SharePoint: SharePoint agents in Teams Mobile

🚨 The Signal: SharePoint agents, likely Copilot-powered, are now available in Teams Mobile group chats and meetings. This expands the attack surface for agentic AI and increases the risk of data exfiltration or unauthorized actions via mobile devices.

The Impact

All users are affected, increasing the risk of data exposure and unauthorized agent actions through mobile Teams.

• End users: Increased risk of inadvertently sharing sensitive data with AI agents.
• Security teams: New vectors for data exfiltration and prompt injection attacks on mobile.
• Admins: Need to review and enforce AI agent access policies for mobile Teams.
• Compliance officers: Potential for non-compliance if agent interactions are not logged or controlled.

The Action

1. Review and update Microsoft 365 Copilot access policies to restrict agent capabilities or data access as necessary.
2. Implement Conditional Access policies to control mobile device access to Teams and SharePoint data when agents are in use.
3. Educate users on responsible AI agent interaction, especially regarding sensitive information.
4. Monitor Microsoft Purview audit logs for unusual agent activity or data access patterns.

Domain: Agentic-AI · Impact: high · Workload: Teams