Copilot Ignores Your Company Policies? Here's the Fix

1
00:00:00,000 --> 00:00:02,440
You think Copilot is smart because it speaks confidently.

2
00:00:02,440 --> 00:00:04,520
The truth, it's a pleasant generalist that

3
00:00:04,520 --> 00:00:07,720
stalls the second your question touches your company's rules.

4
00:00:07,720 --> 00:00:11,000
You paid for a digital butler, you got an intern with Wi-Fi.

5
00:00:11,000 --> 00:00:12,120
Here's the fix.

6
00:00:12,120 --> 00:00:16,160
Bring your custom engine agent into Microsoft 365 Copilot chat.

7
00:00:16,160 --> 00:00:18,520
I'll show you the exact two-minute manifest tweak that

8
00:00:18,520 --> 00:00:21,600
unlocks it plus the guardrails to keep security teams calm.

9
00:00:21,600 --> 00:00:23,320
We'll test it against real policies,

10
00:00:23,320 --> 00:00:26,360
data loss prevention, regional SOPs and compliance,

11
00:00:26,360 --> 00:00:28,880
so you see speed, accuracy, and fewer hallucinations

12
00:00:28,880 --> 00:00:29,880
immediately.

13
00:00:29,880 --> 00:00:32,960
Let's upgrade the intern into a specialist.

14
00:00:32,960 --> 00:00:36,080
The problem, where default Copilot fails in the real world.

15
00:00:36,080 --> 00:00:36,800
Picture this.

16
00:00:36,800 --> 00:00:39,160
You ask Copilot, can I share a customer spreadsheet

17
00:00:39,160 --> 00:00:40,600
with an external vendor?

18
00:00:40,600 --> 00:00:43,040
It gives a polished paragraph on best practices,

19
00:00:43,040 --> 00:00:45,800
sprinkles in generic Microsoft 365 guidance,

20
00:00:45,800 --> 00:00:48,120
and spoiler alert says nothing about your tenant's

21
00:00:48,120 --> 00:00:49,800
data loss prevention policy.

22
00:00:49,800 --> 00:00:51,400
The average user notes shares the file

23
00:00:51,400 --> 00:00:52,600
and triggers a policy alert.

24
00:00:52,600 --> 00:00:54,840
Yes, they require restarts, pause it,

25
00:00:54,840 --> 00:00:56,960
because Microsoft is not performing magic tricks.

26
00:00:56,960 --> 00:01:00,120
Copilot cannot intuit your internal rules unless you inject them.

27
00:01:00,120 --> 00:01:01,760
Now compare that to what you actually need.

28
00:01:01,760 --> 00:01:04,120
Your security team defined a DLP policy

29
00:01:04,120 --> 00:01:07,240
with very specific conditions, customer PII over a threshold,

30
00:01:07,240 --> 00:01:09,520
financial identifiers, sharing destinations

31
00:01:09,520 --> 00:01:13,080
limited by region and exceptions for a named project code.

32
00:01:13,080 --> 00:01:15,320
Default Copilot doesn't know your exception list.

33
00:01:15,320 --> 00:01:17,320
It doesn't know your project Orion carve out.

34
00:01:17,320 --> 00:01:18,840
It can describe DLP in theory,

35
00:01:18,840 --> 00:01:20,520
it can't apply your DLP in practice.

36
00:01:20,520 --> 00:01:22,200
That gap is where incidents happen.

37
00:01:22,200 --> 00:01:24,880
Let's run a second scenario, regional SOPs.

38
00:01:24,880 --> 00:01:26,800
You ask, what's the approved escalation

39
00:01:26,800 --> 00:01:30,360
path for a servo2 outage in EMIRA after 6pm?

40
00:01:30,360 --> 00:01:33,640
Default Copilot happily cites generic ITIL principles,

41
00:01:33,640 --> 00:01:37,040
then recommends contacting the on-call team, fascinating,

42
00:01:37,040 --> 00:01:37,960
which team?

43
00:01:37,960 --> 00:01:41,320
In your org, EMIRA after hours roots to a regional vendor,

44
00:01:41,320 --> 00:01:44,320
not the core SRE rotation, there's a name distribution list,

45
00:01:44,320 --> 00:01:47,320
a paging policy, and a 20 minute acknowledgement SLA tied

46
00:01:47,320 --> 00:01:48,440
to a penalty clause.

47
00:01:48,440 --> 00:01:51,280
The generic answer is not only useless, it's dangerous.

48
00:01:51,280 --> 00:01:54,000
The clock is ticking and you're emailing the wrong queue.

49
00:01:54,000 --> 00:01:56,720
Third scenario, compliance.

50
00:01:56,720 --> 00:01:58,840
Are we allowed to email HIPAA related updates

51
00:01:58,840 --> 00:02:01,120
to patients using Outlook campaigns?

52
00:02:01,120 --> 00:02:03,840
Default Copilot will serenade you with reassuring words

53
00:02:03,840 --> 00:02:05,880
about encryption and secure handling.

54
00:02:05,880 --> 00:02:07,880
It will not recall your legal department's memo

55
00:02:07,880 --> 00:02:09,880
that mandates patient notices must go

56
00:02:09,880 --> 00:02:12,520
through the patient portal with multifactor re-auth,

57
00:02:12,520 --> 00:02:13,720
not bulk email.

58
00:02:13,720 --> 00:02:16,600
Again, general knowledge, masquerading, as authority,

59
00:02:16,600 --> 00:02:18,720
if you wanted a TED talk, you wouldn't be here.

60
00:02:18,720 --> 00:02:19,840
Why does this keep happening?

61
00:02:19,840 --> 00:02:22,240
Because out of the box, Copilot is optimized for breadth,

62
00:02:22,240 --> 00:02:23,040
not your depth.

63
00:02:23,040 --> 00:02:25,480
It's grounded by Microsoft Graph and Public Knowledge,

64
00:02:25,480 --> 00:02:27,400
which is the right default for most people,

65
00:02:27,400 --> 00:02:29,600
but the wrong default for enterprise precision.

66
00:02:29,600 --> 00:02:31,320
Think of Microsoft Graph as the skeleton,

67
00:02:31,320 --> 00:02:33,120
structure without your muscle memory.

68
00:02:33,120 --> 00:02:35,400
Your policies, SOPs and compliance interpretations

69
00:02:35,400 --> 00:02:36,600
are the tendons and nerves.

70
00:02:36,600 --> 00:02:39,120
Without them, the system moves, but clumsily.

71
00:02:39,120 --> 00:02:41,800
And the thing most people miss, hallucinations feel helpful.

72
00:02:41,800 --> 00:02:43,960
The language is coherent, the verbs are confident.

73
00:02:43,960 --> 00:02:45,080
So users trusted.

74
00:02:45,080 --> 00:02:47,920
The problem isn't that Copilot is malicious, it's oblivious.

75
00:02:47,920 --> 00:02:49,280
It doesn't know your tenant controls,

76
00:02:49,280 --> 00:02:51,040
your RRI filters, your data scopes,

77
00:02:51,040 --> 00:02:53,240
or the political landmines inside your company.

78
00:02:53,240 --> 00:02:54,880
It's not just missing a database,

79
00:02:54,880 --> 00:02:57,040
it's missing the spine of your governance.

80
00:02:57,040 --> 00:02:59,120
I watched a team waste an hour last week

81
00:02:59,120 --> 00:03:01,280
chasing a recommended approval path

82
00:03:01,280 --> 00:03:03,720
Copilot fabricated from adjacent truths.

83
00:03:03,720 --> 00:03:06,040
They had the right documents, buried in SharePoint,

84
00:03:06,040 --> 00:03:08,600
written in legalese, updated quarterly.

85
00:03:08,600 --> 00:03:10,560
Default Copilot couldn't follow the breadcrumbs

86
00:03:10,560 --> 00:03:12,440
because it didn't know which crumbs mattered.

87
00:03:12,440 --> 00:03:15,320
When this finally clicks, you stop expecting the generalist

88
00:03:15,320 --> 00:03:16,560
to behave like a specialist

89
00:03:16,560 --> 00:03:18,400
and start wiring in the specialist.

90
00:03:18,400 --> 00:03:19,920
Here's the brutal audit.

91
00:03:19,920 --> 00:03:22,520
Anywhere your question depends on local nuance.

92
00:03:22,520 --> 00:03:27,160
Exception codes, region-specific SOPs, conditional approvals,

93
00:03:27,160 --> 00:03:30,080
trade-restricted SKUs, retention schedules,

94
00:03:30,080 --> 00:03:32,080
or compensation rules.

95
00:03:32,080 --> 00:03:35,360
Default Copilot will either generalize or hallucinate.

96
00:03:35,360 --> 00:03:38,600
Both waste time, one creates risk.

97
00:03:38,600 --> 00:03:41,080
The truth, until you bring your own engine,

98
00:03:41,080 --> 00:03:43,680
your retrieval, your actions, your policies,

99
00:03:43,680 --> 00:03:45,800
Copilot will skate on the surface.

100
00:03:45,800 --> 00:03:48,160
You need an agent that can pass your policy text,

101
00:03:48,160 --> 00:03:50,400
apply your decision tree, respect your tenant boundaries,

102
00:03:50,400 --> 00:03:52,560
and answer with citations from your corpus.

103
00:03:52,560 --> 00:03:54,280
Otherwise, you're paying for premium tires

104
00:03:54,280 --> 00:03:55,640
and driving on ice.

105
00:03:55,640 --> 00:03:57,760
The fix is not a motivational speech.

106
00:03:57,760 --> 00:04:00,360
It's a two-minute manifest change that invites your specialist

107
00:04:00,360 --> 00:04:01,680
into Copilot chat.

108
00:04:01,680 --> 00:04:04,320
And yes, we're doing that next on the better method,

109
00:04:04,320 --> 00:04:06,400
custom engine agents as specialists.

110
00:04:06,400 --> 00:04:08,640
Enter the specialist, a custom engine agent.

111
00:04:08,640 --> 00:04:10,800
Not a cute plug-in, not a glorified prompt,

112
00:04:10,800 --> 00:04:13,760
a programmable colleague that speaks your organization's dialect

113
00:04:13,760 --> 00:04:15,240
because you taught it the language.

114
00:04:15,240 --> 00:04:18,240
The truth, this is how you stop Copilot from freelancing

115
00:04:18,240 --> 00:04:20,160
and started practicing policy.

116
00:04:20,160 --> 00:04:21,120
What is it precisely?

117
00:04:21,120 --> 00:04:22,800
A custom engine agent is an agent you

118
00:04:22,800 --> 00:04:25,640
build with real orchestration, semantic kernel or lang chain,

119
00:04:25,640 --> 00:04:27,440
wired into your data and your rules.

120
00:04:27,440 --> 00:04:30,480
It plans, calls, tools, keeps state,

121
00:04:30,480 --> 00:04:32,760
and returns answers grounded in your corpus.

122
00:04:32,760 --> 00:04:35,400
Think of default Copilot as the operating room.

123
00:04:35,400 --> 00:04:38,400
Your custom agent is the surgeon you credential to work there.

124
00:04:38,400 --> 00:04:39,760
No credentials, no scalpel.

125
00:04:39,760 --> 00:04:40,840
Why this works is simple.

126
00:04:40,840 --> 00:04:42,800
The thing most people miss is that authority

127
00:04:42,800 --> 00:04:45,960
comes from three ingredients, retrieval, actions, and guardrails.

128
00:04:45,960 --> 00:04:48,960
Retrieval gives the agent memory beyond vibes.

129
00:04:48,960 --> 00:04:50,640
Actions let it do real work.

130
00:04:50,640 --> 00:04:54,080
Hit an API, query a system, generate a report.

131
00:04:54,080 --> 00:04:56,880
Guardrails keep it inside the lines, tenant controls,

132
00:04:56,880 --> 00:04:59,320
responsible AI filters, and data scopes,

133
00:04:59,320 --> 00:05:01,480
so it never wanders into places it shouldn't.

134
00:05:01,480 --> 00:05:03,680
Let me show you exactly how the specialist is assembled.

135
00:05:03,680 --> 00:05:04,760
First, retrieval.

136
00:05:04,760 --> 00:05:07,280
You connect Azure AI search to your governed content,

137
00:05:07,280 --> 00:05:10,800
SOPs, policy pages, legal memos, DLP rule descriptions,

138
00:05:10,800 --> 00:05:11,640
and change logs.

139
00:05:11,640 --> 00:05:13,960
Use hybrid search, vector plus keyword,

140
00:05:13,960 --> 00:05:16,000
because your users ask messy questions

141
00:05:16,000 --> 00:05:18,160
and your documents use precise terms.

142
00:05:18,160 --> 00:05:21,400
The agent decomposes the query, pulls targeted chunks,

143
00:05:21,400 --> 00:05:23,200
and returns answers with citations.

144
00:05:23,200 --> 00:05:24,760
If you remember nothing else, citations

145
00:05:24,760 --> 00:05:26,920
are the antidote to hallucinations.

146
00:05:26,920 --> 00:05:29,960
Second, reasoning and orchestration.

147
00:05:29,960 --> 00:05:34,680
With semantic kernel, you define plug-ins, skills that encapsulate tasks.

148
00:05:34,680 --> 00:05:37,720
Get DLP exception list, resolve regional escalation,

149
00:05:37,720 --> 00:05:39,320
check retention schedule.

150
00:05:39,320 --> 00:05:41,720
The planner can chain these based on the question.

151
00:05:41,720 --> 00:05:44,160
Lang chain does the same with tools and chains

152
00:05:44,160 --> 00:05:46,440
if you prefer more open architecture.

153
00:05:46,440 --> 00:05:50,040
Either way, you get a repeatable flow instead of improv theater.

154
00:05:50,040 --> 00:05:51,600
Third, actions.

155
00:05:51,600 --> 00:05:53,600
Retrieval is nice, action is value.

156
00:05:53,600 --> 00:05:57,160
Your agent can call internal APIs to validate an exception code,

157
00:05:57,160 --> 00:05:59,200
check who's on call in a mere tonight,

158
00:05:59,200 --> 00:06:02,400
or verify that a patient notification channel is approved.

159
00:06:02,400 --> 00:06:06,960
The shortcut nobody teaches, tiny boring actions drive massive accuracy.

160
00:06:06,960 --> 00:06:09,240
A single validate project code tool

161
00:06:09,240 --> 00:06:13,080
can collapse paragraphs of uncertainty into a one-line answer.

162
00:06:13,080 --> 00:06:15,000
Now guardrails, before we continue,

163
00:06:15,000 --> 00:06:19,200
you need to understand this, or you'll get blocked by security in 20 minutes.

164
00:06:19,200 --> 00:06:21,320
Tenant controls determine where the agent can run

165
00:06:21,320 --> 00:06:22,880
and what data it can touch.

166
00:06:22,880 --> 00:06:25,400
Data scopes, restrict indices, and repositories

167
00:06:25,400 --> 00:06:27,960
by department, region, and sensitivity.

168
00:06:27,960 --> 00:06:30,760
Our eye filters handle content safety and prompt hygiene.

169
00:06:30,760 --> 00:06:33,040
Compare that to letting a new hire roam your file shares

170
00:06:33,040 --> 00:06:36,160
because they ask nicely, no, you scope them, you monitor them,

171
00:06:36,160 --> 00:06:37,240
you log them.

172
00:06:37,240 --> 00:06:37,960
Same here.

173
00:06:37,960 --> 00:06:40,720
Observability and access boundaries are not optional.

174
00:06:40,720 --> 00:06:43,000
Once you nail that, everything else clicks.

175
00:06:43,000 --> 00:06:44,640
The agent doesn't guess at DLP.

176
00:06:44,640 --> 00:06:48,080
It reads your DLP artifact, checks the exception list, and returns.

177
00:06:48,080 --> 00:06:50,280
No, external sharing is blocked for PII

178
00:06:50,280 --> 00:06:52,520
unless Project Orion Exemption is active.

179
00:06:52,520 --> 00:06:53,800
Open a request here.

180
00:06:53,800 --> 00:06:57,920
For regional SOPs, it uses time, region, and severity as parameters,

181
00:06:57,920 --> 00:07:02,840
then cites the exact page that names the after-hours vendor and the 20-minute SLA.

182
00:07:02,840 --> 00:07:06,200
For HIPPA notices, it calls the policy endpoint and replies,

183
00:07:06,200 --> 00:07:10,360
use the patient portal, MFA-inforced, bulk email is prohibited,

184
00:07:10,360 --> 00:07:13,200
with the legal memo link, Confidence with Receipts.

185
00:07:13,200 --> 00:07:15,480
The game changer nobody talks about is ownership.

186
00:07:15,480 --> 00:07:17,960
With a custom engine agent, you control the model choice,

187
00:07:17,960 --> 00:07:20,680
the retrieval settings, the action contracts, and the logging.

188
00:07:20,680 --> 00:07:24,360
You can swap GPT variants, tune chunking, re-rank results,

189
00:07:24,360 --> 00:07:25,520
and instrument every step.

190
00:07:25,520 --> 00:07:28,360
That's how you get speed, accuracy, and reduced hallucinations

191
00:07:28,360 --> 00:07:30,000
without praying to the demo gods.

192
00:07:30,000 --> 00:07:32,520
And yes, you still want co-pilot's UX and discovery.

193
00:07:32,520 --> 00:07:33,520
That's where we're headed.

194
00:07:33,520 --> 00:07:36,840
The two-minute manifest tweak that gives your specialist a seat in co-pilot chat,

195
00:07:36,840 --> 00:07:41,000
so users ask one assistant and the right brain answers, you build a surgeon,

196
00:07:41,000 --> 00:07:43,520
then you badge it into the operating room.

197
00:07:43,520 --> 00:07:46,160
The two-minute manifest tweak that unlocks co-pilot chat.

198
00:07:46,160 --> 00:07:48,080
Okay, surgeon built, now we badge them in.

199
00:07:48,080 --> 00:07:50,080
This is the two-minute tweak everyone skips,

200
00:07:50,080 --> 00:07:52,840
then wonders why their agent only shows up in teams.

201
00:07:52,840 --> 00:07:56,440
It's not magic, it's the manifest, the apps passport, update the passport,

202
00:07:56,440 --> 00:07:58,800
the border agent waves you through, refuse,

203
00:07:58,800 --> 00:08:01,160
and you stay in the lobby with the average users.

204
00:08:01,160 --> 00:08:02,720
Step one, bump the schema.

205
00:08:02,720 --> 00:08:05,280
Open your app manifest JSON, find the schema reference,

206
00:08:05,280 --> 00:08:09,200
and update it to version 1.22, not 120, not latest.

207
00:08:09,200 --> 00:08:13,600
1.22, the truth, co-pilot chat looks for capabilities that only exist in that schema.

208
00:08:13,600 --> 00:08:17,040
If the schema's older, your agent can be perfect and still get ignored,

209
00:08:17,040 --> 00:08:19,040
you called it the cloud.

210
00:08:19,040 --> 00:08:21,880
Incorrect, it's a distributed rules engine,

211
00:08:21,880 --> 00:08:24,640
and the schema is how you speak those rules.

212
00:08:24,640 --> 00:08:27,880
Step two, tell co-pilot you are, in fact, a co-pilot agent.

213
00:08:27,880 --> 00:08:31,360
In the capabilities section for your bot at the co-pilot agent tags,

214
00:08:31,360 --> 00:08:34,360
you'll see a capabilities array include co-pilot agents,

215
00:08:34,360 --> 00:08:38,440
and if you're bringing your own orchestration, declare custom engine agents.

216
00:08:38,440 --> 00:08:39,680
This is the identity badge.

217
00:08:39,680 --> 00:08:43,600
Without it, co-pilot assumes you're just here for team's small talk and adaptive cards.

218
00:08:43,600 --> 00:08:46,920
With it, co-pilot routes relevant chats to your specialist.

219
00:08:46,920 --> 00:08:49,400
Inside the same experience, users already live in.

220
00:08:49,400 --> 00:08:51,160
Step three, conversation starters.

221
00:08:51,160 --> 00:08:54,400
Still in 1.22, you can define up to 12 localized prompts.

222
00:08:54,400 --> 00:08:55,600
Use them.

223
00:08:55,600 --> 00:08:57,840
Ask about DLP sharing exceptions.

224
00:08:57,840 --> 00:09:00,120
Check Emia after our escalation.

225
00:09:00,120 --> 00:09:02,440
Verify HIPAA notification channel.

226
00:09:02,440 --> 00:09:03,760
These aren't decorative.

227
00:09:03,760 --> 00:09:07,840
They are discovery beacons that teach users what the agent is good at.

228
00:09:07,840 --> 00:09:10,920
Fewer aimless prompts, fewer hallucinations higher accuracy.

229
00:09:10,920 --> 00:09:14,160
Yes, this is how you train humans without making them read a manual.

230
00:09:14,160 --> 00:09:16,640
Step four, actions.

231
00:09:16,640 --> 00:09:21,240
The updated schema lets you enumerate richer actions your agent can invoke.

232
00:09:21,240 --> 00:09:24,080
Your internal APIs, your policy lookup endpoints,

233
00:09:24,080 --> 00:09:26,960
declare them cleanly with parameters and descriptions.

234
00:09:26,960 --> 00:09:28,640
Co-pilot uses this to plan.

235
00:09:28,640 --> 00:09:30,280
If you leave it blank, it guesses.

236
00:09:30,280 --> 00:09:32,480
When software guesses, people file tickets.

237
00:09:32,480 --> 00:09:33,680
Now, packaging.

238
00:09:33,680 --> 00:09:37,600
Zip the app with the updated manifest and deploy it the way you normally do.

239
00:09:37,600 --> 00:09:39,920
Teams admin center or your app catalog.

240
00:09:39,920 --> 00:09:41,760
Here's the test most people miss.

241
00:09:41,760 --> 00:09:45,240
In co-pilot chat, start typing a scenario your agent owns.

242
00:09:45,240 --> 00:09:49,840
You should see your agent offered as a participant or invoked in line based on triggers.

243
00:09:49,840 --> 00:09:54,480
If you don't, you either forgot the tags, bot ID mismatch, or your tenant controls are blocking

244
00:09:54,480 --> 00:09:55,480
the channel.

245
00:09:55,480 --> 00:09:57,480
Yes, tenant controls exist.

246
00:09:57,480 --> 00:09:59,080
No you can't wish them away.

247
00:09:59,080 --> 00:10:00,400
Verification is simple.

248
00:10:00,400 --> 00:10:02,280
Ask the three scenarios we said earlier.

249
00:10:02,280 --> 00:10:06,240
You want answers with citations from your corpus, not generic platitudes.

250
00:10:06,240 --> 00:10:07,480
Watch for latency.

251
00:10:07,480 --> 00:10:12,680
Schema 1.22 plus the right capabilities cuts routing friction so responses land faster.

252
00:10:12,680 --> 00:10:17,720
If it still feels sluggish, that's your retrieval settings, not the manifest.

253
00:10:17,720 --> 00:10:19,360
Common mistakes to avoid.

254
00:10:19,360 --> 00:10:23,840
Leaving the app scope to teams only, forgetting localization, omitting security attestations

255
00:10:23,840 --> 00:10:26,080
and deploying to the wrong environment.

256
00:10:26,080 --> 00:10:28,640
Also don't add every capability because you can.

257
00:10:28,640 --> 00:10:29,880
Precision beats maximalism.

258
00:10:29,880 --> 00:10:32,760
Declare what you actually support and log everything.

259
00:10:32,760 --> 00:10:36,960
Once you nail this, your specialist sits inside co-pilot chat like it always belonged

260
00:10:36,960 --> 00:10:37,960
there.

261
00:10:37,960 --> 00:10:39,480
Same UI, different brain.

262
00:10:39,480 --> 00:10:44,440
And yes, we're about to wrap guard rails around it so your security team doesn't faint.

263
00:10:44,440 --> 00:10:45,440
Implementation.

264
00:10:45,440 --> 00:10:48,200
Build, deploy, verify, end to end.

265
00:10:48,200 --> 00:10:49,200
Let's do the end to end.

266
00:10:49,200 --> 00:10:50,200
No hand waving.

267
00:10:50,200 --> 00:10:55,080
You'll build the specialist with real retrieval and actions, package it with the 1.22 manifest,

268
00:10:55,080 --> 00:10:59,360
deploy to your tenant and verify against DLP, regional SOPs and compliance.

269
00:10:59,360 --> 00:11:02,120
You'll see speed, accuracy, and fewer hallucinations.

270
00:11:02,120 --> 00:11:04,280
Not because we prayed, but because we engineered.

271
00:11:04,280 --> 00:11:05,280
Build.

272
00:11:05,280 --> 00:11:06,280
Part 1.

273
00:11:06,280 --> 00:11:07,280
Build.

274
00:11:07,280 --> 00:11:10,360
Create an Azure AI search index for your governed content.

275
00:11:10,360 --> 00:11:16,240
DLP policy docs, exception procedures, regional SOPs, legal memos, and change logs, use hybrid

276
00:11:16,240 --> 00:11:19,200
search, vector plus keyword, and enable semantic ranking.

277
00:11:19,200 --> 00:11:23,520
Chunk documents by headings with overlaps of context survives boundaries, store citations

278
00:11:23,520 --> 00:11:28,420
with persistent IDs, configure enrichment to extract key entities like project codes,

279
00:11:28,420 --> 00:11:33,480
regions, severities and distribution lists because spoiler alert your users ask in those terms.

280
00:11:33,480 --> 00:11:37,440
Index updates, automate them, a stale index is how yesterday's policy becomes today's

281
00:11:37,440 --> 00:11:38,440
incident.

282
00:11:38,440 --> 00:11:39,440
Build.

283
00:11:39,440 --> 00:11:40,440
Part 2.

284
00:11:40,440 --> 00:11:41,840
Orchestration that doesn't improvise.

285
00:11:41,840 --> 00:11:46,480
In semantic kernel, define plugins, get DLP exceptions, project code, resolve escalation,

286
00:11:46,480 --> 00:11:50,320
region severity, local time, check notice channel policy area.

287
00:11:50,320 --> 00:11:56,040
Give each plugin narrow testable behavior and return structured outputs, objects, not essays.

288
00:11:56,040 --> 00:12:00,240
Wrap as your AI search as a retriever with agente query planning turned on.

289
00:12:00,240 --> 00:12:05,480
Decompose complex prompts into subquaries, fan out, gather top-k, re-rank, synthesize

290
00:12:05,480 --> 00:12:08,040
with citations, set a conservative temperature.

291
00:12:08,040 --> 00:12:09,560
You want answers, not poetry.

292
00:12:09,560 --> 00:12:14,120
If you prefer lang chain tools and a graph-based agent do the same job, just apply the same discipline,

293
00:12:14,120 --> 00:12:17,000
typed outputs, defensive defaults, exhaustive logging.

294
00:12:17,000 --> 00:12:18,000
Build.

295
00:12:18,000 --> 00:12:19,000
Part 3.

296
00:12:19,000 --> 00:12:21,080
Actions that collapse uncertainty.

297
00:12:21,080 --> 00:12:22,720
Connect to your internal APIs.

298
00:12:22,720 --> 00:12:27,800
The DLP exception registry, the on-call schedule service and the compliance policy endpoint,

299
00:12:27,800 --> 00:12:31,960
protect them with managed identities and scope permissions to the agent service principle.

300
00:12:31,960 --> 00:12:35,680
Add a tiny boring tool, validate project code, project code.

301
00:12:35,680 --> 00:12:37,720
It returns true or false and a reason.

302
00:12:37,720 --> 00:12:41,560
That single boolean cuts paragraphs of hedging into a definitive sentence.

303
00:12:41,560 --> 00:12:45,600
The thing most people miss is that one or two high signal calls beat five pages of speculative

304
00:12:45,600 --> 00:12:50,280
reasoning, guardrails because you like your job, enable tenant controls, so the app is

305
00:12:50,280 --> 00:12:53,080
available only in approved environments.

306
00:12:53,080 --> 00:12:55,000
Restrict data scopes.

307
00:12:55,000 --> 00:12:59,240
The agent's retriever touches only the indices it needs, no wandering through HR files

308
00:12:59,240 --> 00:13:01,440
because someone typed benefits.

309
00:13:01,440 --> 00:13:05,720
Turn on Rye filters appropriate for your content, profanity, sensitive terms and jailbreak

310
00:13:05,720 --> 00:13:06,720
defense.

311
00:13:06,720 --> 00:13:10,960
Instrument everything, trace IDs across retrieval, tools and synthesis, log prompts and responses

312
00:13:10,960 --> 00:13:14,240
with reduction, emit metrics for latency and hit rates.

313
00:13:14,240 --> 00:13:18,720
If security asks for an audit trail and you shrug, you will lose this program in the meeting.

314
00:13:18,720 --> 00:13:23,400
Now package, update the manifest schema to 1.22 at copilot agents and if you're bringing

315
00:13:23,400 --> 00:13:27,200
your own orchestration, custom engine agents and capabilities.

316
00:13:27,200 --> 00:13:33,200
Define conversation status, 12 max localized, declare actions with parameters and descriptions.

317
00:13:33,200 --> 00:13:35,640
Include security attestations if your org requires them.

318
00:13:35,640 --> 00:13:37,560
Map your bot ID correctly.

319
00:13:37,560 --> 00:13:40,920
Production is not your devgoid, zip the app with icon privacy and terms.

320
00:13:40,920 --> 00:13:41,920
This is not busy work.

321
00:13:41,920 --> 00:13:46,160
This is the difference between visible in copilot and why can't I find it.

322
00:13:46,160 --> 00:13:49,160
Deploy via team's admin center or your app catalog.

323
00:13:49,160 --> 00:13:53,960
Go up to a pilot group first, operations and compliance champions who will actually use it.

324
00:13:53,960 --> 00:13:56,640
Verify tenant-wide settings for copilot extensibility.

325
00:13:56,640 --> 00:14:00,480
If your admin disabled external plugins and agent channels, your specialist will sit outside

326
00:14:00,480 --> 00:14:03,440
like a locked out surgeon, install for pilot users.

327
00:14:03,440 --> 00:14:07,840
In copilot chat, your agent should appear as an available participant and as inline invocation

328
00:14:07,840 --> 00:14:08,920
on relevant prompts.

329
00:14:08,920 --> 00:14:13,760
If it doesn't, check capabilities, app permission policies and bot messaging endpoints.

330
00:14:13,760 --> 00:14:16,640
Copilot doesn't guess your intent, it reads your manifest.

331
00:14:16,640 --> 00:14:18,040
Time for the three proof tests.

332
00:14:18,040 --> 00:14:23,000
One, DLP, ask, can I share this customer spreadsheet with our external vendor?

333
00:14:23,000 --> 00:14:25,080
Provide a fake path and a project code.

334
00:14:25,080 --> 00:14:26,280
Expect, no.

335
00:14:26,280 --> 00:14:30,480
External sharing of PII is blocked unless project Orion exemption is active.

336
00:14:30,480 --> 00:14:32,000
Status, inactive.

337
00:14:32,000 --> 00:14:33,200
Request exemption here.

338
00:14:33,200 --> 00:14:36,960
With a link and citations to the DLP policy and exception runbook.

339
00:14:36,960 --> 00:14:38,240
That is accuracy plus action.

340
00:14:38,240 --> 00:14:42,160
If it hedges, your validate project code tool is missing or your retriever couldn't find

341
00:14:42,160 --> 00:14:43,160
the exception policy.

342
00:14:43,160 --> 00:14:44,960
Two, regional SO piece.

343
00:14:44,960 --> 00:14:46,720
It's 1910 CET, save two in MIR.

344
00:14:46,720 --> 00:14:47,960
Who do I page?

345
00:14:47,960 --> 00:14:51,800
To the vendor's on call name, the escalation channel and the 20 minute SLA with citations

346
00:14:51,800 --> 00:14:54,680
to the SOP page and an action button to page now.

347
00:14:54,680 --> 00:14:59,000
Latency should be crisp, agentic retrieval with hybrid search and planar beats meandering

348
00:14:59,000 --> 00:15:00,080
chat.

349
00:15:00,080 --> 00:15:03,520
If it suggests contact the on call team, congratulations.

350
00:15:03,520 --> 00:15:05,480
You routed back to generic copilot.

351
00:15:05,480 --> 00:15:08,400
Check your capability tags and channel availability.

352
00:15:08,400 --> 00:15:10,040
Three, compliance.

353
00:15:10,040 --> 00:15:12,480
Can we email HIPAA updates with Outlook campaigns?

354
00:15:12,480 --> 00:15:13,480
Expect, no.

355
00:15:13,480 --> 00:15:14,800
Use patient portal with MFA?

356
00:15:14,800 --> 00:15:18,400
Bulk email prohibited with the legal memo citation and the service link.

357
00:15:18,400 --> 00:15:22,740
If you get a milk toast lecture on encryption, your index is wrong or your policy doc isn't

358
00:15:22,740 --> 00:15:24,240
authoritative in ranking.

359
00:15:24,240 --> 00:15:25,240
Tune re-ranking.

360
00:15:25,240 --> 00:15:27,880
Raise weight on compliance source of truth.

361
00:15:27,880 --> 00:15:28,880
Measure outcomes.

362
00:15:28,880 --> 00:15:32,680
Speed, compare default copilot's time to answer to the specialists.

363
00:15:32,680 --> 00:15:36,800
You should see fewer back and forths and lower end to end latency because the planar pulls

364
00:15:36,800 --> 00:15:38,200
exactly what's needed.

365
00:15:38,200 --> 00:15:41,360
Accuracy, sample answers for citations and correctness.

366
00:15:41,360 --> 00:15:42,760
Hallucinations.

367
00:15:42,760 --> 00:15:43,760
Track answers.

368
00:15:43,760 --> 00:15:46,680
Ranking citations and reduce them over time.

369
00:15:46,680 --> 00:15:50,240
Raise retrieval K, improve chunking at a disambiguation prompt.

370
00:15:50,240 --> 00:15:51,240
Itterate weekly.

371
00:15:51,240 --> 00:15:52,920
This is software not a statue.

372
00:15:52,920 --> 00:15:53,920
Final checklist.

373
00:15:53,920 --> 00:15:55,560
Schema 1.22 present.

374
00:15:55,560 --> 00:15:57,760
Copilot, agents and custom.

375
00:15:57,760 --> 00:15:59,400
Engine agents declared.

376
00:15:59,400 --> 00:16:01,000
Conversation status localized.

377
00:16:01,000 --> 00:16:02,480
Actions defined with parameters.

378
00:16:02,480 --> 00:16:03,960
Tenant controls configured.

379
00:16:03,960 --> 00:16:05,160
Data scopes enforced.

380
00:16:05,160 --> 00:16:06,560
RI filters active.

381
00:16:06,560 --> 00:16:07,560
Locks flowing.

382
00:16:07,560 --> 00:16:08,800
And three scenario tests.

383
00:16:08,800 --> 00:16:10,720
Passing with citations and links.

384
00:16:10,720 --> 00:16:12,720
Test that's green rollout beyond the pilot.

385
00:16:12,720 --> 00:16:14,480
Same UI, different brain.

386
00:16:14,480 --> 00:16:16,480
The intern just graduated.

387
00:16:16,480 --> 00:16:17,480
Proof?

388
00:16:17,480 --> 00:16:18,480
DLP policy.

389
00:16:18,480 --> 00:16:19,480
Regional SOPs.

390
00:16:19,480 --> 00:16:20,480
Compliance.

391
00:16:20,480 --> 00:16:21,480
Before versus after.

392
00:16:21,480 --> 00:16:22,840
Let's do the side by side.

393
00:16:22,840 --> 00:16:23,840
Same questions.

394
00:16:23,840 --> 00:16:25,160
Same users.

395
00:16:25,160 --> 00:16:26,920
Different brain.

396
00:16:26,920 --> 00:16:27,920
Case 1.

397
00:16:27,920 --> 00:16:29,240
DLP policy.

398
00:16:29,240 --> 00:16:30,800
Before default copilot.

399
00:16:30,800 --> 00:16:34,280
You ask, can I share a customer spreadsheet with an external vendor?

400
00:16:34,280 --> 00:16:38,680
It produces a smooth essay about safe sharing, labels and general DLP concepts.

401
00:16:38,680 --> 00:16:42,440
No mention of your exception list, no project Orion, no link to your runbook.

402
00:16:42,440 --> 00:16:47,120
The user nods, shares anyway, triggers an alert, and now security is babysitting cleanup.

403
00:16:47,120 --> 00:16:50,320
After the specialist, same prompt plus a project code.

404
00:16:50,320 --> 00:16:51,320
Response.

405
00:16:51,320 --> 00:16:55,520
No PII external sharing is blocked unless exemption project Orion is active.

406
00:16:55,520 --> 00:16:58,120
Current status inactive, submit exemption at requests.

407
00:16:58,120 --> 00:16:59,120
DLP exemption.

408
00:16:59,120 --> 00:17:00,120
Approval.

409
00:17:00,120 --> 00:17:01,120
Data protection office.

410
00:17:01,120 --> 00:17:02,120
C. DLP policy.

411
00:17:02,120 --> 00:17:03,640
Favore 3.2 and exception.

412
00:17:03,640 --> 00:17:04,640
Runbook.

413
00:17:04,640 --> 00:17:05,640
Favore 0.1.

414
00:17:05,640 --> 00:17:06,640
Two citations.

415
00:17:06,640 --> 00:17:07,640
One action.

416
00:17:07,640 --> 00:17:08,640
Zero poetry.

417
00:17:08,640 --> 00:17:10,680
Agent doesn't negotiate with ambiguity.

418
00:17:10,680 --> 00:17:15,000
It calls validate project code, checks the exception registry and answers with receipts.

419
00:17:15,000 --> 00:17:19,840
Accuracy improves because retrieval narrows to your indexed DLP artifacts and hallucinations

420
00:17:19,840 --> 00:17:23,120
plummet because the answer template requires citations to ship.

421
00:17:23,120 --> 00:17:24,120
Case 2.

422
00:17:24,120 --> 00:17:25,760
Regional SOPs after hours.

423
00:17:25,760 --> 00:17:26,760
Before default copilot.

424
00:17:26,760 --> 00:17:28,960
It's 1910 CET-72 in Emia.

425
00:17:28,960 --> 00:17:29,960
Who do I page?

426
00:17:29,960 --> 00:17:33,160
It responds with ITIL platitudes and contact the on-call team.

427
00:17:33,160 --> 00:17:34,160
Which one?

428
00:17:34,160 --> 00:17:35,160
How?

429
00:17:35,160 --> 00:17:36,160
Silence.

430
00:17:36,160 --> 00:17:37,160
Minutes pass.

431
00:17:37,160 --> 00:17:38,160
After.

432
00:17:38,160 --> 00:17:39,160
The specialist.

433
00:17:39,160 --> 00:17:42,920
It's 1910 CET-72 in Emia.

434
00:17:42,920 --> 00:17:43,920
Response.

435
00:17:43,920 --> 00:17:48,560
Page Emia vendor ops via Emia vendor SV2R-D.

436
00:17:48,560 --> 00:17:49,560
SLA.

437
00:17:49,560 --> 00:17:51,320
Acknowledge in 20 minutes.

438
00:17:51,320 --> 00:17:53,280
Escalate to duty manager if no arc.

439
00:17:53,280 --> 00:17:56,400
Use page now to send incident template.

440
00:17:56,400 --> 00:17:57,400
Citations.

441
00:17:57,400 --> 00:18:00,560
Emia SOP R2.3 and after hours playbook are for 1.1.

442
00:18:00,560 --> 00:18:01,560
The model didn't guess.

443
00:18:01,560 --> 00:18:02,560
It read your SOP.

444
00:18:02,560 --> 00:18:07,440
Use time and region as parameters and surface the exact channel plus the SLA.

445
00:18:07,440 --> 00:18:09,040
Speed 1 message to action.

446
00:18:09,040 --> 00:18:10,040
Accuracy.

447
00:18:10,040 --> 00:18:12,680
The name distribution list and escalation rule.

448
00:18:12,680 --> 00:18:13,840
Reduced hallucinations.

449
00:18:13,840 --> 00:18:17,040
No invented teams because the tool verified on call data.

450
00:18:17,040 --> 00:18:18,040
Case 3.

451
00:18:18,040 --> 00:18:19,040
HIPAA communications.

452
00:18:19,040 --> 00:18:20,640
Before default copilot.

453
00:18:20,640 --> 00:18:23,840
Can we email HIPAA updates using Outlook campaigns?

454
00:18:23,840 --> 00:18:25,240
It drifts into encryption.

455
00:18:25,240 --> 00:18:26,240
Data handling.

456
00:18:26,240 --> 00:18:28,080
Maybe suggest secure email.

457
00:18:28,080 --> 00:18:32,280
The average user interprets that as sure if careful as legal screams later.

458
00:18:32,280 --> 00:18:33,960
After the specialist.

459
00:18:33,960 --> 00:18:34,960
No.

460
00:18:34,960 --> 00:18:37,280
Patient notices require the patient portal with MFA.

461
00:18:37,280 --> 00:18:39,120
Bulk email is prohibited.

462
00:18:39,120 --> 00:18:42,760
Citations legal memo HIPAA comes our 5 and patient notice policy R2.

463
00:18:42,760 --> 00:18:43,760
Link.

464
00:18:43,760 --> 00:18:45,200
Open portal notice workflow.

465
00:18:45,200 --> 00:18:49,640
The agent calls the policy endpoint retrieves the governing memo and returns a crisp decision

466
00:18:49,640 --> 00:18:51,200
with a compliant path.

467
00:18:51,200 --> 00:18:52,200
Notice the pattern.

468
00:18:52,200 --> 00:18:53,920
Before is plausible narration.

469
00:18:53,920 --> 00:18:54,920
After is constrained.

470
00:18:54,920 --> 00:18:55,920
Decisioning.

471
00:18:55,920 --> 00:18:56,920
With sources and actions.

472
00:18:56,920 --> 00:19:00,920
That's why speed accuracy and fewer hallucinations show up together.

473
00:19:00,920 --> 00:19:04,560
It comes from a genetic retrieval plus tiny high signal tools.

474
00:19:04,560 --> 00:19:08,120
Accuracy comes from scoping to your indices and verifying with APIs.

475
00:19:08,120 --> 00:19:11,960
hallucinations drop because every final sentence has to stand on a citation.

476
00:19:11,960 --> 00:19:13,880
Let's quantify without the hand waving.

477
00:19:13,880 --> 00:19:14,880
Latency.

478
00:19:14,880 --> 00:19:18,680
Default copilot often needs 2 or 3 clarifying turns to stumble towards specificity.

479
00:19:18,680 --> 00:19:22,860
The specialist lands in 1 because the planner decomposes the prompt policy exception

480
00:19:22,860 --> 00:19:25,360
routing and fetches exactly those chunks.

481
00:19:25,360 --> 00:19:26,360
Token waste shrinks.

482
00:19:26,360 --> 00:19:28,400
The clock stops sooner.

483
00:19:28,400 --> 00:19:29,400
Detection rate.

484
00:19:29,400 --> 00:19:31,960
With default users correct the assistant or each other.

485
00:19:31,960 --> 00:19:35,400
With the specialist corrections become rare because the automation points to the single

486
00:19:35,400 --> 00:19:37,120
source of truth.

487
00:19:37,120 --> 00:19:38,520
Incident deflection.

488
00:19:38,520 --> 00:19:41,920
Support tickets about who do I page or is this allowed e?

489
00:19:41,920 --> 00:19:45,760
Decrease because the action buttons take people directly into the sanctioned workflow.

490
00:19:45,760 --> 00:19:47,840
Failure modes because reality exists.

491
00:19:47,840 --> 00:19:50,040
If after looks like before generic answers.

492
00:19:50,040 --> 00:19:52,560
You miss scoped data or forgot capability tags.

493
00:19:52,560 --> 00:19:54,640
So copilot never invoked your agent.

494
00:19:54,640 --> 00:19:58,200
If citations point to stale docs your index refresh is broken.

495
00:19:58,200 --> 00:20:01,600
If latency spikes your retriever is fishing too broadly.

496
00:20:01,600 --> 00:20:04,120
Tune hybrid search weights and re-ranker.

497
00:20:04,120 --> 00:20:07,560
And if a user still finds a hallucination, raise the citation threshold.

498
00:20:07,560 --> 00:20:09,280
No citation, no claim.

499
00:20:09,280 --> 00:20:10,280
Same UI.

500
00:20:10,280 --> 00:20:11,960
Different brain, that's the proof.

501
00:20:11,960 --> 00:20:14,480
Operations, life cycle, governance and scale.

502
00:20:14,480 --> 00:20:15,640
You build one specialist.

503
00:20:15,640 --> 00:20:17,760
Now act like an adult and run the program.

504
00:20:17,760 --> 00:20:19,160
Life cycle first.

505
00:20:19,160 --> 00:20:20,560
Version your agent like software.

506
00:20:20,560 --> 00:20:22,640
Vnext in dev, promotion to test.

507
00:20:22,640 --> 00:20:24,760
Then production via release tags.

508
00:20:24,760 --> 00:20:27,160
Componentize topics in action so you can reuse them.

509
00:20:27,160 --> 00:20:29,040
No copy-based policies.

510
00:20:29,040 --> 00:20:30,440
Automate evaluation.

511
00:20:30,440 --> 00:20:33,800
Regression prompts for DLP, SOP and compliance.

512
00:20:33,800 --> 00:20:36,560
Fail the build on citation drift or rising latency.

513
00:20:36,560 --> 00:20:39,160
Governance, scope identities with least privilege.

514
00:20:39,160 --> 00:20:42,160
Tie indices to data classifications and regions.

515
00:20:42,160 --> 00:20:44,600
EMEA agent doesn't see APAC records.

516
00:20:44,600 --> 00:20:47,760
Turn on audit, trace IDs, action logs retrieval sources.

517
00:20:47,760 --> 00:20:52,080
Security once at a stations, document models, actions, data flows and RAI filters.

518
00:20:52,080 --> 00:20:54,360
Publish risk notes for every new capability.

519
00:20:54,360 --> 00:20:56,440
Scale, treat adoption like product.

520
00:20:56,440 --> 00:20:58,720
Lead conversation status by persona.

521
00:20:58,720 --> 00:21:01,760
Monitor question coverage and add actions where user stall.

522
00:21:01,760 --> 00:21:07,520
Cost control, cap tool invocations, cash retrieval, right size models.

523
00:21:07,520 --> 00:21:12,440
And yes, set tenant controls by environment so experiments don't hit payroll.

524
00:21:12,440 --> 00:21:13,440
Key takeaway.

525
00:21:13,440 --> 00:21:18,280
Copilot becomes reliable only when your specialist agent brings retrieval, actions and

526
00:21:18,280 --> 00:21:20,320
guardrails into copilot chat.

527
00:21:20,320 --> 00:21:25,800
If this saved you time, repay the debt, subscribe, tap follow, enable notifications and

528
00:21:25,800 --> 00:21:29,240
watch the next deep dive on automated agent evaluation.

529
00:21:29,240 --> 00:21:31,120
Scheduled like a well-behaved con job.