Your business needs Microsoft 365 Copilot if your team lives inside Word, Excel, Outlook, Teams, and PowerPoint and you want AI that reads your own company data to draft, analyze, and automate work. If you are a smaller shop with fewer than 300 seats, the better answer is usually Microsoft 365 Copilot Business, which now starts at $18 per user per month through June 30, 2026, and moves to $21 after that date.
The problem most owners face is sticker shock mixed with SKU confusion. Microsoft now ships at least nine distinct Copilot products, each tied to a different base license, a different data boundary, and a different billing model. Picking the wrong one means you either overspend, miss the features you wanted, or break a compliance rule under HIPAA, GLBA, or the FTC Act Section 5.
According to a Microsoft WorkLab 2024 Work Trend Index, 75% of global knowledge workers already use AI at work, and 78% bring their own AI tools into the office, creating a shadow-IT risk that the right Copilot license can shut down in one step.
Here is what you will learn in this guide:
- ๐งญ How to match each Microsoft Copilot SKU to a specific business size, workflow, and budget
- ๐ต Exact 2026 U.S. list prices, base-license prerequisites, and the July 1, 2026 price changes
- ๐ก๏ธ Data protection rules, tenant boundaries, and U.S. compliance angles for regulated industries
- ๐งช Three named business scenarios showing the right and wrong Copilot pick
- โ ๏ธ The seven most common licensing mistakes and the dollar consequences of each
The Microsoft Copilot Family in 2026
Microsoft uses the word Copilot for everything from a free consumer chatbot to a $30 enterprise add-on. Before you pick a license, you need to see the full menu in one place. The current catalog includes Copilot Chat, Copilot Pro, Microsoft 365 Copilot, Microsoft 365 Copilot Business, Copilot Studio, Copilot for Sales, Copilot for Service, Copilot in Dynamics 365, GitHub Copilot, and Microsoft Security Copilot.
Each SKU sits on top of a different base plan and uses a different identity boundary. Copilot Chat uses a commercial data protection boundary at no extra cost if you already have a paid Microsoft 365 seat. Microsoft 365 Copilot uses your full Microsoft Graph, which means it can read your mailbox, files, chats, and meeting transcripts.
The most important split for any buyer is grounded on the web versus grounded on your work. A web-grounded Copilot answers general questions. A work-grounded Copilot drafts the actual client email, the actual board deck, and the actual quarterly forecast using your numbers.
Copilot Chat (free with Microsoft 365)
Copilot Chat is the free, web-grounded chat experience that comes with any paid Microsoft 365 seat. The plain-English version is: it is ChatGPT-style chat, but with enterprise data protection, so the prompts never train a public model.
The consequence of using the free public ChatGPT instead is serious. If an employee pastes a client list into a consumer chatbot, you may trigger a notifiable breach under state laws like the California Consumer Privacy Act and the New York SHIELD Act.
A real-world example: Priya, a bookkeeper at a 12-person accounting firm, uses Copilot Chat to summarize a long IRS notice. Her prompt stays inside the Microsoft tenant boundary, so client Social Security numbers never leave the firm.
A common misconception is that Copilot Chat can draft emails from your real inbox. It cannot. It only sees what you paste in or upload in that session, not your mailbox history.
Copilot Pro (consumer individual)
Copilot Pro costs $20 per user per month and is sold to individuals, not to businesses. It unlocks Copilot inside Word, Excel, PowerPoint, OneNote, and Outlook, but only if you have a Microsoft 365 Personal or Family subscription.
The consequence of buying Copilot Pro for a team is that it does not respect your business tenant. It reads files from OneDrive Personal, not OneDrive for Business, so it cannot see your shared SharePoint libraries or Teams chats.
A mini-scenario: Marcus, a solo freelance copywriter, uses Copilot Pro with his Microsoft 365 Personal account to rewrite a pitch deck. This is the right fit because he has no employees and no shared tenant.
The common misconception is that Copilot Pro is the small version of Microsoft 365 Copilot. It is not. It is the consumer version. Businesses should buy Copilot Business or Microsoft 365 Copilot instead.
Microsoft 365 Copilot (enterprise)
Microsoft 365 Copilot costs $30 per user per month on an annual commitment. It requires a qualifying base plan such as Microsoft 365 E3, E5, A3, A5, Business Standard, or Business Premium.
This is the flagship. It grounds answers in your Microsoft Graph, which means emails, calendar events, OneDrive files, SharePoint sites, Teams chats, and meeting transcripts. It also includes Copilot Studio access so employees can build agents.
A mini-scenario: Dana, a director of operations at a 2,500-seat manufacturing firm, uses Microsoft 365 Copilot in Excel to build a variance analysis from a 40-tab workbook in under three minutes. She then uses Copilot in Teams to summarize the 60-minute executive readout.
The consequence of under-licensing is that Copilot will not appear in the Office ribbon for unlicensed users, even though they sit in the same Teams meeting. The common misconception is that one license covers the whole tenant. It does not. Copilot is per-user.
Microsoft 365 Copilot Business (SMB)
Microsoft 365 Copilot Business is the newer SMB SKU. Through June 30, 2026, the promotional price is $18 per user per month. After that date, the list price is $21 per user per month, and it requires Microsoft 365 Business Basic, Standard, or Premium.
Copilot Business is capped at 300 users. Above 300 seats, you must move to Microsoft 365 Copilot at $30. The feature set is close to the enterprise flagship, minus some SharePoint Advanced Management and Copilot Dashboard extras.
A mini-scenario: Elena, the owner of a 45-person dental practice group with Microsoft 365 Business Premium, adds Copilot Business at $18 per seat. She saves $540 per month compared to the enterprise SKU and still gets Copilot in Outlook, Word, Excel, and Teams.
The common misconception is that Copilot Business is a stripped-down chatbot. It is the same core AI that enterprise buyers get, just with a seat cap and a friendlier price.
Copilot Studio
Copilot Studio is sold as a tenant-wide license and prices Copilot Credit capacity packs at $200 per pack per month for 25,000 credits. It is the low-code builder for custom agents.
Copilot Studio lets a non-developer wire up a finance agent that reads invoices from a SharePoint library and posts updates to Teams. The consequence of skipping Copilot Studio is that you stay stuck in chat-only mode and miss the automation value that justifies Copilot spend.
A mini-scenario: Jamal, an IT manager at a regional credit union, uses Copilot Studio to build a member-facing agent that answers 24/7 FAQs, cutting call-center overflow by 30%.
Microsoft Security Copilot
Microsoft Security Copilot uses a Security Compute Unit (SCU) billing model. Microsoft 365 E5 customers get 400 SCUs per 1,000 licenses included. Provisioned SCUs run $4 per hour and overage SCUs run $6 per hour.
Security Copilot plugs into Microsoft Defender, Sentinel, Entra, Intune, and Purview. It accelerates triage by turning thousands of raw alerts into a single narrative. Missing this tool means your SOC analysts do by hand what peers automate, which is a problem under SEC cyber disclosure rules that demand material incident reporting within four business days.
Copilot in Dynamics 365, Sales, and Service
Copilot for Sales is $40 per user per month or included in certain Dynamics 365 Sales licenses. Copilot for Service is also $40 per user per month and connects Salesforce, ServiceNow, and Zendesk into Outlook and Teams.
Copilot in Dynamics 365 is included with many Dynamics 365 Premium plans. The consequence of skipping these CRM-aware Copilots is you lose the ability to auto-draft meeting prep from CRM history.
GitHub Copilot
GitHub Copilot starts at $10 per user per month for Business and $39 per user per month for Enterprise. It is the only Copilot built for developers, and it pairs with Visual Studio Code, JetBrains, and Neovim.
A mini-scenario: Aisha, engineering lead at a 60-person SaaS firm, deploys GitHub Copilot Business, and her team reports a 55% faster feature turnaround according to the GitHub Copilot productivity study.
How to Pick the Right Copilot in 10 Minutes
Picking the right Copilot comes down to five questions. How many seats do you have? What base Microsoft 365 plan are you on? What regulated data do you handle? What workflows eat most of your week? What budget can you commit annually?
Use the decision table below to shortcut the process. This table replaces a long spreadsheet with one scan that gets most buyers within one SKU of their final answer.
| Business profile | Recommended Copilot |
|---|---|
| Solo freelancer with Microsoft 365 Personal | Copilot Pro, $20 per user per month |
| 5โ50 seats, wants AI in Office apps | Copilot Business, $18โ$21 per user per month |
| 300+ seats, enterprise tenant | Microsoft 365 Copilot, $30 per user per month |
| Any paid M365 tenant, web chat only | Copilot Chat, included |
| Sales team on Dynamics or Salesforce | Copilot for Sales, $40 per user per month |
| Contact center on ServiceNow or Zendesk | Copilot for Service, $40 per user per month |
| Low-code agent builders | Copilot Studio, $200 per pack per month |
| SOC analysts on Defender or Sentinel | Security Copilot, $4 per SCU per hour |
| Software engineering teams | GitHub Copilot, $10โ$39 per user per month |
After you match the profile, test it against compliance. A regulated firm must confirm that the base plan includes the controls it needs, such as Microsoft Purview eDiscovery for legal hold and Customer Lockbox for admin approvals.
Then test it against budget. A 50-seat firm on Copilot Business pays $10,800 per year at $18, compared to $18,000 per year at $30 for the enterprise SKU, per published Microsoft 365 Copilot pricing.
Three Named Business Scenarios
Every buyer learns faster from a story than from a spec sheet. The three scenarios below each use a different business size, a different industry, and a different Copilot SKU. Read them in order because they build from simplest to most complex.
Scenario 1: The 8-person law firm
Sarah, a managing partner at an eight-attorney estate-planning firm in Austin, is on Microsoft 365 Business Standard. She wants AI that drafts trust documents, summarizes discovery, and answers client emails without breaking ABA Model Rule 1.6 on confidentiality.
| Action Sarah takes | Direct business consequence |
|---|---|
| Buys 8 seats of Copilot Business at $18 | Saves $96 per month vs. enterprise Copilot |
| Enables Copilot in Word, Outlook, Teams | Cuts drafting time by 40% on trust packages |
| Blocks personal ChatGPT via Intune | Removes Rule 1.6 shadow-IT exposure |
Scenario 2: The 450-seat regional health system
David, CIO of a 450-seat community hospital, handles protected health information under HIPAA Privacy Rule 45 CFR 164.502. He is on Microsoft 365 E5 and needs AI that respects the Business Associate Agreement.
| Action David takes | Direct business consequence |
|---|---|
| Adds Microsoft 365 Copilot at $30 | Grounds answers on Graph, inside HIPAA-covered tenant |
| Adds Security Copilot with included SCUs | Triages Defender alerts 60% faster |
| Keeps Copilot Chat enterprise data protection on | Shuts off public ChatGPT for clinical staff |
Scenario 3: The 3,000-seat financial advisory firm
Lauren, head of operations at a 3,000-advisor wealth firm, operates under SEC Regulation S-P and the FINRA books and records rule 4511. She needs Copilot plus CRM plus eDiscovery.
| Action Lauren takes | Direct business consequence |
|---|---|
| Licenses Microsoft 365 Copilot for 3,000 advisors | Drafts client reviews from Graph data |
| Adds Copilot for Sales at $40 per seat for 200 | Auto-logs Teams calls to Dynamics 365 |
| Uses Purview to journal Copilot prompts | Meets FINRA 4511 retention rules |
Mistakes to Avoid
The licensing model looks simple on a slide but hides landmines once you sign. The list below captures the seven most common errors and the specific dollar or legal consequence of each.
- Buying Copilot Pro for a team. It is a consumer product and will not read your company SharePoint, so you waste $20 per user and still need Copilot Business on top.
- Assuming Copilot is tenant-wide. It is per-user, so unlicensed employees see no Copilot in their ribbons and get frustrated.
- Skipping the base-license check. Copilot Business requires Microsoft 365 Business Basic, Standard, or Premium, and buying a standalone seat without that base triggers an order rejection.
- Crossing the 300-seat cap. Copilot Business is capped at 300 users, and growth beyond that forces a mid-term migration to Microsoft 365 Copilot at $30.
- Ignoring Purview and retention. Under SEC 17a-4 and FINRA 4511, Copilot prompts and outputs may be records, and un-journaled prompts are a writeup in an exam.
- Forgetting the July 1, 2026 price change. Microsoft raises list prices on many bundles, and a renewal signed after that date costs more.
- Enabling Copilot without data-sensitivity labels. Copilot will happily summarize a file marked public that contains PHI, so labeling via Microsoft Purview Information Protection is a prerequisite.
Do’s and Don’ts
Good Copilot deployment is half technology and half change management. Keep this list on the wall during rollout.
Do:
– Do pilot with a 10โ25 user group first because ROI measurement needs a control comparison.
– Do label sensitive files in Purview because Copilot respects sensitivity labels and sharing rules.
– Do train users on prompt patterns because prompt literacy drives 70% of the value.
– Do measure saved hours per week because that is the only number your CFO trusts.
– Do review Copilot usage dashboards monthly because low adoption is the top reason for cancellation.
Don’t:
– Don’t deploy without Microsoft Entra conditional access because a compromised account can exfiltrate whole libraries in minutes.
– Don’t give Copilot to executives first because they generate the fewest prompts and produce the worst pilot data.
– Don’t mix consumer and business identities in the same browser because sessions can cross tenants.
– Don’t ignore unlabeled SharePoint sites because overshared files become Copilot answers to the wrong people.
– Don’t forget to update acceptable-use policies because AI outputs raise new liability under the FTC Act Section 5.
Pros and Cons of Microsoft Copilot
No product is a pure win. Weigh these points against your own workflow before you sign a 12-month agreement.
Pros:
– Pros include deep Microsoft 365 integration because Copilot lives inside apps your team already uses.
– Pros include enterprise data protection because prompts do not train the underlying foundation model.
– Pros include tenant isolation because your data stays inside your Microsoft 365 compliance boundary.
– Pros include rich admin controls because IT can govern who gets Copilot and what data it can read.
– Pros include a fast time-to-value because most users see benefit in under two weeks.
Cons:
– Cons include per-user cost because $30 per seat times 1,000 users equals $360,000 per year.
– Cons include uneven quality across apps because Copilot in Excel still lags Copilot in Word.
– Cons include heavy prerequisite work because Purview labels, Entra policies, and SharePoint cleanup must come first.
– Cons include vendor lock-in because your prompts and agents are tied to the Microsoft stack.
– Cons include change-management load because low prompt literacy kills ROI quickly.
Compliance, Data Boundaries, and U.S. Law
Microsoft Copilot sits inside the Microsoft 365 service boundary and inherits its certifications. That boundary covers FedRAMP High, HIPAA, CJIS, IRS 1075, and many state frameworks. Government buyers should note that Copilot is available for GCC and GCC High tenants, with feature parity catching up through 2026.
Under HIPAA, covered entities must sign a Business Associate Agreement, and Microsoft’s BAA covers Copilot when you buy the correct SKU on an E3, E5, or Business Premium base. Under GLBA, financial institutions must map Copilot data flows into their written information security program. Under SEC 17a-4 and FINRA 4511, broker-dealers must retain Copilot prompts and outputs as business records.
State law matters too. Illinois’s BIPA covers biometric data, so Copilot features that analyze voice or image must be governed. California’s CPRA gives consumers rights to know, delete, and limit use of personal information processed by AI.
Pricing Snapshot for 2026
This table pulls the numbers in one place so you can budget in minutes.
| Copilot SKU | 2026 U.S. price | Base license required |
|---|---|---|
| Copilot Chat | Included, per Microsoft Learn | Any paid Microsoft 365 |
| Copilot Pro | $20 per user per month | Microsoft 365 Personal or Family |
| Copilot Business | $18 promo, $21 list after June 30, 2026 | Microsoft 365 Business Basic, Standard, or Premium |
| Microsoft 365 Copilot | $30 per user per month | Microsoft 365 E3, E5, A3, A5, Business Standard or Premium |
| Copilot Studio | $200 per pack per month, 25,000 credits | Tenant-wide |
| Copilot for Sales | $40 per user per month | Microsoft 365 Copilot or Dynamics 365 Sales |
| Copilot for Service | $40 per user per month | Microsoft 365 Copilot |
| Security Copilot | $4 per SCU per hour provisioned | Azure subscription |
| GitHub Copilot | $10โ$39 per user per month | GitHub organization |
Microsoft’s Tech Community notice confirms that bundle list prices rise on July 1, 2026. Business Basic plus Copilot Business moves from $27 to $28. Business Standard plus Copilot Business moves from $33.50 to $35. Business Premium plus Copilot Business stays at $43.
Process: How to Roll Out Copilot in 30 Days
Week one is discovery. Inventory your base licenses, your sensitivity labels, and your top five time-wasting workflows. Week two is a 25-user pilot with clear before-and-after metrics.
Week three is governance. Turn on Purview sensitivity labels, set Entra conditional access for Copilot apps, and publish an acceptable-use policy that addresses FTC AI guidance. Week four is expansion, training, and a monthly adoption dashboard.
The consequence of skipping governance is data oversharing. Microsoft’s own oversharing guide warns that Copilot will surface any file a user already has permission to see, even if the owner forgot that permission existed.
FAQs
Is Copilot Chat free for all Microsoft 365 business users?
Yes. Copilot Chat is included with paid Microsoft 365 seats and provides web-grounded AI with enterprise data protection, but it does not read your mailbox or SharePoint files.
Can I buy Microsoft 365 Copilot without a base Microsoft 365 plan?
No. Copilot is an add-on that requires Microsoft 365 E3, E5, A3, A5, Business Standard, or Business Premium, and orders without that base license fail at checkout.
Does Copilot Business really cost $18 per user per month?
Yes. The promotional price of $18 runs through June 30, 2026, after which the list price becomes $21 per user per month for organizations with 300 or fewer users.
Is Copilot Pro appropriate for my small business team?
No. Copilot Pro is a consumer product tied to Microsoft 365 Personal or Family, so it does not respect your business tenant, and teams should buy Copilot Business instead.
Does Microsoft Copilot meet HIPAA requirements?
Yes. Microsoft 365 Copilot is covered by the Microsoft Business Associate Agreement when purchased on a qualifying enterprise or Business Premium base license with proper configuration.
Can Copilot train on my company data?
No. Microsoft’s documentation states that tenant prompts, responses, and grounded data are not used to train the foundation models that power Copilot.
Do I need Copilot Studio to get value from Copilot?
No. Most buyers see strong value from Copilot in Word, Excel, and Teams alone, but Copilot Studio multiplies value by letting you build custom agents.
Is Security Copilot included with Microsoft 365 E5?
Yes. E5 customers receive 400 Security Compute Units per 1,000 licenses each month, and additional usage is billed at $4 per SCU per hour provisioned.
Will Microsoft 365 Copilot prices rise on July 1, 2026?
Yes. Bundle list prices rise for Business Basic and Business Standard bundles, while the core $30 Microsoft 365 Copilot add-on and Business Premium bundle stay flat.
Can Copilot help a sales team on Salesforce, not Dynamics?
Yes. Copilot for Sales connects to Salesforce, auto-captures Teams and Outlook activity, and writes it back to the CRM for $40 per user per month.
Does GitHub Copilot share my private code with Microsoft?
No. GitHub Copilot Business and Enterprise plans do not use customer code to train the model, and admins can enforce that setting tenant-wide.
Is Copilot available for U.S. government customers?
Yes. Microsoft 365 Copilot is available for GCC and GCC High tenants, with rolling feature parity through 2026 and FedRAMP High authorization inherited from Microsoft 365.