OneNote: Copilot Notebooks inside OneNote

🚨 The Signal: Copilot Notebooks are now integrated into OneNote, allowing users to consolidate and reason over diverse content. This expands the attack surface for sensitive data exposure and requires robust data governance.

The Impact

All users are affected by the expanded data processing capabilities, increasing the risk of sensitive information exposure and compliance breaches.

• End Users: Risk of inadvertently exposing sensitive data to Copilot and its underlying models.
• Security Teams: Increased complexity in monitoring and auditing data flows and access within OneNote.
• Compliance Officers: New challenges in maintaining data residency and classification requirements.
• Administrators: Need to review and update data loss prevention (DLP) policies for OneNote and Copilot interactions.

The Action

1. Review and update Microsoft Purview Data Loss Prevention (DLP) policies to include OneNote and Copilot Notebooks for sensitive information types.
2. Implement or refine Microsoft Purview Information Protection (MIP) sensitivity labels for content stored or processed within OneNote and Copilot Notebooks.
3. Educate users on responsible use of Copilot Notebooks, emphasizing the handling of sensitive, classified, or export-controlled data.
4. Monitor Microsoft 365 audit logs for unusual data access or sharing activities related to OneNote and Copilot Notebooks.
5. Assess existing data retention and eDiscovery policies to ensure they adequately cover Copilot Notebooks content.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps