OneDrive: OneDrive files as knowledge sources for agents

🚨 The Signal: OneDrive files can now be used as knowledge sources for custom AI agents. This expands the data accessible to agents, increasing the risk of sensitive information exposure if not properly governed. Security teams must review agent data access.

The Impact

All users creating agents are affected, increasing the risk of sensitive data exposure via AI agents.

• Security Teams: Increased risk of data exfiltration and compliance breaches.
• Data Owners: Sensitive data in OneDrive/SharePoint is now exposed to AI agents.
• AI Agent Creators: Must understand the security implications of data sources.
• Compliance Officers: New data flows require updated risk assessments and controls.

The Action

1. Review and update data classification and labelling policies for OneDrive and SharePoint.
2. Implement strict access controls (ACLs, sensitivity labels) on files used as agent sources.
3. Establish a governance framework for AI agent creation, data sourcing, and deployment.
4. Monitor agent activity and data access logs for anomalous behaviour.
5. Educate users on responsible AI agent creation and data handling practices.

Domain: Agentic-AI · Impact: high · Workload: OneDrive