Microsoft Copilot processes user prompts and data using Microsoft 365 services. For organizations with strict data residency and encryption requirements, Microsoft offers Copilot with Azure Confidential Computing. This configuration adds a hardware-based trusted execution environment to protect data in use. This article explains what Azure Confidential Computing does for Copilot, which regions and plans support it, and what limitations you must consider before enabling it.
Key Takeaways: Copilot with Azure Confidential Computing Availability
- Azure Confidential Computing (ACC) with Intel SGX: Encrypts data in memory during Copilot processing, preventing cloud provider access.
- Copilot for Microsoft 365 with ACC: Available only in the European Union data boundary, specifically in the West Europe and North Europe Azure regions.
- Microsoft 365 E5 or E5 Compliance license: Required to enable Copilot with ACC, in addition to a Copilot for Microsoft 365 license.
What Azure Confidential Computing Does for Copilot
Azure Confidential Computing uses hardware-based trusted execution environments, specifically Intel Software Guard Extensions (SGX). When Copilot processes a prompt, the data is encrypted inside the CPU’s memory enclave. The cloud provider, Microsoft, cannot access the plaintext data even with administrative privileges. This addresses a key concern for organizations that must keep data encrypted at all times, including during computation.
For Copilot, ACC protects the following data flows:
- User prompts sent from Microsoft 365 apps
- Grounding data retrieved from Microsoft Graph (emails, documents, meetings)
- Model inference results returned to the user
- Any intermediate processing data within the Copilot service
The encryption happens automatically when ACC is enabled. No changes to user workflows or Copilot commands are needed. The feature is transparent to end users.
Supported Copilot Products
Azure Confidential Computing is supported only for Copilot for Microsoft 365. It does not apply to Copilot in Windows, Copilot in Bing, or Copilot in Edge. Those products run on different infrastructure and do not offer ACC as an option.
Availability Regions and Licensing Requirements
Copilot with Azure Confidential Computing is not available in all Azure regions or for all Microsoft 365 tenants. The service is restricted to the European Union data boundary. The two supported Azure regions are West Europe (Netherlands) and North Europe (Ireland).
To enable this configuration, your tenant must meet these licensing requirements:
- Microsoft 365 E5 or E5 Compliance license
Each user who will use Copilot with ACC must hold a Microsoft 365 E5 license or a Microsoft 365 E5 Compliance add-on license. E3 licenses are not sufficient. - Copilot for Microsoft 365 license
Each user also needs a Copilot for Microsoft 365 license, purchased separately or as part of a bundle. - Azure subscription with ACC capability
The tenant must have an Azure subscription that supports Confidential Computing SKUs. The Copilot service uses these Azure resources automatically.
Microsoft requires that the tenant’s default data location be set to one of the supported EU regions. If your tenant stores data in the United States or Asia, ACC for Copilot is not available.
Steps to Enable Copilot With Azure Confidential Computing
Enabling ACC for Copilot is not a toggle in the Copilot settings. It requires coordination between your Microsoft 365 admin and Azure admin. Follow these steps:
- Verify tenant data residency
Go to the Microsoft 365 admin center at admin.microsoft.com. Navigate to Settings > Org settings > Organization profile > Data location. Confirm that your tenant’s default data location is set to West Europe or North Europe. If not, you cannot enable ACC for Copilot. - Assign required licenses
In the Microsoft 365 admin center, go to Billing > Licenses. Assign Microsoft 365 E5 or E5 Compliance licenses to all users who will use Copilot with ACC. Then assign Copilot for Microsoft 365 licenses to the same users. - Submit a support request to Microsoft
ACC for Copilot is not self-service. Open a support ticket in the Microsoft 365 admin center. Under Service type, select Copilot for Microsoft 365. In the description, write: “Request to enable Azure Confidential Computing for Copilot for Microsoft 365 for tenant ID [your tenant ID].” Microsoft will validate your licensing and region eligibility. - Wait for confirmation and monitor deployment
Microsoft will respond with a timeline. After ACC is enabled, test Copilot in Word, Excel, or Teams. Verify that prompts and responses are processed within the EU data boundary. Use the Microsoft 365 Message Center to track the deployment status.
Common Limitations and Misconceptions
ACC Does Not Apply to All Copilot Features
Azure Confidential Computing protects only the core Copilot inference pipeline. Features that rely on external services are not covered. For example, Copilot plugins that call third-party APIs, the Copilot Graph connector, and web grounding (Bing search results) are not encrypted by ACC. Microsoft recommends that you disable plugins and web grounding if you require full ACC protection.
ACC Does Not Change Data Retention Policies
Data encrypted by ACC is still subject to the same retention and deletion policies as standard Copilot data. ACC does not give you the ability to delete data faster or prevent Microsoft from storing logs. Review your organization’s data retention settings in the Microsoft Purview compliance portal.
ACC Is Not Available for Copilot in Non-EU Regions
Some organizations assume they can request ACC in any Azure region. Microsoft has not announced plans to expand ACC for Copilot beyond the EU data boundary. If your tenant is in the United States, Canada, or Asia, you cannot use this feature.
Enabling ACC May Increase Latency
The encryption and decryption process inside the Intel SGX enclave adds a small processing overhead. Users may notice slightly longer response times compared to standard Copilot. Microsoft states that the latency increase is typically under 200 milliseconds for most prompts.
Copilot Standard vs Copilot With Azure Confidential Computing
| Item | Copilot Standard | Copilot With ACC |
|---|---|---|
| Data in use encryption | Software-based, visible to Microsoft | Hardware-based (Intel SGX), opaque to Microsoft |
| Supported regions | All Microsoft 365 data center regions | West Europe and North Europe only |
| Required license | Copilot for Microsoft 365 | Copilot for Microsoft 365 + Microsoft 365 E5 or E5 Compliance |
| Plugin and web grounding protection | Not encrypted | Not encrypted |
| User experience change | None | None visible to end users |
| Latency impact | Baseline | Up to 200 ms additional |
| Self-service enablement | Yes | Support ticket required |
You can now evaluate whether Copilot with Azure Confidential Computing fits your organization’s compliance needs. Start by checking your tenant’s default data location in the Microsoft 365 admin center. If you are in the EU and hold E5 licenses, submit a support request to begin the enablement process. For tenants outside the EU, consider using the Microsoft 365 Customer Lockbox feature as an alternative way to limit Microsoft’s access to your Copilot data.