Restricted SharePoint Search Is Not the Fix You Think It Is

image

Most people’s first reaction to Copilot and SharePoint goes something like this: “Wait — Copilot can see all of that?”

Then they panic. Then they Google. Then they find Restricted SharePoint Search and flip it on like it’s a fire extinguisher.

I get it. The instinct is right — you should care about what Copilot can reach. But RSS isn’t a security control. It’s a stalling tactic. And if you leave it on too long, it’ll cause more problems than the one you were trying to solve.

What is Restricted SharePoint Search, really?

RSS lets a SharePoint admin maintain an allowed list of up to 100 SharePoint sites. Only those sites show up in organisation-wide search results and Copilot chat responses.

That’s it. It doesn’t change a single permission on a single site. It doesn’t block anyone from accessing anything. It just hides sites from search and Copilot — unless the user has recently visited the site, or it was shared with them in Teams or Outlook. In which case, it shows up anyway.

That’s not a security boundary. That’s a curtain.

Microsoft’s own documentation on RSS says it plainly: this is designed as a short-term solution while you audit permissions and apply proper governance. It’s not meant to stay on.

Step-by-step: Setting up RSS the right way

If you’re going to use RSS — and there are situations where it makes sense — do it in this order.

Audit your active sites first

Open the SharePoint admin centre > Active sites. Filter by activity in the last 30 days. Customise columns to show page views, file counts, and last activity. Export the list to CSV. This is your starting inventory — the sites people actually use.

Review permissions on each candidate site

For every site you’re considering for the allowed list, open its details and check the Permissions tab. Look for “Everyone except external users” or company-wide groups. Those are the oversharing patterns you’re really worried about.

Enable RSS and build the allowed list

RSS is managed through PowerShell — there’s no toggle in the admin centre GUI for this one.

Set-SPOTenantRestrictedSearchMode -Mode Enabled
Add-SPOTenantRestrictedSearchAllowedList -SitesList @("https://contoso.sharepoint.com/sites/intranet","https://contoso.sharepoint.com/sites/hr")

Notice what’s missing? A portal button. That’s deliberate. Microsoft wants friction here because they don’t want you to leave this on.

Plan your exit from day one

Before you enable RSS, set a calendar reminder for 30 days out. That’s your deadline to fix the permissions that made you turn it on in the first place — and then turn it off.

When RSS backfires

Here’s where most people get into trouble. They enable RSS, breathe a sigh of relief, and forget about it. Months later, three things have gone wrong:

Search breaks for everyone. RSS doesn’t just limit Copilot — it limits all organisation-wide search. Your finance team can’t find the policy site. Your HR team can’t find the onboarding hub. Nobody told them you turned this on, so they log a ticket blaming SharePoint.

Copilot gets dumber. With only 100 sites to draw from, Copilot has less information to reference. Answers get vague. Users lose trust. You’ve just paid for Copilot licences and then blindfolded the thing.

False confidence sets in. The admin thinks the problem is solved. It isn’t. RSS doesn’t stop Copilot from surfacing content a user has already accessed. If someone opened that sensitive spreadsheet last week, Copilot can still reference it — allowed list or not.

The actual fix: permissions, not curtains

RSS buys you time. Use it. But spend that time on the thing that actually matters: fixing your SharePoint permissions.

Start with Data Access Governance reports in SharePoint Advanced Management. These reports show you exactly which sites have broad sharing, “Everyone” links, or sensitivity labels missing. That’s your real oversharing map.

Then work through it site by site. Remove company-wide sharing links. Tighten group memberships. Apply sensitivity labels where they belong. This is the work that actually makes Copilot safe — not hiding sites from search and hoping for the best.

Once permissions are clean, disable RSS. Let Copilot use the full breadth of your tenant. That’s how you get value from it.

“We turned on RSS six months ago and Copilot still isn’t helpful.”

That’s not a Copilot problem. That’s an RSS problem.

My recommendation?

Use RSS if you’re deploying Copilot to a tenant you haven’t audited yet and you need breathing room. Thirty days. Not six months. Not “until we get to it.”

Set the allowed list. Fix the permissions behind the scenes. Then take the training wheels off.

If you’re an MSP and you’re not walking clients through this sequence — temporary RSS, permission remediation, RSS removal — you’re either leaving them exposed or leaving them hobbled. Neither looks good at renewal time.

RSS isn’t there to protect your tenant. It’s there to give you a window to actually protect your tenant. Don’t confuse the window with the wall.

Trust Now Happens Before Contact

image

Here’s the uncomfortable truth:

By the time a prospect contacts you, the decision is often already made.

They’ve read your blog posts.
They’ve watched your videos.
They’ve scanned your LinkedIn.
They’ve compared you to three other MSPs.

They’re not calling to be convinced.
They’re calling to validate a choice.

That’s why trust has moved upstream — before the sales conversation even starts.

And that’s why we replaced the old model with something radically simpler:

Content → Offer Doc → Decision

No calls.
No chasing.
No closing.

Content Does the Heavy Lifting

Your content is now your best salesperson.

Not polished marketing fluff — real, opinionated, practical content that shows how you think.

Content that answers:

  • Who this is for

  • Who it is not for

  • What problems you actually solve

  • What you believe about IT, security, risk, and responsibility

When done properly, content pre‑qualifies better than any discovery call ever could.

Bad‑fit prospects self‑select out.
Good‑fit prospects lean in.

That alone removes enormous friction from your pipeline.

The Offer Doc Replaces the Sales Call

Instead of “let’s book a call”, we give prospects an offer document.

Not a proposal.
Not a quote.
An offer.

It clearly spells out:

  • The problem we solve

  • The outcome we deliver

  • Exactly what’s included

  • Exactly what it costs

  • Exactly how to say yes

No mystery. No theatre. No “we’ll tailor it after the call”.

If someone needs a call to understand the offer, the offer isn’t clear enough.

Decision Without Pressure

This is the part most MSPs struggle with.

Letting the prospect decide — without pressure.

But when trust is built upstream, and the offer is clear, the decision becomes simple.

They either want it or they don’t.

And that’s a good thing.

Because the clients who say yes without being chased are the same clients who:

  • Respect boundaries

  • Value your expertise

  • Pay on time

  • Stay longer
What This Means for MSPs

This isn’t about “anti‑sales”.

It’s about modern sales.

Sales that respects how buyers actually behave today.
Sales that removes friction instead of adding it.
Sales that attracts adults who can make decisions.

If your growth still depends on more calls, more follow‑ups, and more convincing — you’re fighting the market.

The MSPs who win next won’t close harder.

They’ll clarify better.

And they’ll let trust do the work.

What Copilot Chat Developer Mode Actually Shows You

image

I spent a solid hour last month watching a declarative agent ignore an API plugin I’d wired up. The instructions were clear, the manifest looked right, the OpenAPI spec was valid. Every prompt came back with a confident answer that had nothing to do with my data. Copilot was making things up rather than calling my endpoint, and I had no idea why.

Then I typed -developer on into Copilot Chat, and the mystery evaporated in about thirty seconds.

Seeing the Orchestrator Think

Developer mode is a built-in debugging tool in Microsoft 365 Copilot Chat. Type that command and every response from your agent comes back with a debug card — a detailed breakdown of what the orchestrator did behind the scenes to produce its answer.

The card shows three things that matter. First, agent metadata and capabilities: which knowledge sources are active, whether web search is enabled, and the identifiers you need for tracking a specific conversation. Second, function matching: did the orchestrator consider your API plugin’s functions relevant to the user’s prompt? Third, execution details: if a function was selected, what HTTP request did Copilot actually send, what response came back, and how long did it take?

That last section is where most of the debugging value lives. You can see the endpoint that was called, the request headers with auth tokens redacted, and the full response body. When something fails, you’re reading the receipt — not guessing.

The Problem It Actually Solves

Before developer mode, troubleshooting a misbehaving agent in Copilot meant staring at manifest files trying to work out what went sideways. Your agent returned a wrong answer and you couldn’t tell where the chain broke. Was the orchestrator not matching your function? Matching but failing on auth? Getting bad data back from the API? The orchestration layer was a black box.

Now you see exactly where it breaks. In my case, the debug card showed “No matched functions” — meaning the orchestrator never even considered calling my API. The problem wasn’t auth or endpoints or response formatting. It was my description_for_model field. The description said “Returns project data” but my prompt asked “What’s the status of the Henderson build?” The orchestrator couldn’t bridge that semantic gap.

I rewrote the description to cover the ways people actually ask about project status, and the next prompt hit the API cleanly.

Where It Fits in Your Workflow

Developer mode works directly in the browser. Open Copilot Chat, select your agent, type -developer on, and start testing prompts. If you’re using the Microsoft 365 Agents Toolkit in Visual Studio Code, press F5 to launch your agent and the same command activates in the chat window. The debug panel in the toolkit gives you a matching view with downloadable diagnostic logs.

A couple of patterns worth knowing: when the debug card shows “No functions selected for execution,” your function descriptions likely aren’t semantically close enough to the prompt. When it shows a function was selected but execution failed, the HTTP status code in the card usually tells you what went wrong — a 401 means your OAuth registration doesn’t match, a timeout means your API needs to respond faster.

What I’m Watching

Microsoft keeps expanding what the debug card reveals, and the Quick Copy feature now lets you export the full debugging JSON to share with a colleague or attach to a support ticket. For anyone building agents that connect to external APIs through Copilot, this is the single most useful diagnostic tool in the stack. It turns “something’s broken” into “here’s exactly what happened, and here’s why.”

If you haven’t typed -developer on yet, start there.

  1. Microsoft Learn — Test and debug agents using Developer Mode https://learn.microsoft.com/en-us/microsoft-365/copilot/extensibility/debugging-agents-copilot-studio(opens in new window) The primary documentation page. Covers enabling/disabling developer mode, the debug info card fields, troubleshooting common failures, and how to report issues.

  2. Microsoft Learn — Test and debug agents in Microsoft 365 Agents Toolkit using developer mode https://learn.microsoft.com/en-us/microsoft-365/copilot/extensibility/debugging-agents-vscode(opens in new window) Focuses on using developer mode alongside the Agents Toolkit in VS Code (F5 launch, debug panel, diagnostic logs).

  3. Microsoft 365 Developer Blog — Introducing the agent debugging experience in Microsoft 365 Copilot (April 9, 2025) https://devblogs.microsoft.com/microsoft365dev/introducing-the-agent-debugging-experience-in-microsoft-365-copilot/(opens in new window) The GA announcement post by Carol Mbasinge Kigoonya. Covers new features including agent configuration insights, execution monitoring, latency tracking, and Quick Copy Debugging JSON.

  4. Microsoft 365 Roadmap — Feature ID 474450 https://www.microsoft.com/microsoft-365/roadmap?featureid=474450(opens in new window) The original roadmap entry for Copilot Chat developer mode, listed as GA from January 2025.

  5. Microsoft Learn — Set up your development environment for Microsoft 365 Copilot https://learn.microsoft.com/en-us/microsoft-365/copilot/extensibility/prerequisites(opens in new window) Broader context on the Copilot development environment, licensing, and extensibility options that developer mode supports.

CIA Brief 20260530

image

  • Introducing Microsoft 365 Business with Copilot: The new standard for small business(opens in new window) Microsoft is launching two new small-business SKUs on 1 July — Business Standard with Copilot and Business Premium with Copilot — with Copilot built directly into Word, Excel, PowerPoint and Outlook. They add 1,000+ connectors (Shopify, Xero, Docusign and more), “Work IQ” business context, and access to OpenAI and Anthropic models. Built-in security controls like sensitivity labels and access revocation ensure Copilot only surfaces what each user is permitted to see.

  • Introducing a new design for Microsoft 365 Copilot(opens in new window) Microsoft has redesigned the Copilot experience across Microsoft 365, turning the prompt line into a task-aware workspace with a single consistent entry point across apps and a progressive-disclosure interface. Performance improved with load times cut by more than half and complex prompts answering ~10% faster, alongside new agentic modes (Designer, Researcher, and in-app Word/Excel/PowerPoint agents). Microsoft reported usage gains of Word +27%, Excel +33%, PowerPoint +43% and Outlook +30%.

Security / Industry News
  • The Gentlemen ransomware: Dissecting a self-propagating Go encryptor(opens in new window) Microsoft Threat Intelligence analysed “The Gentlemen,” a ransomware-as-a-service threat (operators tracked as Storm-2697) written in Go that uses per-file Curve25519 + XChaCha20 encryption and spreads aggressively through lateral movement. It employs double extortion, disables Microsoft Defender, and deletes shadow copies and logs to hinder recovery. Activity has been observed globally across education, transport, healthcare and finance sectors.

After hours

Mark Rober’s $60 Million Science Experiment – https://www.youtube.com/watch?v=RDFGkBE2O50

Editorial

If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

Why developers don’t own this one

image

I keep hearing the same thing from MSPs and IT pros when GitHub Copilot CLI comes up.

“That’s a developer tool, right? Not for me.”

No.

That’s the assumption I want to push back on. If you spend any time at a terminal — running PowerShell against a tenant, poking at logs, scripting an onboarding — Copilot CLI belongs on your machine.

And once you bolt Work IQ onto it, your terminal stops being a code playground and starts being something genuinely useful for the M365 work you already do.

What is GitHub Copilot CLI, really?

It’s an AI assistant that lives in your shell.

You install it, run copilot, and start typing in plain English. It proposes commands, runs them with your approval, edits files, reads repositories — and it holds context across the whole session. Every action waits for your tick before it executes, which I appreciate. Nothing happens to your machine without you saying yes.

Think of it less as a coding tool and more as a terminal pair who never gets bored and never forgets the exact git syntax you can never remember.

Step-by-Step: Getting Copilot CLI on your machine

You’ll need an active GitHub Copilot subscription (Pro, Pro+, Business, or Enterprise) and Node.js v22 or higher. On Windows, PowerShell 6 or higher.

Install the package

Screenshot 2026-04-26 075341

Run:

winget install Github.Copilot

as an administrator that the command prompt

Launch it

copilot

Sign in

At the prompt, type login and follow the browser flow. That’s the whole authentication dance.

The full walkthrough — including winget, Homebrew, and the install script — sits on the official GitHub Copilot CLI installation docs.

That’s it. You’re talking to your terminal.

Step-by-Step: Connecting Work IQ inside Copilot CLI

Here’s where it gets interesting for anyone living in Microsoft 365.

Work IQ is a Microsoft MCP server that pipes your M365 tenant data — emails, meetings, documents, Teams messages, people — straight into Copilot CLI. It’s in public preview, and your tenant admin needs to grant consent the first time.

Open Copilot CLI

copilot

Add the plugin marketplace

copilot-plugins

Install the plugin

plugin install workiq@copilot-plugins

Restart and ask

Screenshot 2026-04-26 075859

Quit Copilot CLI, relaunch it, then try something like:

What did my client say last week about the Intune rollout?

Notice what’s missing? You never opened Outlook. You never opened Teams. You never alt-tabbed.

The official walkthrough — including admin consent and the EULA acceptance you’ll deal with once — sits on Microsoft Learn’s Work IQ overview. The broader plugin and MCP picture for the CLI is on the GitHub Copilot CLI docs.

Why this actually changes how you work

Most of my day, like yours, is spent jumping between windows. Email. Teams. SharePoint. A browser with seven tabs of Microsoft Learn open.

“But I already have Copilot in Microsoft 365 — why bother with the CLI?”

Because the CLI is where you do the work. Drafting an email is fine inside Outlook. But when you’re scripting tenant changes, comparing config exports, or poking at a stubborn migration log, you don’t want to leave the terminal to ask a question about the client. With Work IQ, you don’t.

That’s not a productivity tweak. That’s collapsing two tools into one place.

Here’s the real win for MSPs. Your engineers can ask once — “summarise the last five tickets from this client and show me the related Teams chat” — without context-switching, without copy-paste, without losing their thread. Same hour billed, more thinking inside it.

If you’re not showing your clients what their own terminal can already do for them, you’re leaving value on the table.

Copilot CLI doesn’t get tired. Use that.

GitHub Copilot CLI plus Work IQ isn’t there to make you faster at the terminal. It’s there to make the terminal stop being an island.

Privileged Identity Management (PIM) for Entra roles

image

Walk into most SMB tenants and check who holds Global Administrator. You’ll find at least one. Often three. Sometimes more. All permanent. All active. All the time.

That’s standing privilege. And it’s the biggest gift you can hand a token thief.

Most MSPs I talk to know about Privileged Identity Management. They’ve seen it in the Entra admin centre. They just don’t switch it on for clients, because they assume it’s an enterprise thing — too expensive, too complicated, too overkill for a 25-seat business.

Wrong on all three.

What is PIM, really?

PIM is just-in-time admin access. You stop being a Global Administrator all day every day, and start being eligible for it. When you need the role, you put yourself in for a fixed window, with a justification and a record. A few hours later it drops off. You’re back to a normal user.

That’s not least privilege as a slogan. That’s least privilege as a clock.

You can layer MFA on activation, approval workflows where one admin signs off on another’s elevation, and access reviews that quietly remind you each quarter that someone’s eligibility hasn’t been used in 90 days. All portal-driven. No scripts. Microsoft’s overview of PIM is worth a read, but the licensing point is the one that trips everyone up.

PIM needs Entra ID P2 or Entra ID Governance. That’s not in Business Premium. But — and this is the part MSPs miss — you only need to licence the admins, not every seat. Three admin accounts is your premium. Compare that to one incident.

Step-by-step: switching on PIM for Global Administrator

Run through this in the Entra admin centre. Sign in as a Global Administrator and licence the admin accounts you want under PIM first.

Park a break-glass account

Before touching a role, create a dedicated break-glass admin. Permanent active Global Administrator. Long random password in your password manager. Excluded from every Conditional Access policy. Document it somewhere you can find at 2am.

This is the one account PIM doesn’t touch. Skip this step and you’ll lock yourself out the first time MFA goes sideways.

Open ID Governance

ID GovernancePrivileged Identity ManagementMicrosoft Entra rolesRoles.

Configure role settings for Global Administrator

Select Global AdministratorRole settingsEdit. Microsoft documents every option here; the ones that earn their keep look like this:

Activation maximum duration:   4 hours
Require MFA on activation:     Yes
Require justification:         Yes
Require approval to activate:  Yes (2 approvers, not self)
Permanent eligible assignment: Disallowed
Notification on activation:    All Global Admins

Notice what’s missing? PowerShell. None of this needs it.

Move existing GAs from active to eligible

Assignments → find each Global Administrator → use the assign roles flow to make them eligible instead. Same permissions — only when they ask for them.

Schedule an access review

Under Access reviews, set up a quarterly review of all eligible Global Administrators. Configure it to auto-remove on no response. The clients who think this is overkill are the clients who’ll have an ex-staffer with admin rights twelve months from now.

Why this actually changes behaviour

PIM isn’t a tool. It’s a posture. The second a Global Admin has to type a reason and wait for approval, two things happen — they stop using GA for the trivial stuff, and someone else sees every elevation.

“But our admins will hate this.”

They’ll hate it for a week. Then they’ll forget it’s there, because activation is two clicks. And the first time you can prove with an audit log that no privileged account was active during an incident, you’ll wonder how you ran tenants any other way.

A standing Global Admin is a key under the doormat. PIM is the locksmith.

If you’re not setting this up for your clients, you’re leaving the front door open and calling it security.

The Command Line Is Quietly Coming Back

image

I had a quiet moment last week that made me stop and think. I was watching a younger colleague get something done in about thirty seconds — no mouse, no menus, no four browser tabs open. Just typed a sentence into a terminal, hit enter, and the work was done. It looked exactly like the way I used to work in the late nineties, except the thing on the other side of the prompt was now an AI.

That’s the part I keep turning over. For more than two decades we have been told the future is graphical. Click, drag, drop, swipe. Every product wanted to be more visual, more “intuitive”, more pointy and clicky than the last one. And now, very quietly, the command line is walking back into the room — with a tool like GitHub Copilot CLI under its arm.

Typing is faster than clicking, again

The reason this shift is happening isn’t nostalgia. It’s pace. When you can describe what you want in plain English and have a tool translate that into the right command, the whole “where is that menu again” tax disappears. I’ve watched people who genuinely could not tell you what grep does happily ask Copilot CLI to find every file on their machine that mentions a particular client, and get a clean answer in seconds.

That same pattern is now showing up everywhere I look in Microsoft 365. Copilot in Outlook is, in effect, a command line for your inbox. You type “find the email from the supplier about pricing last month and draft a reply” and you’re done. No folder hunting, no scrolling. Copilot in Excel does the same thing for data — you describe the pivot you want, the chart you want, the trend you want highlighted, and it happens. The mouse becomes optional.

The interface is becoming language

What I think we’re really watching is not a return to green text on black screens. It’s the recognition that human language is itself a pretty good interface. For years we tried to dumb computers down for people. Now we’re meeting in the middle. People type or speak what they want. The machine figures out the click path.

Look at Microsoft Teams. The new way to drive it isn’t to click through tabs and channels — it’s to ask Copilot what was decided in yesterday’s project meeting, who owes who an action item, and what changed in the shared OneNote since Friday. The chat box has quietly become the most powerful button in the application.

What it means for how we work

For business leaders this matters more than it might first appear. The people who get good at “talking” to their tools — whether that’s Copilot CLI on a developer’s laptop, Copilot in Word turning rough notes into a board paper, or Copilot in SharePoint pulling the right policy out of a thousand documents — are going to be visibly faster than the people still hunting through ribbons and right-click menus.

I’m telling clients to start treating prompt-writing as a normal workplace skill, the same way we once treated email etiquette. It is the new shortcut key.

What I’m watching next

The interesting question is whether this collapses the distinction between “technical” and “non-technical” users altogether. If everyone’s interface is a sentence, the playing field flattens fast. The command line never really left. It just learned to listen.