Coming out of a recent webinar on Microsoft Purview, AI governance, and DSPM for AI, I found myself thinking more deeply about where AI governance becomes very real for organizations — not in abstract policy discussions, but at the point where people actually touch data.
In the webinar, we discussed data hygiene and data governance when introducing Retrieval-Augmented Generation (R.A.G) generative AI models into your environments including Copilot, ChatGPT, and others. These AI models are also considered AI applications based on the actual user interaction and the inclusion of identity, permissions, context, and (hopefully) data governance, with the application of the proper guardrails. We focused our AI webinar examples on what can be accessed by the Microsoft Graph Unified API including SharePoint, Teams, Exchange Online and OneDrive. Think of Microsoft Graph as a doorway and SharePoint, Teams, Exchange Online and OneDrive as rooms accessible through that entrance. I started thinking about a way to use this analogy to help describe SQL specific data governance, particularly with the increased usage of Microsoft Copilot for SQL.
Long before Copilot entered the conversation, I spent several years teaching Microsoft SQL database administration and SQL programming as a Microsoft Certified Trainer (MCT) and working with many versions of Microsoft SQL in various engineering roles. In those days, we focused heavily on fundamentals including authentication models, permissions, role design, database performance, database clusters for high availability, and database architectures. We did this because those decisions determined whether the database environments were resilient, optimized, secured, and compliant (regulatory framework dependent).
Enter Microsoft Copilot for SQL. Copilot for SQL is an incredibly powerful productivity tool, but it also shines a spotlight on long-standing SQL security shortcuts, the risks of which many organizations have learned to live with. However, when you combine AI-assisted query generation with over-privileged logins, unclear data ownership, or poorly classified sensitive data, governance gaps show up fast.
This post isn’t about whether Copilot for SQL is “safe” or “unsafe.” It’s about how tools like Copilot make Purview, data classification, and DSPM for AI no longer optional, especially for SQL environments that contain some of an organization’s most sensitive data.
Let’s jump back to our Microsoft Graph example. SQL is not exposed through Microsoft Graph. There is no Graph API that enumerates SQL tables, accesses rows in the database, or returns column data via a query. SQL operates in a different wing of the building. Thus, picture Copilot for SQL as an imbedded AI layer found within the tools that connect to SQL and not something within the SQL engine itself. Copilot for SQL shows up in SQL tools including SQL Server Management Studio (SSMS v21+) and Azure Data Studio. For Azure SQL databases, Copilot for SQL can be found in the Azure portal and feels somewhat more native since the Azure SQL control plane lives in Azure. Important Note: Because Copilot for SQL does not reside in the SQL server engine, does not run as a SQL job, does not exist as a database extension and DOES not live inside Microsoft Graph, on-premises SQL instances or IaaS deployments of Microsoft SQL can leverage Copilot for SQL.
The Governance Implications: Identity, Authentication, and Permissions
You may (should) be asking, “With Copilot for SQL in the picture, what are my data governance implications, specific to Microsoft SQL databases?”
Remember, the user connects to SQL exactly as they always have with the tools, but once activated, Copilot for SQL is now observing in the active connection context.
A Healthcare Scenario: How Broad Read Access Becomes Risky in Seconds
Purview DSPM for AI acts as an intelligence layer over Microsoft Purview’s governance tools, continuously discovering, classifying, and enforcing policies so that Copilot for SQL only accesses and processes sensitive data in compliance with security and regulatory controls.
Sensitive Data Visibility
DSPM for AI provides visibility into which SQL databases and tables contain sensitive data that could be accessed through Copilot for SQL, based on Purview’s discovery and classification of SQL data sources.
Why this matters for SQL:
Amplifying SQL Data Exposure Risks
DSPM for AI helps organizations understand how existing SQL permissions and data exposure may be amplified when Copilot for SQL enables faster schema discovery and query generation.
Why this matters for SQL:
Highlight Where Controls are Most Needed
DSPM for AI identifies where guardrails are needed by highlighting sensitive SQL datasets that should not be broadly accessible through Copilot for SQL without additional controls such as least-privilege access, labeling, or monitoring. Guardrails live in SQL and Purview. DSPM for AI tells you where the guardrails are needed the most.
Why this matters for SQL:
Prioritize Guardrails
DSPM for AI enables informed governance decisions by helping security teams prioritize which SQL databases require tighter permissions, data classification, or usage guidance before Copilot for SQL is enabled for broader audiences.
For SQL, this means:
The key takeaway here is that Copilot for SQL doesn’t create new access, but turns over-permissioning (I like this word) into immediate capability. In environments where sensitive data lives in SQL, including, but not limited to healthcare, financial services, and manufacturing, that capability must be governed, and not assumed safe. And to draw the distinctions, Purview and DSPM for AI do not fix permissions or configuration issues but identify and prioritize where you should look first. Permissions haven’t changed, exposure has; and it’s accelerated. Purview and DSPM for AI should inspire the “what changes if we turn Copilot for SQL on in our environment?” conversation.
Whether you’re just starting or advancing your data governance, compliance, and AI journey, Avertium helps you cut through the maze of Purview’s vast capabilities. With deep platform and cybersecurity expertise, our goal is to empower you with the knowledge and tools necessary to achieve and maintain a hardened security posture, accelerate AI adoption, and drive productivity.
Take your next step toward adaptive and scalable security and compliance. Learn more about our Microsoft Purview and AI Readiness offerings.