Microsoft Copilot (Microsoft 365): Discover, acquire, and manage agents through in-app store in Word and PowerPoint

🚨 The Signal: Users can now discover, acquire, and manage Copilot agents directly within Word and PowerPoint. This decentralises agent deployment, increasing the attack surface for unauthorised or malicious AI agents.

The Impact

All users are affected, facing increased risk from unapproved or malicious AI agents operating within M365 applications.

• End Users: Risk of interacting with unvetted or malicious AI agents.
• Security Teams: Increased difficulty in monitoring and controlling AI agent usage.
• Admins: Loss of centralised control over agent deployment and management.
• Organisations: Potential for data exfiltration or policy violations via rogue agents.

The Action

1. Review and update existing Microsoft 365 App Governance policies to specifically address Copilot agents.
2. Implement or refine Microsoft Purview Data Loss Prevention (DLP) policies to monitor agent interactions with sensitive data.
3. Develop and communicate clear organisational policies for Copilot agent usage and approval processes.
4. Utilise Microsoft Defender for Cloud Apps (MDCAS) to monitor agent activity and identify anomalous behaviour.
5. Explore Microsoft Entra Conditional Access policies to restrict agent access based on device or location.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps · Essential Eight: Application Control, User Application Hardening · ISM: ISM-0843, ISM-1412, ISM-1485, ISM-1486, ISM-1490, ISM-1542, ISM-1544, ISM-1582, ISM-1585, ISM-1656, ISM-1657, ISM-1658, ISM-1659, ISM-1660, ISM-1667, ISM-1668, ISM-1669, ISM-1670, ISM-1823, ISM-1824, ISM-1859, ISM-1860, ISM-1870, ISM-1871