Microsoft 365 Copilot does not change your permissions but it exposes them. Every legacy SharePoint site, overshared document, and unmanaged Team with external guests becomes easier to surface because users already have access to that content. Copilot cannot distinguish between the most relevant version of a document and an outdated copy gathering dust in a forgotten library. That ambiguity is now your problem. This session tackles the real blocker behind most Microsoft 365 Copilot rollouts: years of redundant, obsolete, and trivial (ROT) data that nobody has dared to touch. We do not believe in blanket deletions or blocking access by default. Instead, we walk through a practical, tool-led approach to understanding what you have, who can reach it, and what should happen to it organised around three decisions every admin must make before Copilot goes live at scale: Which content should Copilot be able to surface? Which content needs to stay available, but should no longer be actively indexed? Which content must be retained, archived, or removed according to policy? • Using SharePoint Advanced Management, Data Access Governance reports, Restricted SharePoint Search, Microsoft 365 Archive, and Microsoft Purview Data Lifecycle Management, we walk through a realistic, demo-driven approach you can start applying on Monday. • Jeroen covers how to map your exposure identifying oversharing risks, external access, and abandoned sites through DAG reports and SharePoint Advanced Management, and how to apply governance through Purview retention and deletion policies. Pieter takes you into the archiving story: when to archive a whole site versus archiving at the file level, how Microsoft 365 Archive works for individual documents within active sites, and how to reduce Copilot noise without deleting content people may still need. Level Intermediate Attendees do not need to be Purview specialists, but should have working knowledge of Microsoft 365, SharePoint, Teams and basic permissions management. Target audience • Microsoft 365 administrators • SharePoint administrators • Security and compliance managers • IT managers planning a Microsoft 365 Copilot rollout • Anyone dealing with years of unmanaged SharePoint and Teams data Key takeaways After this session, attendees will have: • Discovered how Copilot turns existing data sprawl into a live security and accuracy risk and why cleanup cannot wait • Learned how to identify oversharing and abandoned content using Data Access Governance reports and SharePoint Advanced Management • Understood the difference between site-level and file-level archiving, and when to use each to control what Copilot can and cannot find • Uncovered a practical, phased governance approach using Purview Data Lifecycle Management — without touching content you are not yet certain about Speakers • Jeroen Bijdevier (primary submitter) • Pieter Kops (co-speaker)