OneDrive: Agents in OneDrive

🚨 The Signal: OneDrive will allow users to create and share custom AI agents using their files. This introduces new risks for data exfiltration and unauthorized access via agent misuse and prompt injection.

The Impact

All users with Copilot for Microsoft 365 are affected, facing risks of data exposure and compliance breaches through agent misuse.

• End Users: Risk of unintentional data sharing or exposure through misconfigured agents.
• Security Teams: New attack surface for prompt injection and data exfiltration.
• Compliance Teams: Challenges in maintaining data residency and access controls.
• Admins: Increased complexity in managing data access and agent permissions.

The Action

1. Review and update existing data loss prevention (DLP) policies to include Copilot agent interactions.
2. Implement strict access controls and permissions for agent creation and sharing within OneDrive.
3. Develop and communicate clear acceptable use policies for AI agents to end-users.
4. Monitor Copilot audit logs for unusual agent activity or data access patterns.
5. Evaluate Microsoft Purview capabilities for governing agent interactions and data flows.

Domain: Agentic-AI · Impact: high · Workload: OneDrive