On 16 June 2026, Microsoft made Copilot CoWork generally available worldwide. If you have spent the last couple of years getting comfortable with Microsoft 365 Copilot, CoWork is a different kind of thing, and it is worth understanding what has actually changed before anyone in your business turns it on.
From assistant to agent
The Copilot most teams know is an assistant. You ask it to draft a reply, summarise a thread or build a formula, and it helps you with the step you are on. You stay in control of every move. CoWork is an agent. You describe an outcome, and it carries out the whole task for you, then hands back the finished result.
Here is a plausible example. Imagine asking it to pull last month's figures from your finance system, cross-reference them with project data from another tool, produce a written variance report with charts, and then distribute that report to the right people. With the assistant version of Copilot, you would do each of those steps yourself with help along the way. With CoWork, that is one task you hand over, and the completed report comes back. That is the real shift: the assistant helps you do the work, and CoWork does multi-step work for you.
What CoWork actually does
A few specific capabilities sit behind that shift, and they are worth being clear about.
- End-to-end multi-tool tasks. CoWork can take on complex, long-running jobs that span several systems and tools, and run them through to a finished result rather than stopping at a draft.
- It runs in the cloud. Because the work happens in the cloud rather than on your machine, a task keeps running even when you have closed your laptop and gone home. You come back to completed work.
- Work IQ grounding. CoWork uses a capability Microsoft calls Work IQ to ground each task in your existing systems and business context, so the output reflects how your organisation actually operates.
- Web browsing through managed Edge. It can browse the web through a local Microsoft Edge browser, following your enterprise policy, so it can gather information from outside your tenant when a task needs it.
- A plugin ecosystem. CoWork launched with a set of plugins that connect it to other tools, including monday.com and Miro among others, which extends what it can reach beyond Microsoft 365.
- It runs on Anthropic's Claude models. CoWork runs on Claude, specifically Opus 4.8 and Sonnet 4.6, with a Microsoft model called CoWork 1 on the way. As an Anthropic partner, we have spent a lot of time working with Claude, and it is well suited to the kind of careful, multi-step reasoning that agentic tasks demand.
What it means for Australian businesses
For the right tasks, this is a genuine step-change in productivity. Handing over a long, multi-system job and getting a finished result back is a different proposition to shaving a few minutes off drafting an email. But it raises the stakes on governance, and that is the part I want business owners to sit with.
An autonomous agent that acts across your data and browses the web magnifies any problem that is already there. If permissions are too loose, if files are overshared, if old access has never been cleaned up, a standard assistant might surface something it should not have. An agent running an end-to-end task can act on it at scale. The data-security controls that were nice to have for the assistant version of Copilot become essential for CoWork.
This is exactly where Data Security Posture Management for AI and proper data classification earn their keep. We have written before about DSPM for AI and about adding Purview to Business Premium, and the short version is that Microsoft Purview gives you the classification, labelling and posture tooling to understand what an agent could touch before you let it loose.
Before you switch it on
CoWork is off by default, and that is the right call. An administrator has to enable it deliberately, which gives you a moment to get the groundwork right. Here is the practical sequence I would follow.
First, confirm the licensing. Each user needs a Microsoft 365 Copilot user subscription licence, and CoWork billing on top of that is usage-based, measured in Copilot Credits, so your cost scales with how much work the agent does. That makes spending limits something to configure up front, not an afterthought.
Next, get your data house in order before you enable anything. Data classification, data loss prevention and permissions should be reviewed and tidied first, so the agent is working inside well-defined boundaries. Then enable CoWork for a small pilot group rather than the whole organisation, set those spending limits, and monitor what happens using Purview audit logs and Insider Risk Management. Once you are comfortable with how it behaves, expand. The one thing not to do is unleash an autonomous agent on a messy tenant.
How we would approach it
We adopt CoWork the same way we deploy Microsoft 365 Copilot for clients: governance first, a controlled pilot, then a measured rollout. The security tooling that comes with CoWork is genuinely good. It operates within the Microsoft 365 trust boundary and includes audit logging, DSPM, eDiscovery, Insider Risk Management and Data Lifecycle Management. But tooling only protects a tenant that has been set up properly, and that is the work we do before the switch gets flipped.
A real leap, earned by the groundwork
CoWork is a genuine leap from assistant to agent, and used well it can take real work off your team's plate. The businesses that get value from it safely will be the ones that did the unglamorous data-governance groundwork first: clean permissions, classified data, sensible spending limits and a careful pilot. Get that right, and the agent works for you rather than around you.
If you want to explore what CoWork could do in your environment, our AI and Data Intelligence team can walk through where it fits and what needs to be in place first.