// Trust & Security Report
Microsoft Corporation
Microsoft Copilot (consumer Copilot at copilot.microsoft.com, Microsoft 365 Copilot, Copilot Studio, Security Copilot, GitHub Copilot)
Certifications held
11
Maturity
Enterprise
Trains on your data
Yes
Trust center
Yes
// Certification ledger
Each held certification is backed by a verbatim quote from the vendor's own trust or security page. “Not confirmed” means we could not verify it publicly, not that the vendor lacks it.
Verify on learn.microsoft.com“Microsoft Copilot Studio has been audited to be compliant with SOC. SOC audit reports are available from the Microsoft Service Trust Portal.”
Verify on learn.microsoft.com“Microsoft Copilot Studio is compliant with the ISO standards listed in the following table. ... ISO 27001:2013 ... Audit reports for each are available from the Microsoft Service Trust Portal.”
Verify on learn.microsoft.com“Microsoft Copilot Studio is compliant with the ISO standards listed in the following table. ... ISO 27017:2015 ... Audit reports for each are available from the Microsoft Service Trust Portal.”
Verify on learn.microsoft.com“Microsoft Copilot Studio is compliant with the ISO standards listed in the following table. ... ISO 27018:2019 ... Audit reports for each are available from the Microsoft Service Trust Portal.”
Verify on learn.microsoft.com“Microsoft Copilot Studio is compliant with the ISO standards listed in the following table. ... ISO 27701:2019 ... Audit reports for each are available from the Microsoft Service Trust Portal.”
Verify on learn.microsoft.com“Microsoft Copilot Studio is covered under the Health Insurance Portability and Accountability Act (HIPAA) Business Associate Agreement (BAA).”
Verify on learn.microsoft.com“Copilot Studio is designed with compliance at its core ... It is compliant with or covered by: ... Health Information Trust Alliance (HITRUST) Common Security Framework (CSF)”
Verify on learn.microsoft.com“Copilot Studio is designed with compliance at its core ... It is compliant with or covered by: ... Payment Card Industry (PCI) Data Security Standard (DSS)”
Verify on learn.microsoft.com“Microsoft Copilot Studio has been audited to be compliant with CSA STAR.”
Verify on learn.microsoft.com“Microsoft's government cloud services meet the requirements of FedRAMP. By deploying protected services including Azure Government, Office 365 US Government, and Dynamics 365 Government, federal and defense agencies can use a rich array of compliant services.”
Verify on microsoft.com“The cited Microsoft Trust Center text ('We adhere to rigorous compliance standards... We offer comprehensive tools and certifications for simplified compliance management') is generic marketing copy that does not specifically attest GDPR compliance. GDPR is a regulation rather than an audited certification; Microsoft does provide a GDPR-aligned Data Processing Addendum (see privacy.dpa = true), but no per-product GDPR certification quote was located.”
// Privacy & AI training
Trains on customer data
Yes
Data processing agreement
Offered
Data region
Enterprise Microsoft 365 Copilot data residency follows the tenant/Microsoft 365 commitments (Azure regions, EU Data Boundary for EU tenants). Consumer Copilot is governed by the Microsoft Privacy Statement with no per-user residency guarantee; certain countries are excluded from training.
CRITICAL MULTI-PRODUCT DISTINCTION. Consumer Copilot (copilot.microsoft.com) DOES train generative AI models on signed-in users' conversations BY DEFAULT, with an opt-out. Microsoft Support states: 'Microsoft uses data from Bing, MSN, Copilot, and interactions with ads on Microsoft for AI training' and 'You can control whether your conversation activity is used for training Microsoft's generative AI models.' Users automatically EXCLUDED from training: those signed in with an organizational Entra ID account, users of Copilot within Microsoft 365 apps with Personal or Family subscriptions, users NOT signed in (unauthenticated), signed-in users under age 18, and users in Brazil, China (excl. Hong Kong), Israel, Nigeria, South Korea, and Vietnam. For ENTERPRISE Microsoft 365 Copilot and Copilot Chat, Microsoft Learn confirms: 'Prompts and responses aren't used to train the underlying foundation models.' So: consumer-signed-in = trains by default (opt-out); enterprise/M365 = does NOT train.
// Security controls
Bug bounty platform
Self-hosted via Microsoft Security Response Center (MSRC) Researcher Portal, not HackerOne/Bugcrowd. Dedicated Microsoft Copilot (AI) Bounty Program: rewards $250 up to $30,000 for critical inference-manipulation flaws; moderate-severity now eligible up to $5,000.
microsoft.comPenetration testing / red teaming
Yes. Microsoft runs continuous internal red teaming (AI Red Team), the MSRC bounty, and the Zero Day Quest event ('more than 600 vulnerability submissions and awarding more than $1.6 million'). SOC 2 / ISO audits include independent control testing.
microsoft.comEncryption
Microsoft Trust Center states data is protected at rest and in transit: 'We secure data at rest and in transit.'
microsoft.comTrust Center / Service Trust Portal
Public Microsoft Trust Center plus Service Trust Portal hosting SOC, ISO, and other downloadable audit reports for authenticated customers.
microsoft.com// Products & data scope
data: Free/Pro consumer chat. Signed-in conversations used for generative AI model training BY DEFAULT (opt-out available); unauthenticated sessions not trained. Governed by Microsoft Privacy Statement and Microsoft Services Agreement.
Highest privacy-risk tier of the family for default training behavior. The slug under assessment points here.
data: Grounded in tenant Microsoft Graph data; inherits Microsoft 365 enterprise compliance, EU Data Boundary, and tenant data residency. Prompts/responses NOT used to train foundation models.
Enterprise data protection boundary; commercial data protection applies.
data: SOC, ISO/IEC 27001/27017/27018/27701, and HIPAA BAA covered per Microsoft Learn certification page.
Strongest documented certification posture in the family.
data: Achieved SOC 2 certification plus ISO 27001/27017/27018/27701/20000-1/9001/22301 and HiTrust CSF per Microsoft community announcement; does not use customer data to train models.
Dedicated security product, separate scope.
data: Has its own GitHub Copilot Trust Center; Business/Enterprise tiers do not train on prompts/suggestions.
Separate trust documentation at copilot.github.trust.page.
// What to watch
- SURPRISING/CONFLICTING: Consumer Microsoft Copilot trains on signed-in users' conversations BY DEFAULT (opt-out), which is the opposite of the enterprise Microsoft 365 Copilot promise that prompts are never used for training. Directory must NOT present a blanket 'does not train on your data' claim for this tool.
- The assessed slug (copilot.microsoft.com) is the consumer product; most strong certifications (SOC 2, ISO, HIPAA BAA) are documented against the enterprise/Studio/Security Copilot variants rather than the consumer chat surface itself.
- Bug bounty is Microsoft-self-hosted (MSRC), not HackerOne/Bugcrowd.
- QA CORRECTION (2026-06-27): The certification list is scoped to Microsoft Copilot Studio per the Microsoft Learn certification page. The prior ISO entries used a paraphrased proof_quote that does not appear verbatim on the cited page; quotes were corrected to the page's actual wording ('Microsoft Copilot Studio is compliant with the ISO standards listed in the following table'). Missed Copilot Studio certifications were added from the same source: ISO/IEC 27017, ISO/IEC 27701, HITRUST CSF, PCI DSS, CSA STAR, and FedRAMP (government cloud offerings).
- QA CORRECTION (2026-06-27): 'GDPR alignment' was downgraded to held = 'unknown'. Its cited proof_quote was generic Microsoft Trust Center marketing copy that does not mention GDPR. GDPR is a regulation, not an audited certification; Microsoft's GDPR-aligned DPA is captured separately under privacy.dpa = true. The non-certification 'Microsoft 90+ compliance offerings' marketing entry was removed in favor of the specific, individually sourced certifications above.
// At a glance
Pricing model
Freemium. Consumer: free tier + Copilot Pro (~$20/user/mo). Enterprise: Microsoft 365 Copilot add-on (~$30/user/mo annual); Copilot Studio and Security Copilot metered/capacity-based.
Self-hostable
No
// How we verified this
Every certification marked HELD is confirmed against a verbatim quote on Microsoft Corporation's own trust, security, or privacy pages. We reject certifications claimed only on third-party aggregators, on a cloud host's behalf, or by a similarly named company.
Last verified 2026-06-27. Compliance changes over time. Always confirm directly with the vendor before relying on any certification for a purchasing or compliance decision.
microsoft.com