,550 --> 00:02:27,569
pick OneDrive, Outlook, Loop, Copilot,
63
00:02:27,949 --> 00:02:29,889
Azure, Sentinel, Intune,
64
00:02:30,509 --> 00:02:31,409
Admin Center,
65
00:02:31,870 --> 00:02:32,370
all
66
00:02:32,750 --> 00:02:34,909
the different things. Then I can customize what
67
00:02:34,909 --> 00:02:36,430
I want on there. That's a nifty one.
68
00:02:36,430 --> 00:02:38,050
I can see how that would be helpful
69
00:02:38,485 --> 00:02:40,025
in a work context.
70
00:02:40,405 --> 00:02:41,525
I I don't know that I'd use it
71
00:02:41,525 --> 00:02:43,284
too much on my personal one, but def
72
00:02:43,364 --> 00:02:45,284
definitely on the work side of things. Yeah.
73
00:02:45,284 --> 00:02:46,564
I don't know that it's a personal one,
74
00:02:46,564 --> 00:02:49,044
but for work and, frankly, I don't really
75
00:02:49,044 --> 00:02:50,965
care about the news that normally pops up,
76
00:02:50,965 --> 00:02:53,064
and I know you can tweak it. And
77
00:02:53,284 --> 00:02:55,560
I don't really wanna set portal to office.com
78
00:02:55,560 --> 00:02:57,079
since that doesn't even get me to my
79
00:02:57,079 --> 00:02:58,939
apps anymore. It just gets me to Copilot
80
00:02:59,000 --> 00:02:59,500
chat.
81
00:03:00,840 --> 00:03:03,639
Admin.microsoft.com.
82
00:03:03,879 --> 00:03:05,500
Yeah. Or use, like, Copilot
83
00:03:05,879 --> 00:03:08,205
or quad or chat GPT or whatever and
84
00:03:08,365 --> 00:03:10,444
pin pin that one in there. I use
85
00:03:10,444 --> 00:03:13,805
the Copilot one on personal edge. Like, it
86
00:03:13,805 --> 00:03:15,564
tends to do pretty good. The only thing
87
00:03:15,564 --> 00:03:17,884
I hate about it is it uses Bing
88
00:03:17,884 --> 00:03:19,884
as the search engine. So if it can't,
89
00:03:19,884 --> 00:03:22,205
like, auto resolve to yako.com
90
00:03:22,205 --> 00:03:23,669
or get yako.com,
91
00:03:23,750 --> 00:03:25,509
it fires me off into Bing. Then I'm
92
00:03:25,509 --> 00:03:27,530
left with Bing search results.
93
00:03:28,069 --> 00:03:29,830
I don't I don't need Bing search results
94
00:03:29,830 --> 00:03:32,310
in my life. But yeah. No. Cool. I'll
95
00:03:32,310 --> 00:03:35,189
have to try this one out, and we'll
96
00:03:35,189 --> 00:03:38,650
put a link to gityako.com.
97
00:03:39,715 --> 00:03:40,215
G,
98
00:03:40,514 --> 00:03:44,115
yeah, getyako.com
99
00:03:44,115 --> 00:03:46,354
by Merrill. Nice one. Again, probably more for
100
00:03:46,354 --> 00:03:47,955
work than personal because it doesn't have any
101
00:03:47,955 --> 00:03:49,555
of the well, I can't remember. Does it
102
00:03:49,555 --> 00:03:51,395
have personal m three sixty five stuff in
103
00:03:51,395 --> 00:03:53,155
there? I would have to go
104
00:03:53,750 --> 00:03:55,669
look. Oh, you can also switch it from
105
00:03:55,669 --> 00:03:57,750
classic icons. I know we've talked about these
106
00:03:57,750 --> 00:03:59,509
before if you want a new tab to
107
00:03:59,509 --> 00:04:01,669
be like msportals.io
108
00:04:01,669 --> 00:04:03,430
or cmd.ms.
109
00:04:03,430 --> 00:04:05,110
Yeah. I did see that. So so that's
110
00:04:05,110 --> 00:04:07,355
another project that Merrill has out there with
111
00:04:07,355 --> 00:04:09,835
the with the short links and things like
112
00:04:09,835 --> 00:04:11,435
that. So that that could be a helpful
113
00:04:11,435 --> 00:04:13,115
one as well. Oh, it does have some
114
00:04:13,115 --> 00:04:15,514
of the consumer stuff. So if you are
115
00:04:15,514 --> 00:04:17,514
just at home and you wanna do consumer
116
00:04:17,514 --> 00:04:19,050
stuff in it, you can do that as
117
00:04:19,870 --> 00:04:20,370
well.
118
00:04:21,189 --> 00:04:23,990
You're out of time. Copilot needs to be
119
00:04:23,990 --> 00:04:27,110
deployed ASAP, but is your tenant really ready
120
00:04:27,110 --> 00:04:30,329
for it? Years of data, permissions, and users
121
00:04:30,470 --> 00:04:33,024
lurk in its shadows, ready to be exposed
122
00:04:33,024 --> 00:04:33,845
by AI.
123
00:04:34,225 --> 00:04:37,024
Sharegate Protect sees it all, so you can
124
00:04:37,024 --> 00:04:39,985
find the exposure risks, fix them fast, and
125
00:04:39,985 --> 00:04:41,764
deploy AI with confidence.
126
00:04:42,225 --> 00:04:45,660
Microsoft three sixty five governance. We got this.
127
00:04:45,899 --> 00:04:50,560
Learn more at sharegate.com/governance.
128
00:04:53,339 --> 00:04:54,860
Now we can get into our topic if
129
00:04:54,860 --> 00:04:56,779
you want. That was just a nifty thing
130
00:04:56,779 --> 00:04:58,779
that popped up in my feed the other
131
00:04:58,779 --> 00:05:00,535
day and I was been playing with. And
132
00:05:00,535 --> 00:05:02,154
maybe a little bit of follow-up. So
133
00:05:02,535 --> 00:05:05,035
last time we recorded, we kinda talked about
134
00:05:05,175 --> 00:05:07,895
the co work situation and Claude co work
135
00:05:07,895 --> 00:05:09,274
and CoPilot co work.
136
00:05:09,574 --> 00:05:10,074
And
137
00:05:10,535 --> 00:05:12,214
that definitely sent me down the path of,
138
00:05:12,214 --> 00:05:14,189
like, hey. Let me play a little bit
139
00:05:14,189 --> 00:05:17,230
more with CoPilot CoWork and kinda see where
140
00:05:17,230 --> 00:05:18,670
I could see how far I could get
141
00:05:18,670 --> 00:05:20,270
with some of the stuff we had talked
142
00:05:20,270 --> 00:05:22,529
about, like, maybe, like, the limitations
143
00:05:22,830 --> 00:05:24,350
of not being able to interact with your
144
00:05:24,350 --> 00:05:26,750
local desktop or or local resources, all that
145
00:05:26,750 --> 00:05:28,204
kind of stuff. So
146
00:05:28,985 --> 00:05:31,865
custom skills in Copilot Cowork are kind of
147
00:05:31,865 --> 00:05:33,884
broken right now. They're they're a little frustrating
148
00:05:34,024 --> 00:05:36,604
to to work with along the way. Definitely
149
00:05:36,665 --> 00:05:39,884
ran into the I'm very used to kinda
150
00:05:40,250 --> 00:05:40,750
prompting
151
00:05:41,209 --> 00:05:43,289
LLMs at this point or a lot of
152
00:05:43,289 --> 00:05:46,089
these tools with questions to kinda help me
153
00:05:46,089 --> 00:05:47,689
refine a prompt and come up with a
154
00:05:47,689 --> 00:05:49,930
way to generate, like, the artifacts that you
155
00:05:49,930 --> 00:05:51,850
want. So rather than saying go in and
156
00:05:51,850 --> 00:05:54,145
build me this, it's ask me a couple
157
00:05:54,145 --> 00:05:55,745
questions that are gonna help. Like, here's the
158
00:05:55,745 --> 00:05:56,965
outcome I wanna achieve.
159
00:05:57,345 --> 00:05:58,324
So in,
160
00:05:58,705 --> 00:06:01,345
like, in the case of, say, like, Claude
161
00:06:01,345 --> 00:06:01,845
Code
162
00:06:02,225 --> 00:06:02,725
or
163
00:06:03,105 --> 00:06:05,905
GitHub Copilot CLI, things like that, or GitHub
164
00:06:05,905 --> 00:06:08,064
Copilot chat, it's very easy to go in
165
00:06:08,064 --> 00:06:09,939
and say, I would like to build a
166
00:06:09,939 --> 00:06:11,560
new skill that does
167
00:06:11,860 --> 00:06:13,779
blah blah blah. And then it will actually
168
00:06:13,779 --> 00:06:15,319
kinda ask you a couple questions,
169
00:06:15,699 --> 00:06:17,699
and it will frame out the markdown for
170
00:06:17,699 --> 00:06:19,460
you, and it will write it to the
171
00:06:19,460 --> 00:06:21,699
right directory for you, like, to the point
172
00:06:21,699 --> 00:06:22,904
where it where you can do
173
00:06:23,625 --> 00:06:26,185
install to just my local session or install
174
00:06:26,185 --> 00:06:29,305
this globally kinda thing. And Copilot Coburg kinda
175
00:06:29,305 --> 00:06:30,904
surprised me. It walked me in and it
176
00:06:30,904 --> 00:06:32,665
said, oh, you wanna create a new skill.
177
00:06:32,665 --> 00:06:34,425
This is great. I'll go create a new
178
00:06:34,425 --> 00:06:35,785
skill for you. What do you wanna call
179
00:06:35,785 --> 00:06:37,464
it? What do you want the description to
180
00:06:37,464 --> 00:06:39,459
be? And I already had all this markdown
181
00:06:39,459 --> 00:06:41,220
and stuff that I wanted to pump into
182
00:06:41,220 --> 00:06:43,959
it. So boom. Great. Click the go button,
183
00:06:44,100 --> 00:06:46,339
does its cheeky. I'm thinking about it and
184
00:06:46,339 --> 00:06:48,500
thinking and spinning the gears. And then it
185
00:06:48,500 --> 00:06:50,740
spits out an output for me, which is
186
00:06:50,740 --> 00:06:53,504
a skill quality report. So it gave me
187
00:06:53,504 --> 00:06:56,064
this very nice HTML file that said, I
188
00:06:56,064 --> 00:06:57,205
created your skill,
189
00:06:57,584 --> 00:07:01,185
and your skill has an 83, 84% score
190
00:07:01,185 --> 00:07:02,305
or whatever it is. Right? So it gave
191
00:07:02,305 --> 00:07:04,545
me this, like, nice dashboard that said, your
192
00:07:04,545 --> 00:07:06,644
skill is gonna be awesome and it passes.
193
00:07:06,800 --> 00:07:08,399
I don't know what it passes because it
194
00:07:08,399 --> 00:07:10,319
just generated me an HTML file that said
195
00:07:10,319 --> 00:07:12,560
my my my skill was really good. But
196
00:07:12,560 --> 00:07:13,620
it also hallucinated
197
00:07:13,920 --> 00:07:16,000
that it had ever created the skill. So
198
00:07:16,000 --> 00:07:18,000
it never actually went and created, like, the
199
00:07:18,000 --> 00:07:19,759
skill dot m d and put it in
200
00:07:19,759 --> 00:07:21,920
the right folder in my OneDrive and did
201
00:07:21,920 --> 00:07:22,485
all that stuff.
202
00:07:23,044 --> 00:07:24,724
So great that it told me my skill
203
00:07:24,724 --> 00:07:26,964
was awesome, and it generated a report that
204
00:07:26,964 --> 00:07:29,464
my skill was awesome. Not so great that
205
00:07:29,524 --> 00:07:31,685
it didn't actually generate my skill. It didn't
206
00:07:31,685 --> 00:07:33,925
actually create a skill? Maybe it did. Maybe
207
00:07:33,925 --> 00:07:36,324
it's in someone else's OneDrive. That was number
208
00:07:36,324 --> 00:07:39,449
one. Number two is actually finally did get
209
00:07:39,449 --> 00:07:40,970
that skill created. Had to go do it
210
00:07:40,970 --> 00:07:43,129
manually, provision it into my OneDrive. It's a
211
00:07:43,129 --> 00:07:46,990
little weird in the cowork frontier agent today
212
00:07:47,290 --> 00:07:49,930
because sometimes it sees your skills in your
213
00:07:49,930 --> 00:07:52,785
OneDrive, and sometimes it does not. So when
214
00:07:52,785 --> 00:07:54,625
you go and you do, like, slash commands
215
00:07:54,625 --> 00:07:57,105
in Copilot co work, you're presented with an
216
00:07:57,105 --> 00:07:59,444
interface of, like, people, skills,
217
00:07:59,824 --> 00:08:02,464
files, and these various things. So the very
218
00:08:02,464 --> 00:08:03,985
first time I created this skill, I went
219
00:08:03,985 --> 00:08:05,345
out there and I went and I just
220
00:08:05,345 --> 00:08:07,819
popped it into my OneDrive. I closed Copilot
221
00:08:07,959 --> 00:08:10,199
down, just the Copilot m three sixty five
222
00:08:10,199 --> 00:08:12,040
Copilot app, which I was just happened to
223
00:08:12,040 --> 00:08:14,279
be using, but it's that web wrapper. Loaded
224
00:08:14,279 --> 00:08:17,080
it back up, slash command. Oh, look. There's
225
00:08:17,080 --> 00:08:18,759
my skill. That's awesome. Like, didn't need to
226
00:08:18,759 --> 00:08:21,305
navigate around a bunch or do anything. Came
227
00:08:21,305 --> 00:08:22,044
back and
228
00:08:22,504 --> 00:08:24,104
so I did a quick chat with it
229
00:08:24,104 --> 00:08:26,125
just to see, like, okay. Does this work?
230
00:08:26,264 --> 00:08:28,584
Cool. It generated some output. Looks like it
231
00:08:28,584 --> 00:08:29,865
did the right thing that I wanted it
232
00:08:29,865 --> 00:08:31,224
to do. So then I spun up a
233
00:08:31,224 --> 00:08:33,704
new chat. Now mind you, I didn't close
234
00:08:33,704 --> 00:08:35,889
m three sixty five chat down. I didn't
235
00:08:35,889 --> 00:08:38,289
change anything in my OneDrive. Okay. Just a
236
00:08:38,289 --> 00:08:40,529
new session. Just a new chat session because
237
00:08:40,529 --> 00:08:42,129
now I'm like, oh, cool. This still works.
238
00:08:42,129 --> 00:08:43,570
Let me actually go, like, fire off and
239
00:08:43,570 --> 00:08:45,649
do what I wanted to do. New chat?
240
00:08:45,649 --> 00:08:47,454
I don't know about your skill. I've never
241
00:08:47,454 --> 00:08:48,855
seen this thing in the world, like, in
242
00:08:48,855 --> 00:08:50,294
my life. I I don't know what it
243
00:08:50,294 --> 00:08:51,735
is and what's going on. So you do
244
00:08:51,735 --> 00:08:53,735
the slash command, not there in the slash
245
00:08:53,735 --> 00:08:57,095
command. You actually knit browse straight over to
246
00:08:57,095 --> 00:08:58,394
the skills tab
247
00:08:58,774 --> 00:09:01,809
from the slash command, not there. But you
248
00:09:01,889 --> 00:09:03,730
I was able to say in my co
249
00:09:03,730 --> 00:09:05,970
work session, do you know about this skill?
250
00:09:05,970 --> 00:09:07,809
Can you please, like, use it when I
251
00:09:07,809 --> 00:09:09,809
put this what I wanna do in here?
252
00:09:09,809 --> 00:09:12,049
So it it eventually kinda wrangled itself. So
253
00:09:12,049 --> 00:09:14,289
I think that skills experience has a little
254
00:09:14,289 --> 00:09:16,209
bit of refinement to do, maybe something for
255
00:09:16,209 --> 00:09:18,105
folks to watch out for. The other thing
256
00:09:18,105 --> 00:09:18,605
that's
257
00:09:19,225 --> 00:09:21,705
been, I think, kind of getting on my
258
00:09:21,705 --> 00:09:24,665
nerves a little bit is as you're in
259
00:09:24,665 --> 00:09:28,105
Copilot Cowork and you're generating artifacts, so like
260
00:09:28,105 --> 00:09:30,105
in that very first run where it generated
261
00:09:30,105 --> 00:09:32,105
a skill report for me or or what
262
00:09:32,105 --> 00:09:34,035
I was trying to do with this custom
263
00:09:34,035 --> 00:09:36,257
skill that I spun out, it was ultimately
264
00:09:36,257 --> 00:09:38,478
spitting out some HTML files and some markdown
265
00:09:38,478 --> 00:09:40,700
for me as, like, an output. So those
266
00:09:40,700 --> 00:09:42,921
all go into your session, and you see
267
00:09:42,921 --> 00:09:44,587
them kind of in the Cowork,
268
00:09:45,424 --> 00:09:47,745
in in the co work frontier agent interface,
269
00:09:47,745 --> 00:09:48,705
like, it has a little bit of a
270
00:09:48,705 --> 00:09:50,945
different interface than the chat interface, and it
271
00:09:50,945 --> 00:09:52,865
says, here's your inputs, here's your outputs, blah
272
00:09:52,865 --> 00:09:55,264
blah blah. Good luck because well, at least
273
00:09:55,264 --> 00:09:57,584
in whatever build I'm on that's pushed out
274
00:09:57,584 --> 00:10:00,679
today or as of today, you cannot, like,
275
00:10:00,820 --> 00:10:03,300
right click those things and open in OneDrive.
276
00:10:03,300 --> 00:10:04,899
There is a little drop down like like
277
00:10:04,899 --> 00:10:06,980
an ellipsis there to click it and say
278
00:10:06,980 --> 00:10:08,740
open in OneDrive. Doesn't work for me at
279
00:10:08,740 --> 00:10:10,740
all. So then you gotta go manually browse
280
00:10:10,740 --> 00:10:12,500
your OneDrive. So you go into your OneDrive,
281
00:10:12,500 --> 00:10:14,385
you go into your documents folder, you go
282
00:10:14,385 --> 00:10:16,341
into your co work folder. And then in
283
00:10:16,341 --> 00:10:18,296
your co work folder, well, you've got skills,
284
00:10:18,296 --> 00:10:20,251
which is where you load your custom skill,
285
00:10:20,251 --> 00:10:22,207
and then you've got sessions. And then each
286
00:10:22,207 --> 00:10:24,162
session is a GUID. So if you do
287
00:10:24,162 --> 00:10:26,279
multiple chats per day or anything
288
00:10:26,899 --> 00:10:28,500
more than, like, one or two with co
289
00:10:28,500 --> 00:10:30,580
work for the day, now you have these
290
00:10:30,580 --> 00:10:32,980
folders that are just GUIDs. And, hopefully, you
291
00:10:32,980 --> 00:10:35,379
can figure out by timestamp which one is
292
00:10:35,379 --> 00:10:37,379
the right folder because you have to browse
293
00:10:37,379 --> 00:10:39,139
into that GUID folder, and then there's an
294
00:10:39,139 --> 00:10:41,245
outputs folder in there, and then that's where
295
00:10:41,245 --> 00:10:44,704
your artifacts end up. So it's a
296
00:10:45,404 --> 00:10:47,404
it's got some rough edges and some friction
297
00:10:47,404 --> 00:10:50,684
today. And it immediately drew drove me back
298
00:10:50,684 --> 00:10:53,964
to GitHub Copilot CLI, at least, because I
299
00:10:53,964 --> 00:10:56,044
I have access to that or GitHub Copilot,
300
00:10:56,044 --> 00:10:56,429
I guess.
301
00:10:57,470 --> 00:10:59,889
And the other thing is I was hoping
302
00:11:00,750 --> 00:11:01,649
that because
303
00:11:02,190 --> 00:11:02,690
Cowork
304
00:11:03,230 --> 00:11:03,730
is
305
00:11:04,190 --> 00:11:04,929
in the
306
00:11:05,629 --> 00:11:08,589
cloud ecosystem to start, that it would be
307
00:11:08,589 --> 00:11:10,129
able to get by some limitations
308
00:11:10,669 --> 00:11:12,585
that I potentially run into in my day
309
00:11:12,585 --> 00:11:14,184
to day being on the CLI or the
310
00:11:14,184 --> 00:11:14,684
desktop.
311
00:11:14,985 --> 00:11:17,245
And probably one of the biggest ones
312
00:11:17,625 --> 00:11:18,925
is I often have,
313
00:11:19,304 --> 00:11:22,045
like, multiple artifacts, could be presentations,
314
00:11:22,425 --> 00:11:25,070
Word documents, excels, things like that, that I
315
00:11:25,070 --> 00:11:27,309
kinda wanna, like, iterate over and riff on
316
00:11:27,309 --> 00:11:30,029
and come out with those ideas and go
317
00:11:30,029 --> 00:11:32,210
back and forth on my thinking around them.
318
00:11:32,269 --> 00:11:33,950
So on the desktop, I run into a
319
00:11:33,950 --> 00:11:36,210
lot of issues because I have my OneDrive
320
00:11:36,350 --> 00:11:38,754
and I have things synced and both my
321
00:11:38,754 --> 00:11:41,315
work OneDrive and then I use shortcuts a
322
00:11:41,315 --> 00:11:43,715
bunch too, so I have shortcuts back to
323
00:11:43,715 --> 00:11:46,595
SharePoint sites. A lot of the content that
324
00:11:46,595 --> 00:11:48,595
I iterate on day over day and throughout
325
00:11:48,595 --> 00:11:49,894
my day is
326
00:11:50,514 --> 00:11:53,339
IRM ed. So it has some kind of
327
00:11:53,399 --> 00:11:57,019
information rights management or, like, MIP information protection.
328
00:11:57,159 --> 00:11:59,399
Encryption on the files. Yep. Yeah. So when
329
00:11:59,399 --> 00:12:01,080
you're on your desktop and you're sitting there
330
00:12:01,080 --> 00:12:03,720
in, like, GitHub Copilot CLI, well, it's got
331
00:12:03,720 --> 00:12:05,644
a skill to read Word documents. Just
332
00:12:06,345 --> 00:12:07,085
uses the anthropic
333
00:12:07,785 --> 00:12:08,285
word
334
00:12:08,745 --> 00:12:10,684
skill, but that can only read nonencrypted content.
335
00:12:10,865 --> 00:12:13,465
It can't even though it has your user
336
00:12:13,465 --> 00:12:15,065
contacts and you're saying do this or go
337
00:12:15,065 --> 00:12:17,384
into my, like, physical folder on my OneDrive
338
00:12:17,384 --> 00:12:19,240
kinda thing, it can't do it. So I
339
00:12:19,240 --> 00:12:21,240
was kinda hoping that, like, Cowork would maybe
340
00:12:21,240 --> 00:12:22,600
help solve that for me, and I could
341
00:12:22,600 --> 00:12:24,519
just rethink some of the skills I use
342
00:12:24,519 --> 00:12:26,759
in the cloud world. Cowork can't read my
343
00:12:26,759 --> 00:12:29,399
protected documents either. It just blows up and
344
00:12:29,399 --> 00:12:31,399
says, sorry. I can't do this. Is it
345
00:12:31,399 --> 00:12:33,420
because it's sending it over
346
00:12:33,894 --> 00:12:36,394
to Anthropic into Claude versus
347
00:12:37,014 --> 00:12:39,514
when you use the GPT models that's staying
348
00:12:39,654 --> 00:12:40,154
in
349
00:12:40,534 --> 00:12:42,855
the Azure data centers and it's going to
350
00:12:42,855 --> 00:12:45,434
the models internally? That would be my assumption
351
00:12:45,894 --> 00:12:47,195
if that's the case because
352
00:12:47,700 --> 00:12:49,240
those MIP protected documents,
353
00:12:49,940 --> 00:12:52,440
I can use in things like Copilot notebooks
354
00:12:52,820 --> 00:12:54,980
when I'm in GPT mode. And then, oh,
355
00:12:54,980 --> 00:12:57,240
yeah. We should also talk about so, Anthropic
356
00:12:57,300 --> 00:12:59,059
had an outage earlier this week on their
357
00:12:59,059 --> 00:12:59,960
API surface,
358
00:13:00,315 --> 00:13:01,835
and it happened to be when I was
359
00:13:01,835 --> 00:13:03,274
in the middle of one of my Copilot
360
00:13:03,274 --> 00:13:04,174
co work sessions,
361
00:13:04,715 --> 00:13:07,514
completely bombed out. Like, the session crashed, and
362
00:13:07,514 --> 00:13:08,715
if I try and go back into that
363
00:13:08,715 --> 00:13:09,995
chat now, I just end up on a
364
00:13:09,995 --> 00:13:12,394
page that says, sorry, like, sorry, Dave. I
365
00:13:12,394 --> 00:13:13,995
can't do this right now. Can you sign
366
00:13:13,995 --> 00:13:16,350
back in? Like, I am signed in. But
367
00:13:16,350 --> 00:13:18,049
I I basically just lost
368
00:13:18,429 --> 00:13:19,950
the ability to go back in and see
369
00:13:19,950 --> 00:13:21,730
any of that chat history or anything
370
00:13:22,429 --> 00:13:24,750
for that session that's out there. So that
371
00:13:24,750 --> 00:13:26,590
that that was an interesting moment for me
372
00:13:26,590 --> 00:13:28,110
as well because I was trying to debug
373
00:13:28,110 --> 00:13:29,629
it. Like, what happened and what's going on?
374
00:13:29,629 --> 00:13:30,914
Is m three sixty five
375
00:13:31,714 --> 00:13:33,074
down right now? Like, why is just this
376
00:13:33,074 --> 00:13:36,134
one chat broken? And it turns out it
377
00:13:36,195 --> 00:13:37,495
coincided exactly
378
00:13:38,115 --> 00:13:39,334
with the anthropic
379
00:13:40,115 --> 00:13:42,134
API outage. So it was a good reminder
380
00:13:42,195 --> 00:13:44,434
for me of, like, that mental model of,
381
00:13:44,434 --> 00:13:46,294
like, when you're in Copilot Cowork,
382
00:13:46,690 --> 00:13:49,570
you are, I I guess, using just the
383
00:13:49,570 --> 00:13:50,710
anthropic APIs.
384
00:13:51,170 --> 00:13:52,769
So a lot of that stuff does start
385
00:13:52,769 --> 00:13:54,850
to click then about, like, oh, hey. I
386
00:13:54,850 --> 00:13:58,230
can't read and or open that IRM document
387
00:13:58,690 --> 00:14:01,090
and all those kinds of things. So that
388
00:14:01,170 --> 00:14:04,605
that's a, like, funny, like, I guess, limitation,
389
00:14:04,985 --> 00:14:07,225
but that I just I was not prepared
390
00:14:07,225 --> 00:14:08,665
for and I did not have in my
391
00:14:08,665 --> 00:14:11,725
head to even think about, here's one more
392
00:14:11,945 --> 00:14:14,105
modality or, like, mental model that I need
393
00:14:14,105 --> 00:14:15,325
to carry as a user
394
00:14:15,705 --> 00:14:16,205
into
395
00:14:16,745 --> 00:14:18,059
leveraging these tools.
396
00:14:19,659 --> 00:14:22,720
If you're managing file storage today, you've probably
397
00:14:22,779 --> 00:14:25,419
felt the pressure. Refresh cycles are harder to
398
00:14:25,419 --> 00:14:28,860
plan, costs and complexity are increasing, especially as
399
00:14:28,860 --> 00:14:30,960
file workloads scale across regions.
400
00:14:31,334 --> 00:14:34,615
That's why Microsoft customers trust Nasuni as an
401
00:14:34,615 --> 00:14:36,235
Azure certified software.
402
00:14:36,615 --> 00:14:39,654
Nasuni provides a global file system designed for
403
00:14:39,654 --> 00:14:40,954
enterprise scale environments,
404
00:14:41,334 --> 00:14:44,774
keeping file data secure, governed, and accessible across
405
00:14:44,774 --> 00:14:47,879
Azure environments without added infrastructure complexity.
406
00:14:48,259 --> 00:14:51,379
It's the foundation to keep your unstructured data
407
00:14:51,379 --> 00:14:54,740
stable even as your infrastructure evolves. To see
408
00:14:54,740 --> 00:14:56,740
how much you could save while keeping your
409
00:14:56,740 --> 00:15:02,345
initiatives on track, visit nasuni.com/tco.
410
00:15:02,345 --> 00:15:07,004
That's nasuni.com/tco.
411
00:15:08,345 --> 00:15:10,425
So do you want to talk about our
412
00:15:10,425 --> 00:15:11,865
topic, or do you want me to bring
413
00:15:11,865 --> 00:15:14,090
up something that popped into my head since
414
00:15:14,090 --> 00:15:15,690
we're on this topic and you brought that
415
00:15:15,690 --> 00:15:17,950
up? I mean, it's your show. Not really.
416
00:15:18,090 --> 00:15:20,330
Keep going with this. So this brings up
417
00:15:20,330 --> 00:15:22,750
an interesting thought then. Right? Because
418
00:15:23,929 --> 00:15:25,230
that would also
419
00:15:26,184 --> 00:15:27,404
seem to imply
420
00:15:28,105 --> 00:15:29,964
that your chat session,
421
00:15:30,504 --> 00:15:32,684
is it not being stored
422
00:15:33,065 --> 00:15:35,865
in Microsoft three sixty five? So then, like,
423
00:15:35,865 --> 00:15:37,404
did that get corrupted
424
00:15:38,024 --> 00:15:40,440
in Microsoft three sixty five data, or is
425
00:15:40,440 --> 00:15:42,679
it the fact that Microsoft three sixty five
426
00:15:42,679 --> 00:15:46,379
to earlier point can't reach back out to
427
00:15:46,679 --> 00:15:47,420
the API
428
00:15:47,960 --> 00:15:50,779
to grab that session from Claude?
429
00:15:51,160 --> 00:15:53,000
In which case, if all that data's in
430
00:15:53,000 --> 00:15:53,500
Claude,
431
00:15:54,040 --> 00:15:55,019
what does that
432
00:15:55,335 --> 00:15:55,835
start
433
00:15:56,295 --> 00:15:57,754
implying for things
434
00:15:58,695 --> 00:15:59,514
like auditing
435
00:15:59,894 --> 00:16:00,394
and
436
00:16:01,495 --> 00:16:01,995
retention
437
00:16:02,615 --> 00:16:03,115
and
438
00:16:04,134 --> 00:16:04,634
sensitivity
439
00:16:05,014 --> 00:16:08,295
labels when it comes to chat? Like, this
440
00:16:08,295 --> 00:16:10,295
is something, and I don't know if I
441
00:16:10,295 --> 00:16:12,860
should go pop open mine while we're talking,
442
00:16:12,860 --> 00:16:13,360
is
443
00:16:14,779 --> 00:16:16,399
do your clogged conversations
444
00:16:17,259 --> 00:16:18,000
in Cowork
445
00:16:18,539 --> 00:16:21,759
function the same way that a conversation
446
00:16:22,059 --> 00:16:24,575
would in a GPT model when it comes
447
00:16:24,575 --> 00:16:27,934
to sensitive information and sensitive content and, I
448
00:16:27,934 --> 00:16:29,634
guess, almost like that data
449
00:16:30,254 --> 00:16:31,315
sovereign sovereignty
450
00:16:32,335 --> 00:16:33,154
data sovereignty
451
00:16:33,615 --> 00:16:35,875
type scenario. I would imagine,
452
00:16:36,410 --> 00:16:37,309
and this is conjecture
453
00:16:37,690 --> 00:16:39,549
because I haven't seen it, like, formally documented.
454
00:16:39,610 --> 00:16:41,610
But today, when you're in an m three
455
00:16:41,610 --> 00:16:44,269
sixty five tenant, you can have the OpenAI
456
00:16:44,330 --> 00:16:46,570
and GPT models kinda, like, by default. That's
457
00:16:46,570 --> 00:16:48,855
your default mode. You have to go and
458
00:16:49,095 --> 00:16:52,714
explicitly enable anthropic and basically sign the legalese
459
00:16:52,855 --> 00:16:54,534
that you're good with your data You're using
460
00:16:54,534 --> 00:16:55,274
that. Leaving
461
00:16:55,654 --> 00:16:58,315
the boundary of Microsoft's cloud because you are
462
00:16:58,454 --> 00:16:58,954
chatting
463
00:16:59,334 --> 00:17:02,294
with a model that at least is hosted.
464
00:17:02,294 --> 00:17:04,250
So even if you're not sending the data
465
00:17:04,250 --> 00:17:06,250
out, you're still sending the chat out. So
466
00:17:06,250 --> 00:17:09,049
if you're chatting about something that's potentially sensitive
467
00:17:09,049 --> 00:17:11,130
to your business, that would just be passed
468
00:17:11,130 --> 00:17:14,569
in natural language, right, via your prompt over
469
00:17:14,569 --> 00:17:15,069
to
470
00:17:15,529 --> 00:17:17,845
over to that side of things. So I
471
00:17:17,845 --> 00:17:18,424
I know,
472
00:17:19,044 --> 00:17:21,924
you know, organizationally where I am, like, there
473
00:17:21,924 --> 00:17:24,565
there is a big difference in functionality between
474
00:17:24,565 --> 00:17:27,044
folks in The US and Europe because we
475
00:17:27,044 --> 00:17:30,404
haven't lit up anthropic due to GDPR and
476
00:17:30,404 --> 00:17:32,565
things like that for those for that set
477
00:17:32,565 --> 00:17:34,920
of users. So that that that does make
478
00:17:34,920 --> 00:17:37,480
it tough. Like, some things potentially aren't available
479
00:17:37,480 --> 00:17:39,640
to some folks based on, like you said,
480
00:17:39,640 --> 00:17:41,579
data sovereignty, data residency,
481
00:17:41,960 --> 00:17:42,460
GDPR,
482
00:17:43,559 --> 00:17:46,375
various legal requirements, things like that that that
483
00:17:46,375 --> 00:17:47,755
are out there. And
484
00:17:48,214 --> 00:17:51,035
you asked, like, where are the chats
485
00:17:51,414 --> 00:17:53,035
stored? I have no idea.
486
00:17:53,815 --> 00:17:55,654
I would hope that they're stored in the
487
00:17:55,654 --> 00:17:58,055
same place as, like, my, like, grounded memory
488
00:17:58,055 --> 00:17:59,914
for, like, my m three sixty five chats.
489
00:17:59,974 --> 00:18:01,539
But when is that? I I don't know.
490
00:18:01,539 --> 00:18:03,460
Like, that chat that crashed for me, and
491
00:18:03,460 --> 00:18:04,980
it just happened to be I I was
492
00:18:04,980 --> 00:18:06,580
in there prompt in a way and firing
493
00:18:06,580 --> 00:18:09,299
off requests, like, just when that anthropic API
494
00:18:09,299 --> 00:18:11,299
went down. That that thing, like I said,
495
00:18:11,299 --> 00:18:13,380
I can still get to the files because
496
00:18:13,380 --> 00:18:15,220
they're in my OneDrive. I can see the
497
00:18:15,220 --> 00:18:17,434
session ID and, like, I can map back
498
00:18:17,434 --> 00:18:18,795
to the GUID and the day and the
499
00:18:18,795 --> 00:18:19,295
time
500
00:18:19,674 --> 00:18:22,315
when that thing happened. So that's good. Like,
501
00:18:22,315 --> 00:18:24,234
the file storage is still there. I lost
502
00:18:24,234 --> 00:18:25,755
all the chat history. I've I have no
503
00:18:25,755 --> 00:18:28,474
idea where that is and what that looks
504
00:18:28,474 --> 00:18:30,789
like, along the way. So there is a
505
00:18:30,789 --> 00:18:32,869
little bit in the docs around, like, how
506
00:18:32,869 --> 00:18:34,250
does Cowork handle
507
00:18:34,630 --> 00:18:36,170
data. So authentication,
508
00:18:36,630 --> 00:18:38,710
super easy. Right? That's just your m three
509
00:18:38,710 --> 00:18:41,349
sixty five credentials and your org ID. Tenant
510
00:18:41,349 --> 00:18:41,849
isolation,
511
00:18:42,150 --> 00:18:43,369
so you can only
512
00:18:43,875 --> 00:18:46,914
work with data within your organization's tenant. Easy
513
00:18:46,914 --> 00:18:47,414
enough,
514
00:18:47,875 --> 00:18:49,255
because you can't access data
515
00:18:49,555 --> 00:18:51,795
cross tenant. And because you can only work
516
00:18:51,795 --> 00:18:54,275
with cloud data, like data in SharePoint or
517
00:18:54,275 --> 00:18:56,195
OneDrive, well, that that kinda takes care of
518
00:18:56,195 --> 00:18:57,474
it because you don't have to worry about
519
00:18:57,474 --> 00:18:59,339
the local access thing or anything like that.
520
00:18:59,339 --> 00:19:00,859
And if you did upload some data to
521
00:19:00,859 --> 00:19:02,460
the chat, it would get uploaded to your
522
00:19:02,460 --> 00:19:04,460
OneDrive and be part of the the session
523
00:19:04,460 --> 00:19:06,940
and all that. So file storage taken care
524
00:19:06,940 --> 00:19:08,859
of. You you're you're in OneDrive or SharePoint
525
00:19:08,859 --> 00:19:10,859
within your tenant. What's not clear is there's
526
00:19:10,859 --> 00:19:12,380
a little bullet when you go into the
527
00:19:12,380 --> 00:19:14,805
co work docs that says data subject rights.
528
00:19:15,045 --> 00:19:15,785
Access deletion,
529
00:19:16,325 --> 00:19:20,105
rectification, and portability requests are supported in accordance
530
00:19:20,164 --> 00:19:22,664
with Microsoft's privacy standards.
531
00:19:22,965 --> 00:19:25,445
Okay. So I would imagine that's, hey. I
532
00:19:25,445 --> 00:19:26,965
went into the m three sixty five admin
533
00:19:26,965 --> 00:19:29,605
portal and I clicked yes. Users within geo
534
00:19:29,605 --> 00:19:32,579
x y zed can get access to anthropic
535
00:19:32,640 --> 00:19:34,559
models, and then it's just off to the
536
00:19:34,559 --> 00:19:36,480
races from there. So, Scott, while you were
537
00:19:36,480 --> 00:19:39,039
talking, I just did a fascinating test on
538
00:19:39,039 --> 00:19:41,119
Copilot in my environment. Oh, you just asked
539
00:19:41,119 --> 00:19:42,319
it just to see if you could get
540
00:19:42,319 --> 00:19:43,299
it to leak again?
541
00:19:44,164 --> 00:19:45,924
No. We're not talking about what I got
542
00:19:45,924 --> 00:19:47,625
it to leak before. That's
543
00:19:48,724 --> 00:19:50,164
secret. If you run into me at a
544
00:19:50,164 --> 00:19:52,505
conference, come ask me. I am not recording
545
00:19:52,644 --> 00:19:53,865
when I got it to leak.
546
00:19:54,244 --> 00:19:55,924
I went into cowork. So I have a
547
00:19:55,924 --> 00:19:58,269
document in my environment. Let me preface this.
548
00:19:58,269 --> 00:20:00,190
I will more than happily give you these
549
00:20:00,190 --> 00:20:01,549
screenshots too if we wanna put them in
550
00:20:01,549 --> 00:20:03,549
the show notes. I have a document in
551
00:20:03,549 --> 00:20:05,549
my environment that I put a sensitivity label
552
00:20:05,549 --> 00:20:07,390
on. Mhmm. I did not encrypt it, so
553
00:20:07,390 --> 00:20:09,630
it's not using AIP or MIP or any
554
00:20:09,630 --> 00:20:12,609
of those, just a sensitivity label that's for
555
00:20:13,065 --> 00:20:14,044
labeling purposes.
556
00:20:14,424 --> 00:20:16,204
And then in my DLP policies,
557
00:20:16,585 --> 00:20:17,085
I
558
00:20:17,464 --> 00:20:18,524
put a policy
559
00:20:18,904 --> 00:20:21,005
or a Copilot and Copilot chat
560
00:20:21,544 --> 00:20:22,044
blocking
561
00:20:22,585 --> 00:20:23,085
Copilot
562
00:20:23,544 --> 00:20:24,044
from
563
00:20:24,424 --> 00:20:27,164
essentially accessing the content in this document
564
00:20:27,559 --> 00:20:30,039
or doing anything with the document. So it's
565
00:20:30,039 --> 00:20:32,200
just a simple test document. Like, in it,
566
00:20:32,200 --> 00:20:33,559
I wrote the color of the chair is
567
00:20:33,559 --> 00:20:34,059
blue,
568
00:20:34,359 --> 00:20:36,119
the color of the ocean is red, or
569
00:20:36,119 --> 00:20:39,160
something just something goofy like that. So if
570
00:20:39,160 --> 00:20:42,475
I go into Copilot chat, just normal Copilot
571
00:20:42,615 --> 00:20:44,775
chat session, make sure I'm on the work
572
00:20:44,775 --> 00:20:46,634
tab so I can get to my data,
573
00:20:46,775 --> 00:20:48,934
and I just do a slash command DLP
574
00:20:48,934 --> 00:20:50,775
policy test doc, what color is the chair
575
00:20:50,775 --> 00:20:53,095
based on this file, and Copilot returns to
576
00:20:53,095 --> 00:20:55,755
me, I attempted to open DLP policy test,
577
00:20:55,880 --> 00:20:57,480
but the content is blocked due to your
578
00:20:57,480 --> 00:20:59,660
organization's data loss prevention policies.
579
00:21:00,039 --> 00:21:01,720
Because of that, I don't have any visibility
580
00:21:01,720 --> 00:21:04,200
into the file's content, can't determine the color
581
00:21:04,200 --> 00:21:05,880
of the chair, blah blah blah blah blah
582
00:21:05,880 --> 00:21:08,220
blah blah. So works just like it intended.
583
00:21:08,535 --> 00:21:10,414
I did I wasn't paying attention. I had
584
00:21:10,414 --> 00:21:11,734
it on the web chat for a little
585
00:21:11,734 --> 00:21:13,414
bit too. I can still do a slash
586
00:21:13,414 --> 00:21:15,674
command and reference the document. And
587
00:21:15,975 --> 00:21:18,134
I asked it the same thing, and it
588
00:21:18,134 --> 00:21:20,055
just said it can't determine the color of
589
00:21:20,055 --> 00:21:23,059
the chair because there's no image content associated
590
00:21:23,059 --> 00:21:25,160
with it. It's text only, no description.
591
00:21:25,539 --> 00:21:27,539
I guess it kinda makes sense. It must
592
00:21:27,539 --> 00:21:30,279
be the difference that a web Copilot chat,
593
00:21:30,339 --> 00:21:32,660
how it interacts with the document versus on
594
00:21:32,660 --> 00:21:35,220
the work tab. Interesting that it didn't reference
595
00:21:35,220 --> 00:21:37,539
the DLP policy even though I added the
596
00:21:37,539 --> 00:21:39,835
document to the chat, but it still couldn't
597
00:21:39,835 --> 00:21:42,174
get to it. Then I went into Cowork
598
00:21:42,554 --> 00:21:45,115
and did the same thing. DLP policy, test
599
00:21:45,115 --> 00:21:46,554
doc, what is the color of the chair
600
00:21:46,554 --> 00:21:48,634
based on the file? Based on the document,
601
00:21:48,634 --> 00:21:50,335
the chair is blue. Cowork
602
00:21:50,714 --> 00:21:52,015
does not respect
603
00:21:52,660 --> 00:21:55,460
Copilot DLP policies. You turn this stuff on.
604
00:21:55,460 --> 00:21:56,599
You you use it.
605
00:21:57,299 --> 00:22:00,200
User discretion is advised. Yeah. And if you
606
00:22:00,500 --> 00:22:03,140
are doing DLP policies, you may want to
607
00:22:03,779 --> 00:22:06,019
and I get, like, Cowork's still frontier. Right?
608
00:22:06,019 --> 00:22:06,920
It still preview
609
00:22:07,474 --> 00:22:09,255
all the normal stuff, but
610
00:22:09,714 --> 00:22:11,894
CoWork at this point in time
611
00:22:12,195 --> 00:22:13,414
does bypass
612
00:22:14,515 --> 00:22:15,335
some of those
613
00:22:15,955 --> 00:22:18,934
security features that, I guess, I feel like
614
00:22:19,394 --> 00:22:19,974
by default,
615
00:22:20,355 --> 00:22:22,829
it would have been on that
616
00:22:23,210 --> 00:22:25,289
if we're gonna if I'm gonna go in
617
00:22:25,289 --> 00:22:28,890
and configure sensitivity labels and security and exclude
618
00:22:28,890 --> 00:22:30,109
certain things from Copilot,
619
00:22:30,490 --> 00:22:32,730
that it wouldn't be able to bypass it
620
00:22:32,730 --> 00:22:34,490
in that type of scenario. Maybe it gives
621
00:22:34,490 --> 00:22:36,704
a little credence to the do use things.
622
00:22:36,704 --> 00:22:37,904
Like, like, I can tell you, if you
623
00:22:37,904 --> 00:22:40,085
use MIP and it's encrypted, it's like,
624
00:22:40,545 --> 00:22:42,464
you're not get you're not getting that thing.
625
00:22:42,464 --> 00:22:44,944
You're safe there. I will say you're safe
626
00:22:44,944 --> 00:22:46,224
ish there. Like, you're
627
00:22:47,105 --> 00:22:49,345
as a user, there's still things that you
628
00:22:49,345 --> 00:22:51,099
can potentially do. So
629
00:22:51,400 --> 00:22:53,640
so for example, like, you can copy and
630
00:22:53,640 --> 00:22:55,960
paste data out of a a Word document.
631
00:22:55,960 --> 00:22:56,460
Right?
632
00:22:56,839 --> 00:22:58,059
And LLMs
633
00:22:58,440 --> 00:22:59,259
speak markdown.
634
00:22:59,799 --> 00:23:02,619
So while I was looking to see,
635
00:23:02,920 --> 00:23:04,279
okay, is there a way that I, like,
636
00:23:04,279 --> 00:23:05,720
I can make all this stuff work? I'm
637
00:23:05,720 --> 00:23:08,734
trying to, like, Google Bing, DuckDuckGo my way
638
00:23:08,734 --> 00:23:10,255
through life and see if I can figure
639
00:23:10,255 --> 00:23:12,815
this out. I did see some articles out
640
00:23:12,815 --> 00:23:16,115
there from folks who were talking about kinda
641
00:23:16,414 --> 00:23:18,894
markdown as the language of LLMs, which is
642
00:23:18,894 --> 00:23:21,859
true. And there's all these, like, just open
643
00:23:21,920 --> 00:23:23,140
websites that
644
00:23:23,440 --> 00:23:24,019
have fancy
645
00:23:24,400 --> 00:23:27,779
JavaScript engines, or there's a really nifty extension
646
00:23:27,839 --> 00:23:30,660
for Versus Code, which does paste as markdown.
647
00:23:31,200 --> 00:23:33,744
So you can copy your Word doc, just
648
00:23:33,744 --> 00:23:35,984
control c, give me all this content, and
649
00:23:35,984 --> 00:23:37,505
you can go and paste it into a
650
00:23:37,505 --> 00:23:40,224
markdown file. And then it's just out in
651
00:23:40,224 --> 00:23:40,804
the wild.
652
00:23:41,904 --> 00:23:45,184
Mark markdown's not getting a sensitivity label and
653
00:23:45,184 --> 00:23:47,505
IRM'd and all that stuff. So And all
654
00:23:47,505 --> 00:23:48,644
those. That's another
655
00:23:49,109 --> 00:23:51,029
thing I think that maybe, like, folks gotta
656
00:23:51,029 --> 00:23:54,009
think about. Like, it it's really just exciting,
657
00:23:54,309 --> 00:23:54,809
scary,
658
00:23:55,109 --> 00:23:55,609
interesting
659
00:23:55,990 --> 00:23:56,490
to
660
00:23:57,029 --> 00:23:59,190
kinda see the evolution of these things and
661
00:23:59,190 --> 00:24:00,250
see where the gaps
662
00:24:00,630 --> 00:24:03,450
and things come up all along the way.
663
00:24:03,734 --> 00:24:06,055
Like, I I don't envy, like, because I'm
664
00:24:06,055 --> 00:24:07,355
talking through these situations.
665
00:24:07,734 --> 00:24:09,194
Like, I don't envy, like,
666
00:24:09,494 --> 00:24:12,454
CSOs or things like that or chief information
667
00:24:12,454 --> 00:24:14,934
officers having to or legal. Right? Like, trying
668
00:24:14,934 --> 00:24:16,789
to figure out, hey, what do we do
669
00:24:16,789 --> 00:24:17,690
in our organization
670
00:24:17,990 --> 00:24:18,890
when it comes
671
00:24:19,349 --> 00:24:20,569
to the use of
672
00:24:20,869 --> 00:24:24,390
these models and these systems and contracting with
673
00:24:24,390 --> 00:24:26,630
these various vendors and things that are out
674
00:24:26,630 --> 00:24:29,375
there? Because in a world of just anything
675
00:24:29,375 --> 00:24:31,154
can be converted to raw text,
676
00:24:31,534 --> 00:24:32,034
then
677
00:24:32,654 --> 00:24:34,815
you you can just egress it and have
678
00:24:34,815 --> 00:24:37,134
it out there kinda thing. And so, like,
679
00:24:37,134 --> 00:24:39,054
I was playing around with that paste to
680
00:24:39,054 --> 00:24:41,909
markdown extension of Versus Code. Super cool, like
681
00:24:41,909 --> 00:24:44,149
I said, but you can do things like
682
00:24:44,149 --> 00:24:46,169
you can paste, say like an image
683
00:24:46,470 --> 00:24:49,190
from a website or from a document, and
684
00:24:49,190 --> 00:24:51,529
when you paste it in, it gets pasted
685
00:24:51,829 --> 00:24:54,869
as a base 64 encoded just native image
686
00:24:54,869 --> 00:24:56,785
in there. So it it's not even like,
687
00:24:56,785 --> 00:24:58,384
if you had, like, sensitive data in a
688
00:24:58,384 --> 00:25:00,785
flowchart or something like that coming through, you
689
00:25:00,785 --> 00:25:02,945
could potentially leak that into an LLM or
690
00:25:02,945 --> 00:25:05,105
something like that. So def definitely some stuff
691
00:25:05,105 --> 00:25:06,164
to think about. Yeah.
692
00:25:11,740 --> 00:25:13,980
This episode is brought to you by Trusted
693
00:25:13,980 --> 00:25:17,019
Tech. If you're managing Microsoft three sixty five,
694
00:25:17,019 --> 00:25:19,359
you already know licensing isn't simple.
695
00:25:19,740 --> 00:25:21,740
E three versus e five, the brand new
696
00:25:21,740 --> 00:25:25,144
e seven licenses, Copilot security bundles, and with
697
00:25:25,144 --> 00:25:28,024
price changes coming in July 2026,
698
00:25:28,024 --> 00:25:30,825
the stakes are getting higher. Trusted Tech helps
699
00:25:30,825 --> 00:25:33,384
IT leaders make sense of their Microsoft three
700
00:25:33,384 --> 00:25:36,279
sixty five environment with a free licensing consultation.
701
00:25:36,740 --> 00:25:37,480
Their engineers
702
00:25:37,779 --> 00:25:40,019
analyze what you're licensed for and what you're
703
00:25:40,019 --> 00:25:42,980
actually using and where you can optimize, whether
704
00:25:42,980 --> 00:25:44,200
that means consolidating
705
00:25:44,500 --> 00:25:48,039
security tools, preparing for Copilot, or eliminating wasted
706
00:25:48,099 --> 00:25:48,599
spend.
707
00:25:48,900 --> 00:25:52,755
Plus, they offer proactive and reactive support, which
708
00:25:52,755 --> 00:25:55,575
has been awarded yet another solution partner designation
709
00:25:55,795 --> 00:25:56,295
from
710
00:25:56,674 --> 00:25:58,615
Microsoft for support services.
711
00:25:58,994 --> 00:26:01,414
If you want a clear, data backed plan
712
00:26:01,555 --> 00:26:03,815
that has helped over 7,500
713
00:26:04,090 --> 00:26:06,990
subscribing customers save up to 20% on Microsoft
714
00:26:07,130 --> 00:26:10,350
three sixty five before your next renewal, visit
715
00:26:10,410 --> 00:26:16,990
trustedtech.team/mscloudprom365
716
00:26:17,049 --> 00:26:17,444
and schedule
717
00:26:18,404 --> 00:26:19,865
free consultation today.
718
00:26:24,724 --> 00:26:26,565
I was playing around with this a little
719
00:26:26,565 --> 00:26:28,244
bit more. Like, if I use the Claude
720
00:26:28,244 --> 00:26:32,419
model like Opus in chat, DLP works. I
721
00:26:32,419 --> 00:26:35,059
just tried it with another agent that I
722
00:26:35,059 --> 00:26:37,079
built that uses, like, WorkIQ
723
00:26:37,619 --> 00:26:38,119
and
724
00:26:38,500 --> 00:26:40,519
all the different m three sixty five ones.
725
00:26:40,740 --> 00:26:41,960
And that one,
726
00:26:42,259 --> 00:26:44,099
it does pick up that the file has
727
00:26:44,099 --> 00:26:46,285
a sensitivity label on it, and it says
728
00:26:46,285 --> 00:26:47,505
access to the files
729
00:26:47,805 --> 00:26:48,305
with
730
00:26:48,684 --> 00:26:50,144
the sensitivity label
731
00:26:50,525 --> 00:26:52,224
will be as per org policy.
732
00:26:52,684 --> 00:26:54,785
So it doesn't look like it's necessarily
733
00:26:56,365 --> 00:26:58,625
even tied to agents or
734
00:26:59,019 --> 00:27:01,500
the specific model because this agent I did
735
00:27:01,500 --> 00:27:03,500
set to use, I think it was Claude
736
00:27:03,500 --> 00:27:04,960
4.6.
737
00:27:05,339 --> 00:27:07,839
It does look to be very
738
00:27:08,220 --> 00:27:09,359
at least a DLP
739
00:27:09,660 --> 00:27:10,160
policy
740
00:27:10,859 --> 00:27:11,359
workaround
741
00:27:11,740 --> 00:27:13,759
does appear to be something
742
00:27:14,355 --> 00:27:15,095
cowork specific
743
00:27:16,115 --> 00:27:16,934
and not
744
00:27:17,234 --> 00:27:17,734
necessarily
745
00:27:18,194 --> 00:27:19,255
agent or
746
00:27:19,714 --> 00:27:21,714
model based. Now we don't know how the
747
00:27:21,714 --> 00:27:23,255
data necessarily flows
748
00:27:23,954 --> 00:27:24,454
to
749
00:27:25,075 --> 00:27:27,875
Claude and the cowork agent versus an agent
750
00:27:27,875 --> 00:27:29,095
I built versus
751
00:27:29,700 --> 00:27:32,179
Opus in a Copilot chat. I don't know.
752
00:27:32,179 --> 00:27:33,700
I think it gets to some of what
753
00:27:33,700 --> 00:27:35,319
we've talked about before is
754
00:27:35,619 --> 00:27:38,259
Copilot feels overly complex, I guess, when it
755
00:27:38,259 --> 00:27:39,940
comes to some of this stuff. Like, this
756
00:27:39,940 --> 00:27:42,819
feels like something I shouldn't have to be
757
00:27:43,244 --> 00:27:46,464
I shouldn't have to have five different ways
758
00:27:46,845 --> 00:27:49,105
to five different places I have to validate
759
00:27:49,244 --> 00:27:51,484
that my sensitivity labels work. Like, if I
760
00:27:51,484 --> 00:27:53,744
say this is excluded from Copilot,
761
00:27:54,045 --> 00:27:55,265
it shouldn't matter
762
00:27:55,640 --> 00:27:57,900
what I'm doing in Copilot. It should be
763
00:27:57,960 --> 00:28:00,039
uniform across the entire platform. We could go
764
00:28:00,039 --> 00:28:01,720
down this rabbit hole for a long time.
765
00:28:01,720 --> 00:28:03,799
Right? So think about we've talked in the
766
00:28:03,799 --> 00:28:06,759
past about, like, declarative agents. So great. Super
767
00:28:06,759 --> 00:28:08,545
easy to spin up. I wanna give this
768
00:28:08,545 --> 00:28:11,505
thing a description. There's also going down the
769
00:28:11,505 --> 00:28:14,625
path of, like, full foundry agent that you
770
00:28:14,625 --> 00:28:17,265
can, like, publish as a native agent out
771
00:28:17,265 --> 00:28:20,065
to Copilot and to Teams and all those
772
00:28:20,065 --> 00:28:22,200
other kinds of things that are out there.
773
00:28:22,200 --> 00:28:24,919
So that's another interesting scenario because now I'm
774
00:28:24,919 --> 00:28:26,839
not, like, in a declarative agent. I'm in
775
00:28:26,839 --> 00:28:29,720
an agent that sits over in Foundry, which
776
00:28:29,720 --> 00:28:32,380
is in Azure land. Sure. Still still within
777
00:28:32,440 --> 00:28:35,099
the boundary of my tenant for identity and
778
00:28:35,480 --> 00:28:37,634
all that kind of stuff, but not necessarily
779
00:28:37,694 --> 00:28:39,535
within the boundary of my tenant as far
780
00:28:39,535 --> 00:28:42,275
as, like, m three sixty five is hosted
781
00:28:42,414 --> 00:28:44,894
and not, like like it's not Azure. It's
782
00:28:44,894 --> 00:28:46,595
m three sixty five and Azure
783
00:28:46,894 --> 00:28:48,414
kind of thing. So you can also kinda
784
00:28:48,414 --> 00:28:50,130
have, like, that just
785
00:28:51,170 --> 00:28:53,089
have to think through, like like, alright. What
786
00:28:53,089 --> 00:28:55,890
does that mean? And, like I said, it's
787
00:28:55,890 --> 00:28:57,970
not I and maybe it's me. And I
788
00:28:57,970 --> 00:28:59,250
totally they get this could be a me
789
00:28:59,250 --> 00:29:00,529
thing, but I also think it's a little
790
00:29:00,529 --> 00:29:01,970
bit of, like, a Microsoft thing and just
791
00:29:01,970 --> 00:29:04,609
how it's presented, documented, pushed out there. Like,
792
00:29:04,609 --> 00:29:07,414
I spent a decent amount of time trying
793
00:29:07,414 --> 00:29:09,174
to go out and find and tell me,
794
00:29:09,174 --> 00:29:11,335
like, how some of this stuff works, where
795
00:29:11,335 --> 00:29:14,535
does sensitivity of labels lie, where does DLP
796
00:29:14,535 --> 00:29:17,894
apply, all these things. And it's not, like,
797
00:29:17,894 --> 00:29:19,679
well done, I guess. Like, you can go
798
00:29:19,679 --> 00:29:21,599
with, like, into the purview docs, like, for
799
00:29:21,599 --> 00:29:24,079
sensitivity labels, and it'll tell you, like, hey.
800
00:29:24,079 --> 00:29:27,380
This works with Copilot chat and Copilot agents.
801
00:29:27,599 --> 00:29:30,019
But is that true? Is that just Copilot
802
00:29:30,160 --> 00:29:33,634
declarative agents, or is that Copilot Foundry agents
803
00:29:33,634 --> 00:29:36,194
that then that agent in Foundry could have
804
00:29:36,194 --> 00:29:38,674
access to other tools? It could have, like,
805
00:29:38,674 --> 00:29:41,154
logic that potentially ships your data between different
806
00:29:41,154 --> 00:29:43,795
tools and has different integrations. Like, I don't
807
00:29:43,795 --> 00:29:46,369
know. The whole thing weaves in weird ways.
808
00:29:46,369 --> 00:29:46,869
So
809
00:29:47,410 --> 00:29:49,970
much like I'm, like, just delighted by, like,
810
00:29:49,970 --> 00:29:52,769
being back in terminals and CLI experiences and
811
00:29:52,769 --> 00:29:55,169
things like that, you can see all this
812
00:29:55,169 --> 00:29:56,230
potential there,
813
00:29:57,025 --> 00:29:59,424
but the rough edges, the friction, just the
814
00:29:59,424 --> 00:30:02,464
mental overhead, I think, for users, and I'll
815
00:30:02,464 --> 00:30:04,384
I'll totally admit, like, you and I are
816
00:30:04,384 --> 00:30:06,144
probably more on the advanced side where we're
817
00:30:06,144 --> 00:30:08,384
thinking about these things where most other people
818
00:30:08,384 --> 00:30:10,224
aren't. They're just hopping through life going like,
819
00:30:10,224 --> 00:30:12,789
oh, researcher, help desk, a new chat, word
820
00:30:12,789 --> 00:30:13,990
and web. I don't know the difference. So
821
00:30:13,990 --> 00:30:15,349
I was just start or work in web.
822
00:30:15,349 --> 00:30:16,630
I was just starting work, or I was
823
00:30:16,630 --> 00:30:18,470
just starting web. Oh, I didn't know you
824
00:30:18,470 --> 00:30:20,630
could select a model, any anything like that.
825
00:30:20,630 --> 00:30:23,029
So you've got that full spectrum too of,
826
00:30:23,269 --> 00:30:24,570
I I think just kinda
827
00:30:25,015 --> 00:30:26,234
personas and
828
00:30:26,535 --> 00:30:28,214
folks that are gonna be out there using
829
00:30:28,214 --> 00:30:28,875
these things.
830
00:30:29,174 --> 00:30:29,994
Wild times.
831
00:30:30,535 --> 00:30:32,615
We'll see. This will be interesting to keep
832
00:30:32,615 --> 00:30:34,535
coming back to, and I promise we'll get
833
00:30:34,535 --> 00:30:36,054
to our topic that we were gonna talk
834
00:30:36,054 --> 00:30:36,875
about eventually.
835
00:30:37,575 --> 00:30:39,419
Someday, we'll get there. We'll see. That that
836
00:30:39,419 --> 00:30:41,659
was a backup anyway, but thank thanks for
837
00:30:41,659 --> 00:30:43,500
letting me rant a little bit or at
838
00:30:43,500 --> 00:30:45,659
least do some follow-up on co work. No.
839
00:30:45,659 --> 00:30:47,019
I think it's how we all learn. Right?
840
00:30:47,019 --> 00:30:49,339
Like, some say, hope if one person out
841
00:30:49,339 --> 00:30:52,159
there listens to this and their takeaway is,
842
00:30:52,355 --> 00:30:53,714
I was thinking about playing with it, but
843
00:30:53,714 --> 00:30:55,315
maybe I'm gonna wait a couple weeks until
844
00:30:55,315 --> 00:30:57,154
it refines a little bit more. Maybe we
845
00:30:57,154 --> 00:30:58,914
save somebody else a a little bit of
846
00:30:58,914 --> 00:31:01,394
toil and overhead. Even you and I talking
847
00:31:01,394 --> 00:31:03,234
about it and starting to think through, again,
848
00:31:03,234 --> 00:31:05,880
like, the DLP policies and sensitivity labels, and
849
00:31:05,880 --> 00:31:08,460
I hadn't even thought about that before until
850
00:31:09,079 --> 00:31:11,000
you brought up that thing about it crashing
851
00:31:11,000 --> 00:31:13,480
and losing your session of where is this,
852
00:31:13,480 --> 00:31:15,900
and how is this looking at those. So
853
00:31:15,960 --> 00:31:17,559
appreciate it. If you come back and listen
854
00:31:17,559 --> 00:31:19,784
to this, here's your thing. Right? We'll dump
855
00:31:19,784 --> 00:31:22,044
the transcript out, throw this through an LLM,
856
00:31:22,345 --> 00:31:24,184
and have this just write your next m
857
00:31:24,184 --> 00:31:25,884
three sixty five Copilot
858
00:31:26,265 --> 00:31:30,025
whatever security workshop for you. Exactly. That's it,
859
00:31:30,025 --> 00:31:31,880
Scott. Podcast, we're gonna
860
00:31:32,259 --> 00:31:34,740
multipurpose this content. That's the plan. Right? I
861
00:31:34,740 --> 00:31:36,180
will let you go get to your weekend.
862
00:31:36,180 --> 00:31:37,460
I'm gonna go try to get a few
863
00:31:37,460 --> 00:31:39,380
more things done before my weekend, and my
864
00:31:39,380 --> 00:31:41,460
wife is standing outside the door texting me
865
00:31:41,460 --> 00:31:44,234
for my order for dinner. Alright. I'll let
866
00:31:44,234 --> 00:31:46,315
you go. Thanks as always, Ben. Appreciate it.
867
00:31:46,315 --> 00:31:47,755
Thanks, Scott. We'll talk to you later. Bye.
868
00:31:47,755 --> 00:31:48,494
Bye bye.
869
00:31:50,234 --> 00:31:52,555
If you enjoyed the podcast, go leave us
870
00:31:52,555 --> 00:31:54,795
a five star rating in iTunes. It helps
871
00:31:54,795 --> 00:31:56,474
to get the word out so more IT
872
00:31:56,474 --> 00:31:58,470
pros can learn about Office three sixty sixty
873
00:31:58,470 --> 00:31:59,210
five and Azure.
874
00:31:59,829 --> 00:32:01,509
If you have any questions you want us
875
00:32:01,509 --> 00:32:03,669
to address on the show, or feedback about
876
00:32:03,669 --> 00:32:05,990
the show, feel free to reach out via
877
00:32:05,990 --> 00:32:08,169
our website, Twitter, or Facebook.
878
00:32:08,470 --> 00:32:10,309
Thanks again for listening, and have a great
879
00:32:10,309 --> 00:32:10,809
day.
