AI at work: adoption vs. governance
Surveys show AI use at work has moved beyond pilots—about half of American adults report using AI in daily life, and over one in four users say AI has replaced parts of their work tasks. At the same time, vendor docs show enterprise tools can respect permissions, labels and retention while running multi‑step actions inside Microsoft 365, highlighting that governance and controls are becoming central to deployments. (thehill.com) (hubsite365.com)
Artificial intelligence at work is shifting from small tests to daily use, and employers are putting more weight on the rules that govern it. (nbcnews.com) (learn.microsoft.com) An Ipsos survey for Epoch AI, released April 9, found that half of American adults had used artificial intelligence in the previous week for personal or work tasks. The same survey found 20 percent of full-time workers said artificial intelligence had replaced parts of their job. (nbcnews.com) The survey was conducted online from March 3 to March 5 among 2,000 American adults, with a margin of error of plus or minus 2.5 percentage points. Among people who used artificial intelligence in the previous week, nearly 50 percent said they used it two to five days a week. (nbcnews.com) At the same time, Microsoft’s latest enterprise guidance is focused less on novelty and more on access, retention and oversharing. A March 19 Microsoft Learn document says Copilot connectors can either follow source-system access control lists or make data visible to everyone in an organization. (learn.microsoft.com) That distinction matters because Microsoft says a connector set to “Visible to everyone” can expose sensitive content too broadly, and the company says admins cannot change that permission after setup without deleting and recreating the connection. (learn.microsoft.com) Microsoft has also separated retention policies for Microsoft 365 Copilot and Microsoft 365 Copilot Chat from Teams chat policies. In current Microsoft Purview guidance, prompts and responses can be retained or deleted for compliance, and the records are stored in hidden mailbox folders that compliance teams can search with electronic discovery tools. (learn.microsoft.com) In Microsoft’s Copilot Control System guidance dated February 25, the company says deployments now need security and governance controls for Microsoft 365 Copilot, Copilot Chat, prebuilt agents and agents published from Microsoft Copilot Studio. The same guidance tells customers to use Microsoft Purview and SharePoint Advanced Management to find overshared data and remove organization-wide access where needed. (github.com) A recent Power Apps walkthrough summarized by HubSite 365 shows how that governance model works inside business software. In the April 11 post, the site said Microsoft 365 Copilot in model-driven Power Apps can summarize records, generate Word or PowerPoint content, and run multi-step agent actions while respecting user permissions, sensitivity labels and retention rules. (hubsite365.com) Microsoft’s own release notes show the product is still adding everyday work features at the same time. On March 24, Microsoft listed new Copilot actions in the Microsoft Edge portable document format reader and delegate calendar search in Copilot Chat among recent releases. (learn.microsoft.com) The picture in April 2026 is that workers are using artificial intelligence often enough to change job tasks, while software vendors are building the permission checks, retention rules and admin controls needed to let that use spread inside large organizations. (nbcnews.com) (learn.microsoft.com)
