How to Get Your Microsoft 365 Tenant Ready for Copilot Cowork: A Governance-First Guide for IT Leaders

‍

Most organizations preparing for Copilot Cowork are focused on the wrong thing. They're reading the admin toggle instructions and checking their licensing tier, and skipping the governance work that actually determines whether Cowork will be useful or dangerous.

Copilot Cowork is not just another Copilot feature. It's an AI agent that can take multi-step actions across your Microsoft 365 environment: reading documents, drafting emails, updating spreadsheets, and moving between apps on your behalf. That changes the risk profile significantly. Every permission gap, every overshared SharePoint site, every folder with "Everyone except external users" access becomes a potential action path for an autonomous agent.

If you're an IT Director or senior IT leader at a mid-market company (200 to 1,000 employees), this is the preparation checklist you need before anyone on your team starts delegating work to an AI agent. Not just the technical toggles. The governance work that makes the difference between Cowork being a productivity tool and Cowork being a liability.

What Is Copilot Cowork and How Is It Different from Regular Copilot?

The Copilot features you're probably already using work within a single application context. You ask it to summarise an email thread in Outlook, draft a slide in PowerPoint, or analyse data in Excel. It responds to a single prompt with a single output, and you review the result before doing anything with it.

Cowork operates at a different level. You might ask it to "review this week's project updates, draft a summary for the steering committee, and schedule a follow-up meeting with anyone who flagged a blocker." Cowork will read SharePoint documents, parse Teams messages, compose an email in Outlook, and interact with your calendar. Autonomously, across applications, in sequence.

That autonomy is the key difference. Cowork doesn't just read your data; it acts on it. And it does so using the permissions of the user who initiated the task. If that user has broad access to SharePoint sites they shouldn't, Cowork inherits every bit of that access.

This is why preparation for Copilot Cowork is fundamentally a governance exercise, not a licensing exercise.

How to Join the Microsoft 365 Frontier Programme and What Copilot Cowork Costs

Copilot Cowork is currently available through the Microsoft 365 Frontier programme, which gives organisations early access to pre-release Copilot capabilities. As of late March 2026, Cowork is in Research Preview and expanding access to Frontier members.

To enrol, you need an active Microsoft 365 Copilot licence (included in E7 or available as an add-on to E3/E5). Open the Microsoft 365 admin centre, go to Settings > Org settings > Microsoft 365 Frontier, and opt in. You'll need Global Administrator or Microsoft 365 Administrator privileges to complete enrolment.

Once enrolled, Frontier features (including Cowork) become available to users in your organisation who hold Copilot licences. You can control which users get access through the standard Copilot licence assignment in the admin centre under Users > Active users, or through group-based licence assignment in Entra ID.

Don't enable Frontier for your entire organisation on day one. Assign Copilot licences to a defined pilot group first. More on that in the pilot planning section below.

How much does Copilot Cowork cost?

During Research Preview, Cowork is included with existing Copilot licences at no additional charge. If your users have Copilot (whether through E7 at $99/user/month, or the Copilot add-on at $30/user/month on top of E3/E5) they can access Cowork through the Frontier programme.

There's a nuance worth understanding, though. Cowork tasks consume compute resources, and Microsoft has introduced a Copilot Credits system with the E7 tier that governs how much AI processing your organisation can use. If you're on E7, you receive a pool of credits. If you're running Copilot as an E3/E5 add-on, the credits model may apply differently. Check your licence agreement and the Microsoft 365 admin centre under Billing > Licences for your current allocation.

For a 200-person organisation where you're initially enabling Cowork for a pilot group of 20 to 30 users, the licensing cost is already covered by your existing Copilot licences. The real cost is the governance preparation work. And that's what the rest of this guide covers.

Fix SharePoint Oversharing Before You Enable Copilot Cowork

This is the single most important preparation step. It's also the one most organisations skip.

Copilot Cowork respects SharePoint permissions exactly as they exist. If a user has access to a site, Cowork can read, reference, and act on the content in that site when working on that user's behalf. The problem: most mid-market SharePoint environments have years of accumulated permission drift. Sites shared with "Everyone except external users." Document libraries with inherited permissions that were never tightened. Teams channels created for projects that ended two years ago but still grant access to sensitive documents.

With regular Copilot, oversharing means the AI might surface a document snippet in a chat response that the user technically has access to but shouldn't. Annoying and risky, but contained.

With Cowork, oversharing means an autonomous agent might pull data from an overshared HR site into a summary email and queue it for delivery to your steering committee. The blast radius is larger because Cowork takes action, not just retrieves information.

What permissions does Copilot Cowork need to access your data?

Cowork uses the same permissions model as the user who initiated the task. If you ask Cowork to compile a report, it can access every SharePoint site, OneDrive folder, email, and Teams channel that you can access. No more, no less. The risk isn't that Cowork has special permissions. It's that your users already have too many permissions, and Cowork will actually exercise them.

How to audit and remediate oversharing

Run a SharePoint Advanced Management access review. In the SharePoint admin centre, go to Sites > Active sites, select a site, and review the sharing and permissions settings. SharePoint Advanced Management (included with E5 and E7, or as a $3/user/month add-on to E3) provides site-level access reviews and oversharing reports. Run the "Sites shared with Everyone except external users" report first. That catches the most common oversharing pattern.

Review site-level permissions systematically. For each site that appears in the oversharing report, ask yourself: should this site be accessible to the broad groups currently listed? For most mid-market organisations, the answer for HR, finance, executive, and project-sensitive sites is no. Remove broad access groups and replace them with specific security groups or Microsoft 365 groups that reflect actual need-to-know.

Check Microsoft Teams-connected sites. Every Teams team creates a SharePoint site. When team membership is broad (say, an "All Company" team), the associated SharePoint site is equally broad. Review your Teams membership and consider whether the associated SharePoint content should really be accessible to every member.

Enable sensitivity labels. If you're running E5 or E7, you have access to Microsoft Purview sensitivity labels. Apply labels to your most sensitive content. At minimum, label sites containing HR data, financial data, executive communications, and client-sensitive documents. Sensitivity labels can restrict Copilot's ability to process labelled content, adding a layer of protection beyond permissions alone.

Use Purview DSPM for AI. Go to Purview compliance portal > DSPM for AI > Recommendations to get a Copilot-specific oversharing assessment. This tool shows you which content is most at risk of being surfaced or acted on by Copilot and Cowork, and gives you prioritised remediation steps.

Not sure where your tenant stands? Floor 16's complimentary Microsoft 365 assessment gives you a clear picture of your governance posture and Copilot readiness, with actionable recommendations you can implement immediately.

For a 200-person organisation, plan for 2 to 4 days of focused audit work to review your top 20 to 30 SharePoint sites and remediate the most serious oversharing issues. You don't need to fix everything before enabling Cowork. But you need to fix the high-risk sites before your pilot group starts using it.

If your organisation is under 100 users with a relatively simple SharePoint footprint, you might get through this in a single day. The scope of the audit scales with the complexity of your environment, not with any fixed formula.

What Is Agent 365 and Do You Need It for Copilot Cowork?

Agent 365 is Microsoft's new AI agent control plane, announced alongside E7 and going GA on May 1, 2026. It provides centralised management for AI agents across your Microsoft 365 environment, including Copilot Cowork.

For Cowork specifically, Agent 365 gives you admin controls over what agents can do, which data sources they can access, and how they report their actions. Think of it as the governance layer for autonomous AI behaviour in your tenant.

If you're on E7, Agent 365 is included. If you're on E3 or E5 with the Copilot add-on, Agent 365 capabilities may be limited. Check the Microsoft 365 admin centre under Settings > Copilot > Agent management for your current options.

For the Cowork pilot phase, here are the Agent 365 settings to configure.

AI provider enablement. In the admin centre, go to Settings > Copilot > Agent 365 settings. Confirm that the AI providers your organisation wants to allow are enabled and that any you want to block are disabled. For most mid-market organisations, this means Microsoft's own models only. Disable third-party AI provider access unless you have a specific, reviewed use case.

Action logging. Enable detailed logging for Cowork actions so you can audit what the agent did, which files it accessed, and what actions it took. Go to Purview compliance portal > Audit and confirm that Copilot interaction events are being captured. This is where your pilot evaluation data comes from. You need visibility into Cowork's behaviour before expanding access.

Data boundary controls. If your organisation has data residency requirements (common in Canadian energy and professional services), configure the data boundary settings so that Cowork processes data within your required geography.

One caveat: Agent 365 is still maturing as a product. The admin controls available at GA on May 1 may not cover every governance scenario you need. If you're in a highly regulated industry, plan to revisit these settings monthly as Microsoft ships updates. The controls you have today are likely the minimum, not the ceiling.

Set Up Your Copilot Cowork Pilot Group

Don't roll Cowork out to everyone at once. A structured pilot gives you the data you need to expand access confidently and the governance evidence to justify the investment to your CFO.

Select 15 to 30 users across 3 to 4 departments. Choose users who are already comfortable with regular Copilot, who handle varied workflows (not just email), and who are willing to provide structured feedback. Include at least one user from a department with sensitive data (finance or HR, for example) to test your permission guardrails under real conditions.

Good pilot departments for mid-market companies: marketing (content creation and coordination), project management (status reports and cross-team updates), and operations (data compilation and reporting). Start with departments where the data sensitivity is manageable and the productivity gains are obvious and measurable.

Define acceptable use guidelines before day one. Your pilot users need clear guidance on what Cowork should and shouldn't be used for during the pilot. At minimum, document what types of tasks are appropriate for Cowork (drafting documents, compiling information, scheduling). Separately, document what types are off-limits during the pilot (sending external communications without review, accessing sensitive data repositories, making financial transactions). And spell out the review requirement: during the pilot, every Cowork output must be reviewed by a human before it's shared externally.

Create a feedback loop. Set up a Teams channel or shared document where pilot users log their Cowork experiences. What worked. What surprised them. What went wrong. Assign someone on your IT team to monitor this daily during the first two weeks. Review the feedback weekly as a team.

Plan for a 4 to 6 week pilot. This gives you enough time to observe Cowork behaviour across different use cases, catch permission issues that weren't obvious in the audit phase, and build confidence (or identify concerns) before broader deployment. At the end of the pilot, you should be able to answer three questions. Is the productivity gain real and measurable? Are the governance guardrails holding? What needs to change before the next group gets access?

But be realistic about what a pilot will tell you. A 20-person pilot won't surface every edge case. It gives you a baseline and a set of patterns to watch for. The first month after broader rollout will teach you just as much.

Governance Policies You Need Before Turning Copilot Cowork On

Regular Copilot required you to think about data access. Cowork requires you to think about data access plus autonomous action. That's a different governance conversation, and most existing acceptable use policies don't cover it.

Acceptable use policy for AI agents. This extends your existing acceptable use policy to cover autonomous AI behaviour. The questions to answer: Can Cowork send emails on behalf of users? Can it modify shared documents? Can it access data across departments? What's the escalation path when Cowork does something unexpected?

Data classification and sensitivity labelling. If you haven't implemented sensitivity labels yet, Cowork is the forcing function. At minimum, classify your data into tiers: public, internal, confidential, and highly confidential. Apply sensitivity labels to your SharePoint sites and document libraries accordingly. Cowork should never autonomously process highly confidential data without human review.

Audit and review cadence. Establish a regular review of Cowork activity logs. During the pilot, review weekly. Post-rollout, review monthly at minimum. Look for patterns. Is Cowork accessing sites it shouldn't? Are users delegating tasks that involve sensitive data? Are there permission gaps the agent is exploiting, even unintentionally?

Change management communication. Your employees need to understand what Cowork is, what it can do, and what the organisation's expectations are. Don't oversell it. The biggest change management mistake with AI tools is setting expectations too high. Position Cowork as a powerful assistant that needs guidance, not a replacement for human judgement. Frame it simply: "Cowork can handle the first draft. You handle the final version."

How do I fix SharePoint oversharing before enabling Copilot Cowork?

If you skipped the oversharing section above, go back and read it. This is the question you'll get from your security team, your compliance team, and your executive sponsor. The short answer: run a SharePoint Advanced Management access review, remediate "Everyone except external users" links on sensitive sites, enable sensitivity labels on high-risk content, and use Purview DSPM for AI to get a Copilot-specific risk assessment. For a 200-person org, budget 2 to 4 days of focused audit work on your top 20 to 30 sites.

Prepare Now, Deploy with Confidence

Getting your Microsoft 365 tenant ready for Copilot Cowork isn't a six-month project. For a mid-market organisation, a focused IT leader can complete the licensing check, oversharing audit, Agent 365 configuration, pilot design, and governance setup in one to two weeks. The pilot itself runs four to six weeks. By mid-May 2026, you could have a proven Copilot Cowork deployment with data to support expanding it across your organization.

The organizations that do this preparation work will get real value from Cowork. The organizations that skip it will get an autonomous AI agent that amplifies every governance gap in their tenant.

And the Frontier program is expanding access now. The window to prepare is this week, not next quarter.

If you want a structured approach to this preparation, or if you're not sure where your tenant's governance gaps are, get in touch with Floor 16. We run a complimentary Microsoft 365 assessment designed to surface exactly the readiness issues that matter for Copilot and Cowork deployment. No sales pitch. Just a clear picture of where your tenant stands and what to do about it