Microsoft Copilot with Information Protection Double Key Encryption is a security configuration that lets you control access to encrypted content within Copilot responses. When your organization uses Double Key Encryption, standard Copilot features cannot decrypt or read protected files without a second key that you manage. This article explains how Double Key Encryption affects Copilot, what prerequisites are required, and how to verify that Copilot respects your encryption policies.
Many organizations store sensitive data in Microsoft 365 and want to use Copilot without exposing that data to unintended users. Double Key Encryption provides a solution by requiring two separate keys to decrypt content: one key managed by Microsoft and one key managed by your organization. Copilot can only generate responses from content that passes both key checks.
This article covers the technical architecture of Double Key Encryption, step-by-step configuration for Copilot, and common issues you may encounter when deploying this security layer.
Key Takeaways: Copilot and Double Key Encryption
- Double Key Encryption service in Microsoft Purview: Requires a second encryption key stored outside Microsoft 365 to decrypt protected content for Copilot.
- Microsoft 365 admin center > Compliance > Information Protection > Double Key Encryption: Central location to enable and configure the Double Key Encryption service for your tenant.
- Copilot response behavior: Copilot cannot generate responses from files encrypted with Double Key Encryption unless the user has access to both keys.
How Double Key Encryption Works With Copilot
Double Key Encryption is a feature of Microsoft Purview Information Protection. It encrypts sensitive data using two separate keys. One key is stored in Microsoft Azure and managed by Microsoft. The second key is stored in a location you control, such as an on-premises hardware security module or a third-party key management service. Without both keys, no system including Copilot can decrypt the content.
When Copilot processes a user query, it searches across Microsoft Graph data sources such as SharePoint, OneDrive, and Exchange Online. If Copilot encounters a file that is protected with Double Key Encryption, it attempts to decrypt the file using the Microsoft-managed key. If that key is available, Copilot then requests the second key from your organization-managed key store. If your key store is unreachable or the user does not have permission, Copilot cannot decrypt the file and skips it in the response.
This architecture ensures that even if an attacker gains access to Microsoft 365, they cannot read encrypted content without also compromising your separate key infrastructure. For Copilot users, this means that sensitive documents remain confidential even when Copilot generates summaries or answers.
Prerequisites for Double Key Encryption With Copilot
Before configuring Double Key Encryption for Copilot, verify the following requirements are met:
- Microsoft 365 E5 or Microsoft 365 E5 Compliance license: Double Key Encryption requires an E5 license or an equivalent add-on.
- Microsoft Purview Information Protection configured: Sensitivity labels must be created and published to users.
- Copilot for Microsoft 365 license: Each user who needs Copilot access must have a Copilot for Microsoft 365 license.
- Key management infrastructure: You must have a key store accessible via a REST API that supports the OAuth 2.0 client credentials flow. Azure Key Vault is a common choice, but you can also use an on-premises HSM with a compatible gateway.
Steps to Enable Double Key Encryption for Copilot
Follow these steps to enable Double Key Encryption and ensure Copilot respects the encryption policy.
- Create a Double Key Encryption key in Microsoft Purview
Open the Microsoft Purview compliance portal. Navigate to Information Protection > Double Key Encryption. Click Create and follow the wizard to define a new key. Provide a display name, description, and the endpoint URL for your key store. The endpoint must be an HTTPS URL that responds to the OAuth 2.0 token request. Test the connection by clicking Validate. - Configure sensitivity labels to use Double Key Encryption
Go to Information Protection > Label policies. Select an existing label or create a new one. Under Encryption, choose Double Key Encryption. Select the key you created in the previous step. Publish the label to the appropriate groups or users. Only files labeled with this setting will require both keys. - Assign the Double Key Encryption role to Copilot service principal
In the Microsoft Entra admin center, go to Enterprise applications > Copilot for Microsoft 365. Note the service principal object ID. Return to your key store and grant the decrypt permission to this service principal. This step ensures Copilot can request the second key on behalf of the user. - Test Copilot with a Double Key Encryption protected file
Upload a document to SharePoint Online. Apply a sensitivity label that uses Double Key Encryption. Open Copilot in Microsoft Teams or Word. Ask a question about the content of that file. Copilot should respond with a message that it cannot access the file. If Copilot returns content from the file, the encryption configuration is not applied correctly.
Common Issues When Using Double Key Encryption With Copilot
Copilot Returns Content From Encrypted Files
If Copilot generates responses from files protected with Double Key Encryption, the encryption label may not be applied to the file, or the label may not be configured for Double Key Encryption. Verify the label properties in Microsoft Purview. Also confirm that the file shows the Double Key Encryption icon in SharePoint. If the icon is missing, remove and reapply the label.
Copilot Fails to Respond to Any Query After Enabling Double Key Encryption
This issue occurs when the Copilot service principal does not have the decrypt permission on your key store. Check the permissions in your key management system. Ensure the service principal for Copilot for Microsoft 365 has the decrypt or unwrap key permission. If the key store is unreachable, Copilot cannot process any request that touches encrypted content.
Users Cannot Apply Double Key Encryption Labels
Users must have the Azure Information Protection unified labeling client installed or use the built-in labeling in Microsoft 365 apps. Verify that the label policy is published to the user group. Also confirm that the user has the Rights Management connector enabled in Microsoft Entra ID.
Copilot With Double Key Encryption vs Copilot With Standard Sensitivity Labels
| Item | Double Key Encryption | Standard Sensitivity Labels |
|---|---|---|
| Key management | Two keys: Microsoft-managed and customer-managed | One key: Microsoft-managed only |
| Data access control | Customer controls second key, preventing Microsoft from decrypting content | Microsoft controls decryption entirely |
| Copilot behavior | Copilot cannot decrypt files without second key from customer key store | Copilot can decrypt files if the user has the label permission |
| Required license | Microsoft 365 E5 or E5 Compliance | Microsoft 365 E3 or E5 |
| Key store dependency | Customer must maintain an HTTPS-accessible key store | No external key store required |
This comparison shows that Double Key Encryption provides stronger security for highly regulated data. Standard sensitivity labels are easier to deploy but do not prevent Microsoft from decrypting content when required by law or policy.
After configuring Double Key Encryption, you can verify that Copilot respects your encryption policies by testing with a protected file. If Copilot cannot access the file, the security layer is working as intended. For ongoing management, monitor the Microsoft Purview audit log for decryption failures. Consider deploying Double Key Encryption only on the most sensitive documents to avoid performance overhead from key store latency.