Word: Draft on a selection and retain your existing formatting

🚨 The Signal: Microsoft Word's new 'Draft on a selection' feature allows AI-powered content generation while preserving existing document formatting. This streamlines content creation but introduces new vectors for data exposure and prompt injection risks.

The Impact

All users leveraging AI drafting features face potential risks from data leakage and prompt injection, impacting information integrity.

• End users: Risk of inadvertently exposing sensitive data through AI prompts.
• Security teams: Increased surface area for prompt injection attacks and data exfiltration.
• Compliance officers: New challenges in monitoring and auditing AI-generated content for policy adherence.

The Action

1. Review and update existing AI usage policies to specifically address in-application drafting features.
2. Educate users on secure prompting practices and the risks of sensitive data input into AI models.
3. Monitor Microsoft Purview Audit logs for AI feature usage and potential policy violations.
4. Evaluate Microsoft 365 Copilot data handling and privacy settings within the Microsoft 365 admin center.

Domain: M365-Apps · Impact: medium · Workload: M365 Apps