Copilot in Outlook

Most people meet Copilot in Outlook through the Draft button. They click it, type “write a reply saying yes”, watch it produce three paragraphs of corporate waffle, and quietly decide the whole thing is overrated.

I get why. That’s the demo everyone shows. It’s also the least interesting thing Copilot does in your inbox.

The real value isn’t writing email faster. It’s reading it faster.

Think about where your time actually goes. It’s not composing. It’s the forty-message thread you got CC’d on at 4pm — the one you have to scroll to the bottom of and reconstruct before you can say anything useful. That’s the tax.

So before you write a single prompt, flip the question. Don’t ask “what can Copilot write for me?” Ask “what am I wasting time reading?”

What is Copilot in Outlook, really?

It’s two jobs wearing one badge.

The first job is Summarize. Open a long thread and there’s a “Summary by Copilot” card sitting at the top. One click boils the thread down to who said what and what’s still outstanding — with little numbered references back to the actual messages, so you can check it didn’t invent anything.

The second job is Draft. You give it an instruction, it writes the email, you fix the bits it got wrong. Tone and length are dials, not destiny.

Notice the order I put those in. Summarize first. For most people that’s eighty percent of the value — and nobody demos it.

Step-by-Step: getting actual value out of it

Summarise before you read

Open any thread more than a few replies deep. Click Summary by Copilot at the top of the message. Read the summary, then jump straight to the messages it references. You’ve just skipped the scroll.

Draft by pointing, not pleading

Here’s the prompt pattern that works:

Reply to the client agreeing to the Tuesday 2pm slot,
confirm I'll send the agenda by Friday, keep it short and warm.

Notice what’s missing? No “please write a professional email that…”. No throat-clearing. You point at the decision and the facts, and Copilot handles the wording. Vague in, vague out — every time.

Set the tone, then get out of the way

Before you generate, open the tone and length options. Pick direct and short for internal mail. Save formal for the email going to a client’s lawyer. Microsoft’s own walkthrough covers drafting an email with Copilot if you want the full button tour.

Always read it before you send

Copilot will confidently add a detail you never gave it. The draft is a starting point, not an outbox.

The shared mailbox trap that catches everyone

Here’s the one that generates support tickets.

Your client runs everything out of info@ or accounts@. They turn on Copilot, open the shared mailbox, hit Summarize… and nothing. The button’s missing, or it tells them it has no knowledge of that mailbox.

For a long time, Copilot in Outlook only worked on your primary mailbox. Shared and delegate mailboxes were off-limits — the single most common “is this thing broken?” question I get.

That’s finally changing. Microsoft now supports Copilot in shared and delegate mailboxes, but the fine print matters: the person using it needs the right level of access, the mailbox has to live in Exchange Online, and encrypted messages still can’t be read. So when a client says “it doesn’t work in our support inbox”, you can tell them why — and what to check — instead of shrugging.

That’s the difference between an MSP who resold Copilot and one who understands it.

Why this actually changes behaviour

“I’ll get to my inbox after lunch.”

That sentence is a productivity confession. Inbox triage gets deferred because it’s expensive — every thread is a small act of reconstruction before you can act.

Summarize makes that cost almost nothing. When reading a forty-message thread takes ten seconds instead of ten minutes, you stop quarantining email into a dreaded afternoon block and start clearing it in the gaps between meetings.

That’s not a feature. That’s a different relationship with your inbox.

Your inbox doesn’t pay you to read. It pays you to decide.

My recommendation? Teach clients Summarize first, Draft second. Draft is the headline. Summarize is the reason they’ll keep the licence.

If you’re not showing them both — and the shared mailbox gotcha — you’re leaving the best part of what they’re already paying for sitting in the box.

Consistency Doesn’t Show Up When Things Are Comfortable

A good month in an MSP can hide a lot. The pipeline is healthy, the techs are humming, the client tickets are getting closed, and Friday afternoon feels almost calm. In those weeks, every business looks disciplined. Every process looks tight. Every standard looks honoured.

That’s not consistency. That’s just a quiet stretch.

The real test arrives when something breaks — a bad migration, a difficult client, a tech walking out, a month where revenue doesn’t land. That’s when you find out whether your standards live in your head or live in the way your business actually behaves.

The discipline you don’t see in a good month

I’ve watched MSPs run beautifully for a quarter and then quietly drop the things that made them beautiful the moment work got heavy. The monthly client reviews stop. The patching cadence slips. The onboarding checklist becomes “we’ll get to that next week.” Nobody decides to lower the bar. It just happens, one small omission at a time, until what was a standard is now just a story you tell prospects.

What I’ve come to respect is the unglamorous stuff that keeps going regardless of mood. The same Monday standup at the same time every week. The same security baseline applied to every new tenant. The same call to a client at the same point in their lifecycle, even when there’s nothing wrong. Those rhythms only feel valuable when things get bumpy — and by then it’s too late to start them.

Build the rhythm, then defend it

This is where I think a lot of MSPs underuse what’s already sitting in their stack. A weekly cadence in Microsoft Planner with the same recurring tasks, surfaced through a Teams channel everyone actually opens, is more useful than a polished playbook nobody reads. A standing client review template in Word, kept in the same Teams tab month after month, builds a record that shows whether you actually turned up.

Copilot helps here in a way I didn’t fully appreciate until recently. Asking Copilot in Outlook to summarise a client’s last quarter of email before a review meeting takes ninety seconds and means the conversation starts with something real. Asking Copilot in Teams to recap the last three internal stand-ups before a leadership meeting means decisions don’t get re-litigated. Asking it to pull the highlights from a SharePoint site of project notes before a Monday catch-up turns ten minutes of digging into one minute of reading. The point isn’t the time saved — it’s that the rhythm becomes easier to maintain on the day you’d rather skip it.

Tools don’t create consistency. But the right ones lower the friction enough that you keep showing up on the days you don’t feel like it.

When nobody’s watching

The reason consistency is hard isn’t intelligence or capability. It’s that nobody claps for it. Doing the same review the same way for the eighteenth time in a row produces no dopamine. No client thanks you for the patches that didn’t cause an outage. No prospect signs because your internal documentation happens to be current.

But the MSPs I see growing steadily — not in spikes, but year after year — are almost always the ones doing the boring things on the bad days as well as the good ones. That’s the only kind of consistency that actually compounds, and it’s almost never visible from the outside until much later.

So the question I keep asking myself, and the one I’d put to anyone running an MSP right now, is simple. What did you still do well last month, when nothing was easy? That’s the answer that tells you who you actually are as a business.

Defender for Endpoint Web Filtering

A client rings up. Staff are burning half the day on betting sites, or someone clicked something they shouldn’t have, and now they want you to “lock down the web.”

So you go and price a web filter. Cisco Umbrella, DNSFilter, a firewall add-on. Another line item, another agent, another renewal to babysit.

Stop.

If that client is on Microsoft 365 Business Premium, you already sold them a web filter. It’s been sitting inside Defender, switched off, the whole time.

That’s not an upsell. That’s a setting.

What is web content filtering, really?

It watches where your devices go on the web and lets you block whole categories of sites by name. Gambling. Adult content. Peer-to-peer. Hacking. You tick a category, and people in the groups you choose stop being able to reach it, whether they’re in the office or working from a café.

Microsoft calls it web content filtering, and it rides on protection that’s already on the machine. In Edge, the blocks are enforced by SmartScreen. In Chrome, Firefox, Brave and Opera, they lean on network protection. Both of those have to be switched on, or nothing happens.

Here’s the part most people miss. Any category you don’t block gets audited automatically. So before you stop a single site, you get a report of exactly where your client’s staff have been going.

You can’t filter what you can’t see. So start by seeing.

Step-by-Step: turn it on, then point it at something

Switch on the feature

In the Microsoft Defender portal, go to Settings > Endpoints > Advanced features and flip Web content filtering to On. Save.

Create a policy and just watch

Go to Settings > Endpoints > Rules > Web content filtering and add a policy. Target a device group. Don’t block your client’s contentious categories yet. Let the audit data build.

Read the report

Open Reports > Web protection and look at the Web activity by category card. Give it time, there’s up to a 12-hour lag before activity shows up. This is the bit that changes the conversation. You’re no longer guessing what staff do online. You’re looking at it.

Block what actually matters

Now edit the policy and tick the categories the report told you to care about.

Microsoft Defender portal → Settings → Endpoints
   Advanced features → Web content filtering = On
   Rules → Web content filtering → + Add policy
Reports → Web protection → Web activity by category

Notice what’s missing? No PowerShell. No third agent. No new licence. Every step lives in a portal your client is already paying for.

Why this actually changes behaviour

Because you walk into the renewal with evidence, not a hunch.

“Here are 4,000 hits to gambling sites last month, off three machines.” That’s a discussion the business owner can act on. A quote for Umbrella is just a number they’ll push back on.

“But we already quoted them a web filter.” Fine. Now you can show them what they’d be paying for, and that they already own it.

A few things will bite you if you’re not watching for them:

Edge uses SmartScreen, everything else uses network protection. If network protection is in audit mode or off, your blocks are theatre. Lovely report, no enforcement.
Non-Microsoft browsers won’t honour HTTPS category blocks unless QUIC and Encrypted Client Hello are disabled. Leave them on and Chrome quietly routes around you.
Expect lag. Up to 12 hours before activity lands in the report, up to two hours before a block bites. Don’t test it in the first five minutes and declare it broken.

And when you genuinely need an exception, you don’t loosen the whole category. You carve out one site with a custom indicator, which sits above the filter in the order of precedence. Allow always wins over block. That’s your release valve when the boss insists on one specific site.

Run the audit, read the Web protection report, then block with proof in hand.

Web content filtering isn’t there to add a product to your stack. It’s there to delete one.

If you’re billing a client for a separate web filter on top of Business Premium, you’re charging them for something they already own. Show them the report instead.

That’s not filtering. That’s value you can prove.

Why "I Don’t Have a Good Idea" Is Almost Never the Real Problem

I have a conversation almost every week that goes the same way. Someone tells me they want to start their own thing. They want a bit more control over their time, a bit more income, a path that doesn’t rely on a payslip landing every fortnight. Then they sigh and say the same line: “I just don’t have a good idea.”

I used to nod along. Now I push back. Because in nearly every case, that’s not what’s actually going on.

The skills are already there

Sit with someone for half an hour and ask them what they’ve done in the last decade of work. You’ll hear about budgets they’ve cleaned up, teams they’ve coached, customers they’ve calmed down, processes they’ve quietly fixed without ever being asked. They’ve negotiated with suppliers, written training material on the fly, run projects with no formal authority, and kept things moving when the org chart said they shouldn’t have been able to.

That’s not a person without a good idea. That’s a person sitting on a stack of skills they’ve never priced.

The gap isn’t capability. The gap is translation — taking what they already do well and shaping it into something a stranger would happily pay for.

Why people freeze at the start

The freeze happens because “find an idea” is the wrong instruction. It sends people hunting for a thunderbolt — some clever niche nobody else has noticed, some product the world has never seen. So they wait. They scroll. They tell themselves they need to read another book or finish another course before they’re ready.

Meanwhile, the offer they could already build is sitting in plain sight: the thing colleagues keep asking them for help with, the problem they solved twice at their last job, the work they actually enjoy that most people genuinely struggle with.

The question isn’t “what’s a brilliant new idea?” The question is “what do I already do well that someone, somewhere, has a real problem paying to get done?”

Use the tools to pull the offer out of your head

This is where I think modern tooling — and Copilot in particular — earns its place for first-time business owners. Not because it hands you an idea, but because it pulls one out of you far faster than you could working alone with a blank notebook.

Open a fresh document in Word, switch on Copilot, and have it interview you. Ask it to walk you through your last five roles and pull out the recurring problems you solved. Ask it to draft three different one-page offers from those skills, each aimed at a different type of customer. Drop your LinkedIn profile into a Loop page and ask Copilot to suggest who would benefit most from the work you’ve already done. Then take the strongest lines into a Teams chat with someone whose judgement you trust and pressure-test them.

In an afternoon you can move from “I don’t have an idea” to three rough offers on a page. None of them have to be perfect. They just have to be concrete enough to test in a real conversation with a real person.

The shift that matters

Financial freedom rarely begins with a perfect idea. It begins with a good-enough offer, said out loud to the right person, then reshaped based on what they actually said back.

If you’ve been waiting for the lightning bolt, give yourself permission to stop. The idea you’re looking for is almost certainly already inside the experience you’ve already had. The job now is to get it out of your head, onto a page, and in front of someone who might say yes.

That’s a much smaller first step than most people think.

Defender for Endpoint device control (USB / removable media)

Walk into most small businesses and ask how they stop someone walking out the door with a USB stick full of client data. You’ll get one of two answers.

Either “we glued the ports shut” or “we don’t.”

Both are wrong. One is a sledgehammer. The other is a shrug. And the worst part? The tool that does this properly is already sitting in the licence they’re paying for every month.

If your clients are on Microsoft 365 Business Premium, they have Defender for Business. And device control comes with it. You’re not buying anything. You’re just not turning it on.

Let’s fix that.

What is device control, really?

Forget “blocking USB sticks.” That framing is what gets people stuck.

Device control isn’t a switch. It’s a set of rules about who can do what with which device. Read. Write. Execute. You can let the finance PC read a USB drive but never copy to it. You can allow one approved brand of encrypted stick and deny every other. You can leave Bluetooth alone and only police removable storage.

That’s the part people miss. It’s not on or off. It’s a dial.

And here’s the bit that actually matters for an SMB: it watches before it blocks. Every time someone plugs something in, Defender logs it — the device, the serial number, the user, the machine. You get a record without enforcing a single rule.

You can’t block what you can’t see. So start by looking.

Step-by-Step: turning it on without breaking anything

Open the right blade

Head to the Microsoft Intune admin center and go to Endpoint security > Attack surface reduction. That’s where device control lives. Not where you’d guess, I know.

Audit first, always

Don’t block anything yet. Enable device control in audit mode and leave enforcement alone. Let it run for a week or two across a pilot ring. You’re collecting evidence, not making arrests.

Read the report

In the Microsoft Defender portal, open the device control report and Advanced hunting. Here’s the query that tells you everything that’s been plugged in:

DeviceEvents
| where ActionType == "PnpDeviceConnected"
| extend parsed = parse_json(AdditionalFields)
| extend MediaClass = tostring(parsed.ClassName)
| extend MediaSerialNumber = tostring(parsed.SerialNumber)
| project Timestamp, DeviceName, AccountName, MediaClass, MediaSerialNumber
| order by Timestamp desc

Notice what’s missing? There’s no block in there. That’s a visibility query. You’ll be surprised what shows up — personal phones, dodgy giveaway sticks from a conference, the bookkeeper’s external drive.

Set the dial

Now you write the actual policy: default deny on removable storage, then carve out exceptions for the devices you trust. Scope it to removable media only so you don’t accidentally fight with printers or webcams.

Roll it in rings

Pilot group first. Then a wider ring. Then everyone. Same three-ring discipline you’d use for anything that touches the endpoint. Never enforce tenant-wide on day one.

Why this actually changes behaviour

Here’s the real win. It’s not the block. It’s the conversation the block lets you have.

When a client asks “can someone steal our data on a USB?”, “we glued the ports” sounds paranoid and “we don’t” sounds negligent. Neither builds trust.

“We allow encrypted drives, we log every device that connects, and we can show you exactly what plugged in last month” — that’s a different conversation. That’s the answer that wins the renewal.

Before: “USB is a risk we just live with.” After: “USB is a risk we measure, scope, and report on.”

And it costs nothing extra. You already sold them the licence. This is value you left in the box.

Device control isn’t there to lock the door. It’s there to tell you the door was open the whole time — and let you decide, device by device, who gets a key.

If you’re not showing your clients this, you’re leaving it on the table for someone else to find.

The Conversation I Keep Having About Copilot

Last week a manager asked me how to write the perfect prompt. She had a sticky note on her monitor with about thirty bracketed placeholders and a warning to always start with role, then context, then task. I asked her how often she actually used it. She laughed and said almost never — it felt like homework before the real work could start.

That moment captured something I’ve been thinking about for a while. The industry has spent two years training people to be better prompters, when the real productivity gains sit one layer up. With Copilot Cowork, the unit of leverage isn’t the prompt — it’s the skill.

Prompts Are Disposable. Skills Compound.

A prompt is a single instruction. You type it, you get something back, and then it’s gone. Tomorrow morning you start again. Even a brilliantly worded prompt only helps the person who wrote it, on the day they wrote it, for the task in front of them.

A Copilot Cowork skill is different. It’s a packaged way of working — a brief, a checklist, a structure, a tone — that anyone in your organisation can invoke by name. Once it exists, it doesn’t degrade. It doesn’t get lost in someone’s chat history. It runs the same way on a Tuesday morning as it does on a Friday afternoon, and it carries the thinking of whoever built it forward into every future use.

That is leverage. Prompt engineering is a craft. Skills are an asset.

Where the Productivity Actually Lives

The real productivity question in any business isn’t how do I get a better answer from Copilot today — it’s how do we stop solving the same problem from scratch every time. Skills are the answer to that question.

Think about what happens in a typical week. Someone needs to write a board update. Someone else has to brief a meeting. A third person is drafting a proposal that looks suspiciously like the last three proposals. In a prompt-engineering world, each of those people opens Copilot in Word or Outlook and tries to remember the magic incantation. In a skills world, they invoke a Board Update skill or a Meeting Brief skill and Copilot already knows the structure, the voice, the sources to pull from in SharePoint, and the people in Teams who usually need looping in.

The hours saved aren’t in the typing. They’re in not having to think the problem through again, hunt for the right template, or remember which version of the prompt actually worked last time.

The Shift Business Leaders Need to Make

If you’re leading a team, the question worth asking isn’t are my people good at prompts? It’s what work do we do over and over that should be a skill by now? The recurring report. The standard reply. The new-client onboarding sequence. The monthly review pack assembled from Excel, Outlook and a SharePoint folder no one can quite remember the path to.

Each of those is a skill waiting to exist. And the moment it does, the productivity gain isn’t a one-off — it accrues every time anyone in the business uses it.

What I’m Watching

I think the businesses that win the next stretch with Copilot won’t be the ones with the cleverest prompters. They’ll be the ones who treat their best ways of working as something to package, name, and share. Prompt engineering helps one person, once. A well-built skill helps the whole organisation, every time. That’s where the productivity actually shows up.

Need to Know podcast–Episode 366

Join me as I unpack the most impactful Microsoft Build 2026 announcements for SMBs, including Work IQ’s general availability, new autopilot and Scout agent features, enhanced agent security with Microsoft Execution Containers, and the latest MAI models for code, image, and voice. Discover how upcoming Work IQ APIs, OpenClaw integration with Windows, and the shift toward hybrid AI solutions are shaping the future of business technology, with practical insights on cost control, disaster recovery, and agentic security. Don’t miss this episode for actionable takeaways and expert analysis on the evolving AI landscape.

Brought to you by www.ciaopspatron.com

you can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-366-build-2026/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

or Spotify:

https://open.spotify.com/show/7ejj00cOuw8977GnnE2lPb

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show

Resources

CIAOPS Need to Know podcast – CIAOPS – Need to Know podcasts | CIAOPS

X – https://www.twitter.com/directorcia

director@ciaops.com

CIAOPS Blog

Join my Teams Shared Channel – CIAOPS

CIAOPS Merch store – CIAOPS

Become a CIAOPS Patron

CIAOPS AI Dojo

CIAOPS weekly news update – CIA Brief – CIAOPS

CIAOPS Labs – The Special Activities Division of the CIAOPS

Support CIAOPS

Get your M365 questions answered via email

Join my email list

A special thanks to the CIAOPS Patron community for making this podcast possible. You can find the benefits of a subscription to the community and become a member at https://www.ciaopspatron.com

Microsoft Build 2026 blog – Be yourself at work

Developer-Tech – AI agents, Copilot, Windows developer tools

VentureBeat – AI agents and enterprise use cases

Thurrott – Scout personal work agent and AI models

VentureBeat – Data silos and Microsoft IQ

Windows Report – Securing code agents and AI models

Engadget – Build 2026 live blog

Microsoft Learn – Work IQ in Azure Foundry

Firstpost – MXC, OpenClaw, and OpenShell

Copilot in PowerPoint

Most people type “make me a presentation about cyber security” into Copilot, watch it spit out ten generic slides, and decide the whole thing is a gimmick.

I don’t blame them. That output is rubbish.

But that’s not Copilot failing. That’s Copilot doing exactly what you asked — building from nothing, with no source, no structure, no brand.

Garbage in, garbage slides out.

Here’s the shift. Copilot in PowerPoint isn’t a “write my deck” button. It’s a converter. You already have the content — a Word doc, a PDF proposal, last quarter’s report. The job isn’t inventing slides. It’s turning what you’ve already written into something you can stand up and present.

What is Copilot in PowerPoint, really?

Think of it as the worst part of your week, automated.

You know the drill. The thinking is done. The report is written. The client signed off on the wording. Now you’ve got two hours of copy-pasting into slides, fighting text boxes, and nudging the logo a pixel to the left.

Copilot eats that two hours.

You point it at a file. It reads the structure, pulls the key points, and drafts slides — text, layout, the lot. You’re not staring at a blank slide anymore. You’re editing a first draft.

That’s the whole game. Not creativity. Removal of drudgery.

Step-by-Step: building a deck that doesn’t look generic

Open your template first

This is the step everyone skips, and it’s the one that matters most.

Before you touch Copilot, open your organisation’s PowerPoint template — your branded .potx, your client’s deck, whatever carries the right fonts and colours. Microsoft is explicit about this: start from your template and Copilot keeps the theme and reuses your existing layouts.

Skip it, and you get Microsoft’s house style. Every. Single. Time.

Reference your file, don’t describe it

Open the Copilot pane, then reference a file — click the paperclip, or just type / and pick the document. Word, PDF, Excel, a Loop page. Now Copilot reads the actual content instead of guessing at it.

Write a prompt that points, not pleads

Don’t ask for a slide “about the project”. Tell it exactly where to look:

Create slides from the attached proposal.
Use the "Scope" and "Pricing" sections only.
One slide per phase. Key points, not full sentences.

Notice what’s missing? Any mention of colours, fonts, or design. You don’t ask Copilot for those — your template already decided them. Ask once, point clearly, and let the template do the rest.

Review, then refine in place

Copilot drafts. You read. Then you tell it what’s wrong — “tighten slide three”, “drop the jargon”, “add a summary slide” — in plain English, right there in the pane. No re-prompting from scratch.

A couple of traps before you sell this to clients

Two things will bite you.

First, dense slides. Copilot tends to lift whole paragraphs straight off the page. If your source doc reads like a report, your slides will too. Fix it in the prompt — “bullet points, not sentences” — or trim after.

Second, the file has to be readable. Text-based PDFs work. Scanned images and password-protected files don’t. And keep source files under 24MB, or the results get flaky.

Old thinking: “I’ll block out the afternoon to build the deck.” New thinking: “I’ll point Copilot at the doc and spend the afternoon making it good.”

That’s not a small change. That’s where your hours go back.

Why this actually changes behaviour

Here’s the real win for anyone running this in a business.

Your team already produces the content. Proposals, reports, meeting notes — the substance exists. What kills them is the packaging. The deck that has to look right for the board, the client, the pitch.

Copilot collapses the gap between “we’ve written it” and “we can present it”. The expensive part — the thinking — stays human. The tedious part disappears.

And be straight about the cost. The file-referencing piece sits behind the paid Microsoft 365 Copilot add-on, not the base subscription. For a lot of SMB clients, this is the use case that justifies the licence. Not chatbots. This.

Show a client how an afternoon of slide-building becomes ten minutes, and the conversation about value is over.

If you’re running Microsoft 365 for clients and you’re not showing them this, you’re leaving real money — theirs and yours — on the table.

Copilot in PowerPoint isn’t there to make your slides.

It’s there to delete the part of the job nobody ever wanted.