Microsoft Copilot (Microsoft 365): Copilot uses enterprise assets hosted on SharePoint OAL when creating presentations with Copilot

🚨 The Signal: Copilot can now use images from SharePoint Organization Asset Libraries (OALs) to create presentations. This expands Copilot's access to internal visual assets, increasing the risk of sensitive image exposure if OALs are not properly secured.

The Impact

Content creators and security teams are affected by the increased risk of sensitive image exposure through Copilot if OAL permissions are not tightly controlled.

• Content creators: Faster presentation generation, but risk of inadvertently using sensitive images.
• Security teams: Increased surface area for data leakage if OAL permissions are too broad.
• Compliance officers: New considerations for data classification and access controls for visual assets.
• IT administrators: Need to review and enforce strict permissions on SharePoint OALs.

The Action

1. Review all existing SharePoint Organization Asset Libraries for sensitive content.
2. Implement strict access controls (least privilege) on all OALs.
3. Classify images within OALs based on sensitivity and apply appropriate data loss prevention (DLP) policies.
4. Educate users on responsible use of Copilot with organizational assets and the implications of OAL content.
5. Monitor Copilot usage logs for unusual access patterns to OAL content.

Domain: Agentic-AI · Impact: high · Workload: SharePoint