In February 2026, Microsoft published a list of the best productivity apps in Windows. Copilot is number one. File Explorer is number eight.
If your firm runs on Windows every day, you can already see the problem with that ranking.
File Explorer is how your paralegal finds the client file, opens the discovery production, drops the filed motion into the matter folder, and gets back to the deadline she is actually working against. Copilot is helpful when an associate needs to summarize a long deposition transcript or pull action items out of a meeting note. They are not the same kind of tool, and the ranking is a marketing decision, not a productivity one.
The interesting question is not where Copilot sits on Microsoft’s list. The interesting question is what happens when you turn it loose inside your firm.
What Microsoft published
The list is titled “Best productivity apps in Windows for getting more done.” Copilot is first. File Explorer is eighth. Windows Latest covered it and called the ranking hard to take seriously for anyone who uses Windows every day.
This is content tied to Microsoft’s larger push around AI PCs. Microsoft wants Copilot to be seen as the future of productivity, so Copilot goes at the top. That is a sales position, not a survey of how attorneys and paralegals work.
Which Copilot are we talking about?
Before going further, this distinction matters at a firm. “Copilot” is not one product.
The free Copilot button in Windows is a general AI assistant. It can help an attorney draft, summarize content pasted into a chat, or answer general questions. It does not have built-in access to your firm’s files, emails, or chats.
Microsoft 365 Copilot is the paid add-on that does. It plugs into your Microsoft 365 tenant and works across SharePoint, OneDrive, Outlook, Teams, and the rest of your business data. That is the version Microsoft is selling hardest to firms, and it is the version that changes the confidentiality conversation.
If you do not know which one your associates are using, find out before you read the next section.
Where Copilot is genuinely useful at a firm
Used in the right places, Copilot saves attorneys real time.
Summarizing a long email thread before a client call. Pulling action items out of a meeting transcript. Drafting a first version of a client update an associate would otherwise stare at for ten minutes. Cleaning a rough deposition outline into something usable. These are real wins for the people at the firm who do a lot of reading, writing, and planning, which is most of the firm.
If your associate spends an hour a day on email triage and intake notes, Copilot can shorten that. If your litigation paralegal builds the same kind of case summary over and over, Copilot can draft the next one. The value is concentrated in specific roles, not spread evenly across the firm.
The permissions problem nobody puts in the marketing
Microsoft 365 Copilot is not answering from thin air. Inside your firm, it works from the files, emails, chats, and meetings the signed-in user has access to.
Think of it as a new legal assistant on her first day. Eager, fast, and handed every drawer the attorney she reports to can open. She is only as well-behaved as your filing system.
If your SharePoint, OneDrive, and Teams permissions are tidy, that is fine. Most firms we walk into for the first time are not tidy. They have site permissions set up in a rush four years ago, matter folders shared with “Everyone” because it was easier, old client matters nobody cleaned up after they closed, and former associates whose accounts were disabled but whose share links still resolve.
Copilot makes the consequences of that mess visible. A paralegal asks a reasonable question about a current matter, and Copilot pulls a settlement memo from a closed case, a salary discussion from a partner’s OneDrive, or the conflict-screen notes on a matter the firm declined into the answer because the underlying permissions allowed it. The information was always exposed. It is now showing up in a chat window where someone is going to read it.
This is the duty of confidentiality sitting on top of an environment nobody can fully describe. Under the ABA Model Rules, Rule 1.6(c) frames that duty around reasonable efforts to prevent unauthorized disclosure or access to client information. For California firms, the path runs through Business and Professions Code section 6068(e), Rule 1.1’s competence requirement, and Formal Opinion 2010-179 on technology. Different path. Same practical problem.
ABA Formal Opinion 512, issued in July 2024, made the AI piece of this explicit. Confidentiality, competence, communication with clients, candor, and supervision all carry into how a firm uses generative AI. California’s State Bar issued its own Practical Guidance for Generative AI in November 2023, with the same themes. The opinions do not name Microsoft 365 Copilot, but they do not need to. The duty attaches to whatever tool you point at client data.
What a managing partner should do
Two things, in order.
First, fix the permissions before you scale Microsoft 365 Copilot inside the firm. Audit who has access to what. Clean up SharePoint sites and OneDrive shares. Tighten the default sharing settings. Lock down the folders that hold matter files, conflict-screen notes, trust account records, fee agreements, settlement papers, and anything else you would not hand to a new hire on day one. This is the unglamorous work that pays off whether you adopt Copilot or not.
Second, decide where Copilot fits at the firm. Not “everyone gets it because Microsoft says it is the top app.” Roles that involve heavy reading, drafting, summarizing, or planning are good candidates. Roles that are mostly transactional, where File Explorer and the calendar do the real work, get less value out of it. The license cost adds up fast across a firm, and the partners who would actually use it are not always the partners asking for it.
Back to the ranking
Whether Copilot is the top productivity app in Windows depends on the work and the firm behind it. For an associate drafting summaries on top of clean matter folders, maybe. For your billing clerk opening File Explorer two hundred times a day, no.
The more useful framing is this. Microsoft put Copilot at the top of a list to support the larger AI PC story. Your job is to figure out where AI fits in your specific practice, and whether your firm’s data is in shape for AI to be a help instead of a confidentiality liability.
Back to where this started. Could you, today, tell us who at your firm has access to every active matter folder in SharePoint and OneDrive, and which closed matters are still open to associates who no longer work them? If the answer feels closer to “not really” than to “yes,” that is the gap to close before Copilot starts answering questions from those files.
We help firms map their data, clean up access, and document the answers before opposing counsel, a regulator, the State Bar, or a client is asking. It is usually less work than partners expect, and much easier to do now than after a Copilot answer surfaces something it should not have.