Trust by Design

The Oversharing
Problem, Solved
by Design.

An HR agent is only as safe as its access boundary. The risk is not the AI inventing data; it is the AI surfacing real data the asker should never have seen. Here is how we close that gap.

Book a Discovery Call
Trimmed
the agent inherits existing permissions and never surfaces content the asker cannot access
Microsoft Learn
Purview
DLP for Microsoft 365 Copilot reached general availability at Ignite 2025
Microsoft, 2025
Least
privilege: HR knowledge scoped tightly, no comp or performance data at launch
ClarityArc
The Risk

Oversharing Is the Real HR AI Security Problem

The headline fear about HR AI is hallucination. The quieter, more dangerous problem is oversharing: an agent inheriting over-permissive SharePoint access and confidently surfacing salary, performance, or personal data to someone who happened to ask.

Microsoft 365 Copilot is permission-trimmed by design; it only retrieves what the asking user can already access. But that boundary is only as good as your underlying permissions, which in most tenants have drifted over years.

So the security work is twofold: configure the agent's controls correctly, and tighten the content and permissions it can reach before it goes live. We do both, and we treat it as defense in depth, not a single switch.

Defense in depth

A 2026 Copilot incident showed labeled content can still slip through a single control. Layered controls and a pre-go-live permission review are not optional for HR.

Industry advisory, 2026
What We Lock Down
  • Permission trimming so the agent reaches only what the asker can access
  • Microsoft Purview sensitivity labels on HR content
  • DLP for Microsoft 365 Copilot to block sensitive information types
  • Knowledge scoped to a governed HR hub, not the whole tenant
  • No compensation or performance data in scope at launch
  • A permission and oversharing review before go-live
The Controls

Five Layers Between the Agent and Your Sensitive Data

No single control is sufficient for HR data. These five layers, configured together and audited, are what make an HR agent safe to deploy to every employee.

01

Permission trimming

Inherited from the tenant; the agent never returns content the asking user cannot already open.

02

Sensitivity labels

Purview labels classify HR content and carry encryption that travels with the file.

03

DLP for Copilot

Blocks prompts and responses containing sensitive information types and restricts labeled files.

04

Scoped knowledge

The agent is grounded on a governed HR hub, not pointed at the entire tenant.

05

Pre-go-live review

We review permissions and run an oversharing check before the agent is published.

What We Configure

Locked Down, Then Verified

We scope the knowledge, apply labels and DLP, confirm permission trimming, and exclude the most sensitive data classes at launch. Then we audit, because controls that are set but never checked are how incidents happen.

  • Scoped, governed HR knowledge hub
  • Labels and DLP applied
  • Permission trimming confirmed
  • Oversharing audit before launch
Sovereignty and Residency

Notes for Regulated Workforces

For sovereign or sensitive workforces we confirm in-country data residency and review the tenant settings that affect where inferencing runs, including Flex Routing and any model subprocessor options, before any commitment.

  • Confirm in-country data residency
  • Review Flex Routing settings
  • Review model subprocessor options
  • Decisions made before go-live, not after

Close the Oversharing Gap Before You Launch.

We will review your access boundary and show you how a governed HR agent stays inside it. Start with a discovery call.

Book a Discovery Call