What is Restricted SharePoint Search?
Restricted SharePoint Search (RSS) is a tool for SharePoint Administrators (or higher roles) in Microsoft 365. It lets you create a list of approved SharePoint sites, called the “allowed list.” You check these sites for proper permissions and data rules. This list decides which sites show up in company-wide searches and Copilot features. By default, this tool is off, and the allowed list starts empty.
When you turn on Restricted SharePoint Search, you can limit searches and Copilot to only the sites you’ve approved. Even so, users can still use Copilot to access files they own or have worked on before, no matter if those files are on sites in the allowed list or not. Be aware that this also limits search in SharePoint for non-copilot users as well so searching SharePoint will not work as might be expected!
How to Set Up SharePoint Restrictive Search
Setting up SharePoint restrictive search involves a few key steps:
- Enable Restricted Search: Navigate to the SharePoint admin center and enable the restrictive search feature
- Curate Allowed List: Create an allowed list of up to 100 SharePoint sites that users can search. This list should be curated by administrators and should honor existing site permissions.
- Configure Permissions: Ensure that the permissions for the curated sites are correctly set up to restrict access to authorized users only.
For detailed instructions, you can refer to the official documentation here.
How Does SharePoint Restrictive Search Work?
Once enabled, SharePoint restrictive search limits the searchable content to:
- Curated SharePoint Sites: Only the sites included in the allowed list set up by administrators.
- OneDrive Files: Files stored in users’ OneDrive accounts.
- Chats, Emails, and Calendars: Content from users’ chats, emails, and calendars.
- Frequently Visited SharePoint Sites: Sites that users interact with regularly, based on their activity such as viewing, editing, or collaborating on content.
- Directly Shared Files: Files that have been shared directly with users.
- Interacted Files: Files that users have viewed, edited, or created.
Limitations of SharePoint Restrictive Search
While SharePoint restrictive search is effective in controlling access to content, it has certain limitations, especially in the context of Copilot indexing:
Partial Site Searchability: Only specific files or content that the user has interacted with will be searchable, not the entire site unless it is part of the curated allowed list.tricted Sharepoint Search and Curate the allowed list for Restricted Sharepoint Search.
Previous Interactions: If a user has previously interacted with content, Copilot might still provide answers based on that context, even after restrictive search is enabled.
Dynamic Updates: The list of frequently visited sites is dynamically updated based on user activity, which means that new interactions can make additional content searchable.
Interaction with Copilot: Limitations and Unexpected Details
RSS limits Copilot’s access to the allowed list and user-specific content, but an unexpected detail is that Copilot can still use files users have previously viewed, edited, or created, even from sites not in the allowed list. This means RSS doesn’t fully prevent Copilot from accessing sensitive data if users have interacted with it, which could be a concern for data security.
Some Extra background information
This part provides a detailed examination of Sharepoint restrictive search (RSS) and its role in managing Copilot’s access to Sharepoint content, particularly focusing on its setup, functionality, and limitations. The analysis is grounded in current documentation and insights, reflecting the state as of March 15, 2025, and is intended for IT consultants and administrators seeking to enhance data governance in their organizations.
Background and Purpose of RSS
Sharepoint restrictive search (RSS) is a feature specifically designed for customers using Microsoft 365 Copilot, introduced to assist Sharepoint administrators in maintaining an “allowed list” of Sharepoint sites. This list, limited to a maximum of 100 sites, ensures that only sites with verified permissions and data governance are accessible for organization-wide search and Copilot experiences. RSS is off by default, with an empty allowed list, and aims to prevent oversharing while allowing admins time to review and audit site permissions. This is particularly crucial for organizations deploying Copilot, as it helps maintain momentum with AI adoption while implementing robust data security measures, such as those offered by Microsoft Purview and Sharepoint Advanced Management.
Detailed Functionality of RSS
When RSS is enabled, it restricts both organization-wide search and Copilot experiences to a curated set of Sharepoint sites and user-specific content. The functionality can be broken down as follows:
- Allowed List: Up to 100 Sharepoint sites can be included, with Hub sites counting as one entry, though their associated sites are included without counting toward the limit, provided they have proper permissions. This ensures flexibility while adhering to the 100-site cap.
- User-Specific Content: Users can access their OneDrive files, chats, emails, and calendars they have permissions for, as well as files from frequently visited Sharepoint sites. Frequently visited sites are dynamically determined based on user activity, such as viewing, editing, or collaborating, similar to how applications like Word or Excel display recent documents.
- Directly Shared and Interacted Files: Files shared directly with users and those they have viewed, edited, or created are also accessible, with a limit of the last 2,000 entities for these categories. This ensures that user interaction history remains available, even if the site isn’t in the allowed list.
The impact of enabling RSS is significant: it limits search results and Copilot responses to these defined scopes, potentially affecting response accuracy due to reduced information availability. This affects all users, including those not using Copilot, and site-scoped searches remain unaffected, focusing only on modern search and Copilot experiences.
Setting Up and Managing RSS
Setting up RSS requires administrative privileges, specifically a Sharepoint Administrator or above role in Microsoft 365. The process involves several steps, which can be executed via the Sharepoint admin center or PowerShell scripts for more advanced management:
- Checking Status: Admins can check whether RSS is enabled or disabled, ensuring they understand the current configuration.
- Enabling/Disabling: RSS can be turned on or off as needed, with changes taking effect within an hour, according to documentation.
- Curating the Allowed List: This involves adding or removing Sharepoint site URLs, with strategies to identify top 100 sites based on activity and usage reports from the Sharepoint Admin Center. For instance, admins can use the Active Sites page to sort and filter by metrics like last activity, page views, and file interactions, creating a custom view for analysis. Hub sites and their associated sites must be carefully managed to ensure proper permissions.
- Managing the List: Ongoing management includes reviewing and updating the list to reflect organizational needs, ensuring only safe sites are included for search and Copilot access.
For detailed instructions, refer to the official Microsoft documentation at Restricted Sharepoint Search and Curate the allowed list for Restricted Sharepoint Search, which also provide PowerShell scripts for automation, such as getting the current mode, adding/removing sites, and retrieving the full list.
Interaction with Copilot: Detailed Analysis
Copilot’s interaction with Sharepoint content is governed by RSS settings, but there are important nuances, especially regarding its limitations. When RSS is enabled, Copilot’s access is restricted to:
- Content from the allowed list sites, honoring existing permissions.
- User-specific content, including OneDrive files, chats, emails, calendars, and files from frequently visited sites.
- Files shared directly with the user and those they have viewed, edited, or created, which remain accessible regardless of the site’s inclusion in the allowed list.
A critical aspect is that Copilot can still provide answers based on content users have previously interacted with, even if the site isn’t in the allowed list. This is because RSS does not remove access to files in the user’s interaction history, such as those viewed, edited, or created, which can include sensitive information. This behavior is consistent with Copilot’s use of Microsoft Graph data, which includes recent file interactions and profile information, respecting user permissions but retaining access to historical interactions.
This limitation means that RSS does not fully prevent Copilot from indexing or using content from sites not in the allowed list if users have previously accessed them. For example, if a user viewed a confidential document from an unlisted site, Copilot could still reference that document in responses, posing a risk for data security. This is particularly relevant for organizations concerned about inadvertent data leakage, as highlighted in discussions around Copilot’s ability to reason across all accessible data, including uncurated sites.
Limitations and Implications for Copilot Indexing
The primary limitation of RSS in stopping Copilot from indexing sites is its inability to restrict access to content users have already interacted with. While RSS effectively limits new searches and Copilot discoveries to the allowed list and user-specific scopes, it does not retroactively block access to files in the user’s history. This means:
- If a user has viewed, edited, or created files from a site not in the allowed list, those files remain searchable and usable by Copilot.
- Frequently visited sites, determined dynamically, can also include files from unlisted sites, further expanding Copilot’s potential access.
- This creates a scenario where sensitive information, if accessed by users, can still be leveraged by Copilot, undermining the goal of restricting site indexing.
To mitigate this, admins must focus on managing user access proactively, ensuring sensitive sites are not accessible to unauthorized users and using additional tools like Microsoft Purview for data classification and protection. The documentation notes that RSS honors existing site permissions, so combining it with advanced access policies and site content lifecycle management can enhance security.
Best Practices for Enhanced Data Governance
Given the limitations, here are recommended best practices for admins to enhance data security and governance:
- Regularly Audit User Access: Conduct periodic reviews to ensure only authorized users can access sensitive sites and files, reducing the risk of unintended interactions that Copilot can later use.
- Manage Allowed List Carefully: Include only sites that are safe for organization-wide access, using activity and usage reports to identify high-risk or inactive sites for exclusion.
- Educate Users: Inform users about the importance of not sharing or viewing sensitive information unnecessarily, emphasizing the impact on Copilot’s access.
- Use Additional Security Features: Leverage Microsoft Purview for classifying and labeling data based on sensitivity, and implement Sharepoint Advanced Management for advanced access policies and content lifecycle management. This can help prevent unauthorized sharing and review Copilot prompts and responses for compliance.
Comparative Analysis: RSS vs. Other Security Features
To provide context, RSS can be compared with other Sharepoint security features, such as Restricted Content Discovery, which is a site-level setting requiring Sharepoint Premium – Advanced Management. Unlike RSS, Restricted Content Discovery affects tenant-wide search and Copilot Discovery scenarios but does not impact data-in-use Copilot experiences, like summarizing current documents in Word. Both features aim to limit search visibility, but RSS is tenant-wide and focuses on an allowed list, while Restricted Content Discovery is site-specific and can lead to performance impacts if overused, due to index update latency.
| Feature | Scope | Impact on Copilot | Prerequisites |
|---|---|---|---|
| Restricted Sharepoint Search | Tenant-wide, up to 100 sites | Limits to allowed list and user interactions | Microsoft 365 Copilot license |
| Restricted Content Discovery | Site-level | Affects Discovery, not data-in-use scenarios | Sharepoint Premium – Advanced Management |
This table highlights the complementary nature of these features, with RSS providing a broader control mechanism and Restricted Content Discovery offering finer granularity at the site level.
Conclusion
Sharepoint restrictive search is a vital tool for managing Copilot’s access to Sharepoint content, offering a balance between deployment momentum and data security. However, its limitation in handling previously interacted content underscores the need for comprehensive user access management and additional governance tools. This also needs to be explained to the users! By following best practices and leveraging Microsoft’s ecosystem, admins can mitigate risks and ensure a secure Copilot experience, aligning with organizational data governance goals.