Information about SharePoint, Microsoft 365, Azure, Mobility and Productivity from the Computer Information Agency
The slides from this month’s webinar are available at:
If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:
http://www.ciaopsacademy.com.au/p/need-to-know-webinars
Watch out for next month’s webinar.
Join me for this episode with all the latest news and update from Microsoft as well as my take on the importance of logging as a security basic that many overlook. Plenty of security news in this episode especially around the latest exploits of MSHTA.EXE that you should be prepared for. Listen for all the information.
Brought to you by www.ciaopspatron.com
you can listen directly to this episode at:
https://ciaops.podbean.com/e/episode-342-logs/
Subscribe via iTunes at:
https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2
or Spotify:
https://open.spotify.com/show/7ejj00cOuw8977GnnE2lPb
Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.
Resources
Comparing Copilot Chat included with Microsoft 365 to a paid Copilot license
Adobe and Microsoft Empower Marketers with AI Agents in Microsoft 365 Copilot
Introducing Copilot in the Microsoft 365 admin centers
Jailbreaking is (mostly) simpler than you think
Level up your defense: protect against attacks using stale user accounts
Defender XDR – Monthly news – March 2025
AI innovation requires AI security: Hear what’s new at Microsoft Secure
Microsoft Technical Takeoff: Windows + Intune
Continuing with Microsoft Entra: Advanced Identity Management
Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware
Take Flight with Microsoft Security Copilot Flight School
Securing Your Nonprofit Environment (Part 1) – Enabling Security Defaults
Securing Your Nonprofit Environment (Part 2): Best Practices to Secure Your Admin Accounts
Upgrade to Microsoft 365: Unlock the Power of the Cloud –
https://www.youtube.com/watch?v=zAVqDZN9BCk
Getting Started With Microsoft 365 Business Premium Video 01: Before You Begin –
https://www.youtube.com/watch?v=es8lisFPpBk
Comparing Copilot Chat included with Microsoft 365 to a paid Copilot license –
https://www.youtube.com/watch?v=ItcvkU528AI
Open shared Word, Excel, and PowerPoint files on iPhone and iPad devices without a Microsoft account –
Level up your defense: protect against attacks using stale user accounts –
Introducing Copilot in the Microsoft 365 admin centers –
https://www.youtube.com/watch?v=rMalGm0tBOY
The Enhanced “Edit in Grid” Experience for Document Libraries –
New live chat in Microsoft Teams: Connecting customers and businesses effortlessly –
Unlock the future of teamwork with Microsoft 365 Copilot in Teams –
https://www.youtube.com/watch?v=s9LX3SnLYpE
Defender XDR – Monthly news – March 2025 –
Peter is here –
https://unlocked.microsoft.com/minecraft-vatican/
How to deploy transformational enterprise-wide agents: Microsoft as Customer Zero –
AI innovation requires AI security: Hear what’s new at Microsoft Secure –
Dow is targeting millions in cost savings with Microsoft 365 Copilot and agents –
Unveiling the Shadows: Extended Critical Asset Protection with MSEM –
StilachiRAT analysis: From system reconnaissance to cryptocurrency theft –
Strengthening Email Security: Our New Approach to Non-RFC Compliant Emails –
After hours
Can You Fool A Self Driving Car? – https://www.youtube.com/watch?v=IQJL3htsDyQ
Editorial
If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.
Watch out for the next CIA Brief next week
The Australian Signals Directorate (ASD) has produced a number of recommended configuration policies for Intune as part of their Secure Cloud initiative. You can find them here:
Macros enabled for trusted publishers
Theses policies are in TXT format but are effectively just JSON files.
I have therefore takes these TXT files, renamed to JSON files and uploaded into my best practices repository here:
CIAOPS Best Practice Repo – ASD recommended policies
It would have been good if the ASD had placed in their own repo so they could easily be monitored for updates. Alas, maybe in the future.
So for now you can import these files directly from my repo into your Intune and I’ll try and do my best to keep them current with what the ASD does.
https://www.youtube.com/watch?v=U_M2nGwFGBg
In this video, I provide an in-depth tutorial on using Copilot actions within Copilot Studio to create autonomous agents. I demonstrates how to set up triggers, specifically focusing on activating an agent when a new email arrives. I walk through the process of creating a trigger using Power Platform, configuring the agent to respond to emails, and enabling orchestration to ensure seamless operation. I also shares practical tips and insights from his experience, emphasizing the importance of clear instructions and matching action names. This video is ideal for anyone looking to automate tasks using Copilot Studio and Power Platform.
Key topics covered:
Setting up triggers for autonomous actions
Configuring agents to respond to emails
Using Power Platform for automation
Enabling orchestration in Copilot Studio
Practical tips for successful implementation
Watch this video to learn how to effectively use Copilot actions to automate your workflows and enhance productivity.
How-To Sync EntraID Group Memberships Into Any System –
Microsoft Security Implementation Proof of Concept by Lighthouse with Microsoft 365 Defender –
https://www.youtube.com/watch?v=rxiVirns1D4
Announcing a Limited Preview of GPT-4.5 in Copilot Studio –
Phishing campaign impersonates Booking .com, delivers a suite of credential-stealing malware –
Copilot supports communication in every style –
Securing Your Nonprofit Environment (Part 2): Best Practices to Secure Your Admin Accounts –
Jailbreaking is (mostly) simpler than you think –
https://msrc.microsoft.com/blog/2025/03/jailbreaking-is-mostly-simpler-than-you-think/
Improve your DLP maturity with DLP Analytics –
Take Flight with Microsoft Security Copilot Flight School –
Defending Against OAuth-Based Attacks with Automatic Attack Disruption –
Boost customer engagement with live chat in Microsoft Teams –
https://www.youtube.com/watch?v=y_fTX0E08BU
Introducing Microsoft Entra Health alerts: An enhancement to tenant health monitoring –
New XCSSET malware adds new obfuscation, persistence techniques to infect Xcode projects –
Built-in report button is available in Microsoft Outlook across platforms –
Blog Series: Charting Your Path to Cyber Resiliency –
After hours
Gemini Robotics: Bringing AI to the physical world – https://www.youtube.com/watch?v=4MvGnmmP3c0
Editorial
If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.
If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.
Watch out for the next CIA Brief next week
To get a better idea of the costs of using SharePoint Agents, I’d suggest you have a look at:
with the highlight being:
Under the PAYGO model, customers are billed $0.01 per message. Each interaction with a SharePoint agent uses thirty-two (32) messages, so customers are billed at $0.32 per interaction with SharePoint agents. The PAYGO meter uses your Azure subscription as the payment instrument, ensuring seamless integration with existing billing processes. This meter is available worldwide.
and
There are no in-product feature differences between the PAYGO meter, and the SharePoint agent included in the Microsoft 365 Copilot license. Users have the same capabilities and benefits, regardless of the billing model they choose.
Thus, with each interaction being $0.32, let say that typically a user will interact with SharePoint agents three times during any inquiry. That makes it about $1 per enquiry. If we now say that an average user will make 20 inquiries per day, that is $20 per user per day. Multiply that across all the users in an organisation and you can see how it could get very expensive very quickly.
Clearly then, pay as you go SharePoint agents is for very low volume of usage across the organisation, typically one enquiry per day. Otherwise, it make more sense to buy a full license of Microsoft 365 Copilot for the user in question because they effectively get unlimited SharePoint agent enquiries as well as a personal AI assistant plus more.
If you combine any other pay as go usage of Copilot, such as with Copilot Studio as I have outlined before, then it make far more sense to get a full Microsoft 365 Copilot for those who need to use any AI tools. However, pay as you go billing does provide you the flexibility to mix and match with full Microsoft 365 Copilot licenses. If you have a business with 5 major users and 20 casual users then teh starting point is for those 5 users to have full Microsoft 365 Copilot license, while the rest simply use an Azure subscription to cover any incidental costs until the point when another person in the business needs a full license.
To keep control of any SharePoint or Copilot pay as you go, you shoudl always set up a budget in Azure as I have outlined before with Security Copilot
Pay as you SharePoint agents do provide a degree of flexibility of quickly and easily enabling AI across your SharePoint information for your whole organisation but if usage of AI starts to grow then so too will the costs, and potentially quite dramatically if appropriate limits are not configured. The best option with pay as you go SharePoint agents then is its use in combination with full Microsoft 365 Copilot licenses for users who need to use AI extensively in their jobs, while casual users can remain on the pay as you go option. The good news is that you do have the flexibility to mix and match with the two types of licenses as needed and Azure does give you the added benefit of being able to turn off immediately where Microsoft 365 Copilot licenses are typically an annual commitment.
Now that I have set up pay as you go (PAYG) Copilot Studio via an Azure subscription, the next big question is what are the costs likely to be? These are somewhat hard to quantify exactly because it ‘depends’ on a lot of factors.
Start with:
Copilot Studio licensing here:
https://learn.microsoft.com/en-us/microsoft-copilot-studio/billing-licensing
which says:
but then it isn’t a simple ratio of 1 question = 1 message, oh no. You need to look at this:
which gives you this table:
The example Microsoft provides is:
Each interaction with an agent might utilize multiple message types simultaneously. For example, an agent grounded in a tenant Microsoft Graph could use 32 messages (30 messages for the Microsoft Graph grounding, and two for generative answers) to respond to a single complex prompt from a user.
Agent costs depend on an agent’s complexity and its usage.
Inside the Power Platform admin center, under licensing and Copilot Studio I see this:
if I drill into this a little more I find:
Ok, so 2,040 messages is the usage.
I then waited and checked my Azure billing for the period and it reports:
which is AU$20.30 for Copilot Studio usage across those 2,040 messages I suggest. If you divide the cost by the messages you come out to around that suggested $0.01 per message as expected.
How does that relate to usage? Again, hard to exactly quantify as I was the only user and I was building and testing an autonomous agent with Copilot Studio for around 8 hours roughly. Thus, that means an average of 255 AI message per hour or 4.25 messages per minute.
Based on that, the best estimate (rule of thumb) I could give you would be, based on ‘average use’ across a typical day (8 hours), for a single user using Copilot regularly throughout the day the cost is going you around AU$20 per user for that 8 hours of sustained usage.
I fully appreciate this is nowhere near exact but, so far it is the best average I can come up with for sustained daily usage.
If we assume that a ‘normal’ user is not going to using AI in the sustained manner across the whole day we could then apply say a 50% usage discount and settle on around AU$10 per user per day for an ‘average’ user using Copilot resources in an ‘average’ way per day. More intensive usage would be considered around AU$20 per user per day I suggest.
In summary then, via my imperfect observations and calculations I would suggest to you that if you do indeed implement Copilot service via Pay As You Go (PAYG) then the ‘typical’ costs you can expect would be around AU$10 per user per day up to AU$20 per user per day. If this was sustained across a full month then you would be looking at $300 per average user per month which is way above the cost of a full license of Microsoft 365 Copilot whih which would be a flat fee of around AU$45 per user per month.
This is the best estimate I can give you and your costs and usage will vary but I think $10 per user per day for average Copilot use on a PAYG plan is as good as any place to start.
Clearly then, if your users are planning on sustained Microsoft 365 Copilot usage a paid license of Microsoft 365 Copilot is a much more effective investment from what I can determine.
CIAOPS 