Microsoft Allows Use of Personal Microsoft 365 Subscriptions at Work
Posted3 months agoActive3 months ago
theregister.comTechstoryHigh profile
heatednegative
Debate
85/100
MicrosoftArtificial IntelligenceCopilotShadow It
Key topics
Microsoft
Artificial Intelligence
Copilot
Shadow It
Microsoft is allowing personal Microsoft 365 subscriptions to be used at work, raising concerns about data security, company policy, and IT control, sparking heated debate among commenters.
Snapshot generated from the HN discussion
Discussion Activity
Very active discussionFirst comment
34m
Peak period
24
2-4h
Avg / period
9.7
Comment distribution87 data points
Loading chart...
Based on 87 loaded comments
Key moments
- 01Story posted
Oct 1, 2025 at 4:48 PM EDT
3 months ago
Step 01 - 02First comment
Oct 1, 2025 at 5:21 PM EDT
34m after posting
Step 02 - 03Peak activity
24 comments in 2-4h
Hottest window of the conversation
Step 03 - 04Latest activity
Oct 2, 2025 at 11:47 AM EDT
3 months ago
Step 04
Generating AI Summary...
Analyzing up to 500 comments to identify key contributors and discussion patterns
ID: 45443304Type: storyLast synced: 11/20/2025, 6:45:47 PM
Want the full context?
Jump to the original sources
Read the primary article or dive into the live Hacker News thread when you're ready.
So the government customers that can really strike back at MS don't get this enabled by default. Very interesting...
I would also wonder if this would trigger IT review due to data access patterns. Having copilot start accessing documents would likely trigger certain security systems at many companies that are designed to prevent corporate espionage. It seems like a good possibility anyway, I certainly wouldn't be willing to risk it just so I could generate AI slop emails.
Next they should block me when I try to type the content manually into the Glorified Auto-Correct..
> You need Edge to download this file
Oh no thanks, not on my phone. I can screenshot the relevant part?
> Screenshot is a black rectangle
Ok well I can copy and pa- fuck!
> Clipboard contains “your organization’s security policy prohibits copying on this device”
—
Also, my org’s policies apparently prevent me from using the official GitHub app, but I can browse the repo on edge? Make it stop.
whew. they seem to be confusing exactly who the customer is here. they think their target customer is the everyday windows user, but in reality the customer is every company's internal IT and infosec teams. theyre trying to persuade regular users to use the product, bit these users will in turm need to persuade their IT teams before this product can be used. big mix up for microsoft.
Microsoft has been hostile to internal IT teams for a long time. They burned that bridge with me and my peers a long time ago. Unfortunately, MS knows it’s a captive audience and enterprises aren’t rushing to exit Microsoft anytime soon so they continue to get away with it.
MS hopes that users will start a trial for something, become reliant on it, then convince managers to override the IT teams and buy it. Just like how other SaaS products market to individual users instead of to IT departments.
It’s scummy.
No one should do business with Microsoft anymore at this point. That includes NPM, GitHub, VSCode too don’t forget. MS will get away with anything they want unless people push back and dump them.
That is the traditional spin but if they pull many stunts like this how long will it continue? Corporate IT teams are infamous for being slow and unwieldy but that's not entirely fair because the corporate IT teams are usually also the ones on the hook if anything goes wrong. Screw up some sort of data protection or regulatory compliance issue and that can have serious and lasting implications for the entire business. Move fast and break things is not what you want when x% of your global turnover is at stake if a regulator decides to make an example of you. Letting anyone else play with your toys is definitely not what you want in that scenario - why else do Windows Enterprise and Education editions not try to force the same hostile measures onto their customers as all the lower tiers?
This looks like a huge misstep to me - the kind of mess that could actually be big enough to move the needle. And for Microsoft the greatest danger is probably the needle moving enough for everyone to see it. Once no-one ever got fired for buying Microsoft except for that guy who just did it really could be the beginning of the end for them.
Microsoft also seems to have just abandoned one of the most powerful brands ever - Office - in a move that I can only assume was intended to show that Musk wasn't actually the craziest PR guy in the world when he renamed Twitter. There seems to be an outbreak of delusional thinking in Redmond and if this stuff doesn't get backtracked quickly I don't see a happy ending for MS here.
Google or countless smaller but established services for all the online stuff. The days when all businesses used Windows and Office for everything and the competitors were half-baked also-rans are long gone.
There is no lack of IT companies that will take your money if you're willing to move out of the Microsoft bubble. This is a momentum problem not a lack of competition problem.
Google is a pile of its own risks. For all the problems MS has they keep backwards compatibility running for years if not decades.
It is apparently scrambling to offer extended support schemes right now rather than deal with the inevitable fallout of forcibly retiring Windows 10 on so many still-functional devices with no upgrade path to 11 even available.
It hasn't been very long since it forcibly obsoleted the Windows 7/8 generations that were also still in use on a significant number of devices at the time but did not include the level of control (or intrusion if you prefer) that Microsoft evidently wanted of its users' devices.
The difference this time is that it's showing contempt for even large customers' control. Corporate IT departments with all those externally imposed constraints can resist compromise and surrendering control much more strongly than most home users or small organisations.
But it is still somewhat a competition problem. Google workspace has better collaboration/live editing IMO but still lacks in some areas. Microsoft’s compliance/DLP stuff is better, InTune while not the best has actually shaped up to be a pretty good MDM and works on all OSes both desktop and mobile (including Linux), and you get endpoint EDR bundled as well as zero trust VPN (global secure access).
Google has no answer to a big chunk of what locks big enterprise into M365, but workspace is fine for medium and smaller companies that don’t need all of what MS has.
But I think those smaller companies are where the disruption will start.
It probably doesn't help that Microsoft is using 'Copilot' to mean so many different things - their Office AI integration, Github's Copilot thing, some laptops now apparently - so that users who know what's going on get irritated and ones that don't get confused.
Has this been discontinued?
FTFY.
And I believed that they actually begrudgingly provide that option in the EU?
How long until the brand piñata .NET gets renamed?
.NET as a brand name was obviously chosen because the Internet was hot, and also because Microsoft has no taste. The Internet is no longer so hot, and now they have a name that has no hot implication to it. So maybe rebrand, which after all is the general tactic of people who have no taste.
The funniest part was by the time they had got their certification, their information would often be outdated, so even their licensing experts would often be wrong about their licensing.
You can use Windows App [1] to connect to Windows to run your Windows apps.
[1] https://learn.microsoft.com/en-us/windows-app/overview
I’ve always been amused by how the Wikipedia article starts off: “Windows Live Mesh (formerly known as Windows Live FolderShare, Live Mesh, and Windows Live Sync) is a discontinued free-to-use Internet-based file synchronization application by Microsoft …”
Old but still relevant, Microsoft redesigns the iPod packaging: https://www.youtube.com/watch?v=EUXnJraKM3k.
(Note that they recently simplified their enterprise SKUs - there used to be one more I believe.)
> If you're an end user, have a Copilot installed, and not sure what Copilot you have
lol so they’re basically admitting their products are so confusing users need to read this document to understand which product they’re using.
365 Copilot Chat - free SKU
365 Copilot - paid SKU
Copilot Studio lite - comes with above paid SKU
Copilot Studio full - comes with above paid SKU plus a user entitlement (free), though agents are charged based on credits (1 cent USD/message) if the agent user doesn't have a paid SKU
Then there are the other SKUs, i.e. Security SKU, SharePoint SKU, etc.
https://www.microsoft.com/en-us/microsoft-365/enterprise/com...
Office 365 E3 is sold for $20.75 a month, Microsoft 365 E3 is sold for $33.75 a month.
And yes, confusingly, Microsoft also sells Microsoft 365 Apps for Enterprise, which you'd think would be closer to the Microsoft 365 bundle... but it's not, it's a stripped down version of the Office 365 one. None of it makes sense, but "Office 365" is still very much, as I said previously, a whole set of subscription packages sold today, separate from Microsoft 365 ones.
I also recommend this spreadsheet if you need to truly break your brain: https://cdn-dynmedia-1.microsoft.com/is/content/microsoftcor...
What other advantages are there?
> A banyan [...] develops accessory trunks from adjacent prop roots, allowing the tree to spread outwards indefinitely. [0]
[0] https://en.wikipedia.org/wiki/Banyan
[1] https://en.m.wikipedia.org/wiki/Banyan_Systems
Which is a bold play. At my company, were I to try and smuggle data out to a third party-that is normally an insta-termination level offense.
I’m a sysadmin and this is basically MS saying “fuck you” to my face.
There's nothing any of their competitors can do - look at Slack vs. Teams. Those who don't like it found alternatives a long time ago.
But, we remain and businesses have no appetite to exit Microsoft, not that there’s an equivalent bundled competitior to everything a 365 license gets you.
So I keep tabs on what’s coming out of Redmond, curse at them inside, and then disable the crap and move on with my job.
MS knows no one is leaving so they continue to get away with it.
We have compliance guidelines in place, Microsoft is trying to cater to the shadow IT folks that disobey company guidelines to try out stuff, and then have fun with IT and their employer when things go wrong.
Facebook should do bring your Meta glasses to work day for all the companies that are not as hip as they are.
Some companies might have IT departments that blocked X. Elon should buy xatwork.com or better yet use twimg.com to serve X but only at your workplace.
PirateBay is probably blocked at many workplaces. That's pretty backwards thinking. I think PirateBay should focus on creating more alternative frontends to bring back torrenting at work.
CloudFlare should smuggle in WARP so that you can tunnel out of your workplace.
Could put some cloud policies in place for IT departments to maintain control if they want.
Uploading company internal documents to Microsofts servers, circumventing IT, is obviously something most companies would see as a severe violation of duties by the employee.
Streaming company IP to Microsoft is a dumb thing to do. Solid reason to not permit Copilot.
This doesn't cleverly usurp the silly backwards IT team, it's sending confidential data to Microsoft for the benefit of Microsoft and the detriment of your company. I.e. clear cut firing offense.
If the above makes sense to you, consider not using the windows 10/11 spyware system and/or not sending all company email through their servers.
That being said MS copilot is kinda klunky (like the rest of MS's product offerings)
But to play the Devil's advocate: back in the good old days, before Google was a thing, I would go out to customer sites and they would ask me with a straight face "why I needed the Internet?" to do my job. (These days I just tether to my phone, but this was long before that was a viable option.)
Soon, access to AIs will be like access to Google: mandatory for getting your work done to an acceptable standard in a reasonable time.
Those that fight against this are trying to hold the tide back with a broom.
It's scary because this will be worse than 2008, and it's right around the corner, think about how much Nvidia has grown because of LLM investment from companies like Microsoft and OpenAI, what will happen to inventory once it crashes? It's not just AI companies that will suffer, hardware companies will see massive dumping and unless they can do significant advancements soon, this won't suddenly be fixed.
They cannot admit to themselves that they've created a massive bubble that cannot be contained.
Even the ability to upload docs would already break rules potentially. eg data storage jurisdiction. Retention. Etc
The places that do allow confidential info on copilot did a mountain of work to ensure all the legal and compliance is fine. No way this “btw it’s enabled now just use your own“ approach flies