Dynamics 365 Sales - Engage leads with deeper knowledge by connecting any data source to Sales Development Agent

🚨 The Signal: Dynamics 365 Sales Development Agent can now connect to external data sources, including CRM and consent systems. This expands the agent's knowledge base for automated customer interactions, increasing the potential for data exposure and requiring careful data governance.

The Impact

Security teams are affected by increased data exposure risk from AI agents accessing diverse data sources.

• Security teams: Risk of sensitive data exposure through AI agent access.
• Data owners: Need to review and classify data accessible by the AI agent.
• Compliance officers: Requires updated privacy impact assessments and consent management reviews.

The Action

1. Identify all data sources intended for connection to the Sales Development Agent.
2. Perform a data classification review for all identified data sources, especially those containing PII or sensitive business information.
3. Implement strict access controls and least privilege principles for the Sales Development Agent's identity when connecting to external systems.
4. Review and update data loss prevention (DLP) policies to monitor and restrict data egress from the Sales Development Agent.
5. Conduct a privacy impact assessment (PIA) and security risk assessment (SRA) for the new data flows and AI agent capabilities.

Domain: Agentic-AI · Impact: high · Workload: Other