SharePoint: Chat one-on-one with SharePoint agents in Teams

🚨 The Signal: SharePoint agents can now be chatted with directly in Teams. This introduces new vectors for information disclosure and potential prompt injection, requiring careful governance of AI agent interactions.

The Impact

All users are affected by new AI agent interaction points, increasing the risk of data exposure and misuse through unmanaged prompts.

• End Users: Risk of inadvertently exposing sensitive data through agent prompts.
• Security Teams: New attack surface for prompt injection and data exfiltration.
• Data Owners: Increased risk of data being accessed or summarised inappropriately.
• Compliance Teams: New audit trails and data flows to monitor for regulatory adherence.

The Action

1. Review and configure Copilot data governance policies in Microsoft Purview to restrict agent access to sensitive SharePoint content.
2. Implement Microsoft Entra Conditional Access policies for Copilot agents to control access based on device, location, and risk.
3. Educate users on secure prompting practices and the risks of sharing sensitive information with AI agents.
4. Monitor Copilot activity logs in Microsoft 365 Defender for unusual agent interactions or data access patterns.
5. Establish an incident response plan for prompt injection attacks or AI agent misuse.

Domain: Agentic-AI · Impact: high · Workload: Teams