Microsoft Copilot (Microsoft 365): Kickstart your document with contextual prompts

🚨 The Signal: Copilot in Word now suggests document prompts based on recent files and meetings. This increases the risk of inadvertent data exposure if users are not mindful of the context Copilot uses.

The Impact

All users are affected, increasing the risk of accidental exposure of sensitive information through Copilot's contextual suggestions.

• End Users: Risk of inadvertently including sensitive data in new documents.
• Security Team: Increased need for data loss prevention (DLP) monitoring.
• Compliance Officers: Potential for non-compliance with data handling policies.
• Admins: Need to reinforce data governance policies and user training.

The Action

1. Review and reinforce existing Microsoft Purview Data Loss Prevention (DLP) policies to detect sensitive information in Copilot-generated content.
2. Educate end-users on Copilot's data access and contextual prompting, emphasizing the importance of verifying content before sharing.
3. Monitor Microsoft Purview audit logs for unusual Copilot activity or sensitive data sharing events.
4. Ensure sensitivity labels are correctly applied to documents and meetings to guide Copilot's data handling.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps