Microsoft in mid-March disclosed that 160,000 customers had built 400,000 AI agents in the preceding three months. Those numbers, and their rate of growth, have undoubtedly risen since.
That kind of growth trajectory leads market experts and Microsoft execs including Dorothy Li, corporate vice president and engineering lead for Security Copilot and ecosystem, to conclude that, in the near future, there will be an agent for every task.
For business, tech, and security leaders, the prospects of all those agents touching a wide range of systems and data sources can be daunting to say the least. Recognizing the management, security, and other challenges posed by this rapid uptake, key vendors including Microsoft, as well as PwC and others, are rolling out platforms to orchestrate and manage agents. This report provides detail on the Microsoft Copilot Control System.
We first heard about CCS late last year, and the company continues to share more details, including an in-depth overview that was recently published.
CCS, according to Microsoft, helps customers secure, manage, and analyze the use of Microsoft 365 Copilot, Copilot Chat, Microsoft Copilot Studio, and agents across their organizations.
Because the AI models used by Microsoft 365 Copilot are hosted within Azure OpenAI, CCS aligns with Microsoft 365 Compliance requirements, while also adhering to Microsoft enterprise data protection standards, the safety and governance controls built into Copilot infrastructure, and its Responsible AI services. Additional details on the three core functions managed by CCS follow:
Security and Governance
As their companies expand the rollout of AI broadly and agents more specifically, organizations need to address risks that are specific to AI applications. For example, they need control over which AI apps are available to users, the ability to mitigate threats targeting AI applications, and protection from actions or attacks that exploit AI. For compliance and privacy requirements, organizations need functionality to audit, investigate, and preserve AI interactions in order to satisfy retention schedules or litigation holds for preserving relevant information.
The security and governance functions of CCS address these challenges by providing integration with Microsoft Purview data management and security, Defender for Cloud Apps, and Entra for identity management provide comprehensive security and governance.
CCS security and governance functions also include data security, AI security, and compliance/privacy. For data security, foundational controls include the ability to manage data and site access, identify and reduce potential oversharing with built-in site governance, and they protect Copilot responses with automatic inheritance of data classification while providing control over sensitive data in Copilot and agents.
For AI security, CCS includes protection against prompt injection attacks and harmful content. Microsoft also provides foundational controls in Entra to restrict which AI apps that users can access. Compliance and privacy controls include visibility over web-grounded search. Purview’s foundational controls include the ability to audit activity.
Management Controls
With CCS management controls, customers can determine how their Copilot licenses and agents are deployed to meet the needs of their organizations. This includes:
- Management of Copilot licenses and agent access control, ensuring compliance with policies and usage limits.
- Agent Lifecycle management for visibility into the status, governance, and lifecycle of agents, allowing administrators to review agent details, as well as approve, block and manage usage.
- Metering controls to configure pay-as-you-go billing, review agent message consumption, and manage agent consumption costs.
When it comes to management controls for third-party agents, admins can view agents from the list of available, deployed, or blocked apps on the Integrated apps page of Microsoft 365 admin center, where Copilot and agent management controls are primarily found. There, they can check whether a specific app has Copilot support and checking if the app overview references Copilot as a host product.
AI Agent & Copilot Summit is an AI-first event to define opportunities, impact, and outcomes with Microsoft Copilot and agents. Building on its 2025 success, the 2026 event takes place March 17-19 in San Diego. Get more details.
Measurement and Reporting
CCS measurement capabilities are designed to empower IT and business leaders to understand adoption and business impact of Copilot and agents as part of Copilot Analytics. Copilot Analytics provides out-of-the-box experiences and advanced reporting tools that track:
- Readiness and adoption to help prepare for Copilot deployment with workplace analytics and drive Copilot and agent adoption.
- Productivity shifts to understand how Copilot and agents lead to time savings, as well as behavioral and collaboration pattern changes.
- Business value and ROI to measure the impact AI has on functions including sales, service, finance, and more.
Planned Enhancements
The latest detail on CCS from Microsoft includes two forthcoming functions:
- Agent inventory management, which will enable administrators to review agents and agent metadata, and to block and take agents down as necessary.
- Agent usage reporting designed to offer administrators views into agent usage, adoption, and business impact.
