How to Disable Microsoft Copilot in Edge and Windows (Enterprise & Intune Guide)





We are now operating in an AI-driven era where tools like Microsoft Copilot, ChatGPT, and Google AI are deeply integrated into daily workflows.

While these tools boost productivity, they also introduce data security, compliance, and governance concerns, especially when employees interact with public AI services.

Many organizations are responding by:

  • Building internal AI platforms
  • Restricting access to public AI tools
  • Enforcing endpoint-level controls

In my case (Dec 2025), a company deployed its own private AI solution using Google modules. To maintain strict data governance, they requested the removal of Microsoft Copilot from Edge and Windows environments.

Why Disable Copilot?
Organizations may choose to disable Copilot due to:

- Data leakage risks through AI prompts
- Regulatory compliance (HIPAA, GDPR, etc.)
- Lack of visibility into AI data processing
- Preventing uploads of confidential documents
- Controlling shadow AI usage

⚠️ Important:
Disabling Copilot does not prevent users from accessing external AI tools (ChatGPT, etc. in a browser). Additional controls, such as web filtering, may be required.



How to Disable Microsoft Copilot Chat:

In this short blog post, I will walk you through how to discover and disable it.

Microsoft 365 Chat Icon became a default with the Microsoft Edge browser, so it is enabled by default.





Also, you can run this command to find and remove it manually or deploy via Intune:-

# Detect Microsoft Copilot Appx

$copilot = Get-AppxPackage -Name "*Copilot*" -ErrorAction SilentlyContinue

if ($copilot) {
    Write-Output "Microsoft Copilot found"
    exit 1
}
else {
    Write-Output "Microsoft Copilot not found"
    exit 0
}


To Disable it, I found 3 ways, you can choose the easiest for you:

1. Registry Key:-

You have to create and deploy this registry key to all your devices (always test first)
99% if you did not create before, you won't find Edge, that's why I said create 

Disable via Registry (Edge Policy)

Path:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Edge

Value:
- Name: Microsoft365CopilotChatIconEnabled
- Type: DWORD
- Value: 0 (Disabled)

💡 Notes:
- Create the full path if it does not exist
- Can be deployed via:
  - Intune (Settings Catalog / Scripts)
  - Group Policy Preferences






2. Intune > Configuration:-

Microsoft Intune Configuration


Steps:


1. Go to Intune Admin Center
2. Devices → Configuration Profiles
3. Create Profile:
   - Platform: Windows 10/11
   - Profile Type: Settings Catalog

4. Search for:
   "Copilot"

5. Disable:
   - Microsoft 365 Copilot Chat Icon

6. (Recommended) Also disable:
   - AI Data Analysis features

✅ This ensures additional protection beyond Copilot UI removal.


I also added another setting to Disable AI Data Analysis for more protection (this is not related to Copilot).











You can also use the custom setting:-







3. Remove it by running a script via SCCM

Microsoft Copilot found

if (Get-AppxPackage -Name "*Copilot*"){
   Write-Host "Microsoft Copilot found."

exit 1
}

else{

Write-Host "Microsoft Copilot not found."

exit 0
}

#Remove Copilot

Get-AppxPackage -AllUsers | Where-Object Name -Like "*Copilot*" | ForEach-Object {Remove-AppxPackage -Package $_.PackageFullName -AllUsers -ErrorAction SilentlyContinue}


And the result, Copilot Chat was disabled from Edge and the taskbar




Limitations

- Removing the Appx package may not permanently prevent reinstallation after updates
- Edge updates may re-enable features unless policies are enforced
- Users can still access AI tools via browser unless blocked at the network level


✅ Recommended:
Combine this approach with:
- Web filtering (Defender for Endpoint / Proxy)
- Conditional Access
- DLP policies, or GSA Policies.


Finally,

Disabling Microsoft Copilot is not just a technical change, it’s part of a broader 'AI governance strategy.'

For enterprise environments, combining:
- Endpoint controls (like this guide)
- Network restrictions
- Security policies

Ensures better control over AI usage while protecting sensitive data.

Always validate changes in a test environment before deploying to production.


I hope this helps



Comments

Post a Comment

Popular posts from this blog

Why Your Devices Are Skipping Updates in SCCM and Intune – And How to Fix It Fast

Image
  Ever wondered why some devices in your organization stubbornly refuse to get updates despite being in SCCM or Intune? This represents a common challenge faced by administrators during the implementation of security patches. Administrators endeavor to fulfill their responsibilities and meet the expectations of the security, compliance teams, and management. I was among those 😒 who initiated a hot seat challenge from August to October 2025. Many customers were affected, regardless of their Endpoint Management system, whether SCCM or Intune. Some of their devices repeatedly failed despite ongoing efforts 🙄 . Why should I care? When you work with Endpoints, you're engaging with your compliance and cybersecurity team, who want to make sure there are no security risks. They focus on Security Zero Trust and Conditional Access, so your users can smoothly access your organization's resources without being blocked just because a device isn't marked as compliant.    ...
Read more

M365 Tips to secure your tenant

Image
  🔐 5 Quick CIS Security Wins to Strengthen Your Microsoft 365 Tenant Today   As IT professionals, we all want a secure tenant, but between tickets, deployments, and patching, configuring new settings in Intune, Entra, Defender, etc. security hardening often gets pushed to ‘will do later.’ The problem? ⚠ ️ Attackers will never wait us! I found a couple of settings, some of them so simple, but we miss them because we are always busy. I was digging in Defender and M365 Admin Center: 1.       📅 CIS Benchmark L2 for M365 recommended to disable calendar share with external.   One of the main reasons attackers need to know about your organization before they attack it is that if we allow our users to publicly share their calendars, it can help attackers learn more about the organization and its users. They can then use this information to exploit situations like when employees are out of the office, traveling, etc.  2.     ...
Read more

Vulnerabilities Dashboard

Image
  Have you previously operated a device to mitigate vulnerabilities and subsequently received an extensive list of vulnerabilities from cybersecurity for that device? You are not alone in this experience.   This isn't a new feature, we are fortunate to have talented individuals in the community, such as Fabian Bader and Nathen McNulty, who have made significant contributions in this area. I have documented their efforts and recommended their work to my clients during my collaborations.   During my previous engagement with the Intune team, I observed that their permissions were highly restricted. They lacked access to cybersecurity tools such as Defender, Tenable, CrowdStrike, and Entra. As a result, they were unable to independently identify device deficiencies or vulnerabilities, relying instead on their cybersecurity team for such information. When I recommended community solutions, they expressed appreciation. However, they do not possess the authority to develop appli...
Read more