Outlook: Agents in Microsoft 365 Copilot Chat in Outlook on the Web and the new Outlook for Windows

🚨 The Signal: Microsoft 365 Copilot chat in Outlook now supports 'declarative agents.' This expands AI agent capabilities within Outlook, increasing potential for data exposure and requiring careful governance of agent interactions with sensitive information.

The Impact

All users are affected by the expanded AI agent capabilities, creating a security risk through potential unauthorised data access or exfiltration via agent interactions.

• End Users: Risk of inadvertently exposing sensitive data through agent prompts.
• Security Teams: Increased surface area for data exfiltration and compliance violations.
• Admins: New configurations and policies required to manage agent access and data handling.
• Compliance Officers: Need to update data governance frameworks for AI agent interactions.

The Action

1. Review and update Microsoft 365 Copilot data governance policies to include Outlook agent interactions.
2. Implement data loss prevention (DLP) policies specifically for Copilot agent outputs and interactions within Outlook.
3. Educate users on secure prompting practices and the types of data not to share with AI agents.
4. Monitor Copilot usage logs for unusual agent activity or data access patterns.
5. Configure Copilot access controls to restrict agent capabilities based on user roles and data sensitivity.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps