Microsoft Copilot (Microsoft 365): Catch up on a summary of document comments in the top of your document

🚨 The Signal: Copilot will now summarize document comments in a new 'Discussion' tab. This feature streamlines understanding document feedback but introduces a new AI-driven content summary point, requiring vigilance over sensitive information exposure.

The Impact

All users interacting with documents containing comments are affected, with a low security risk of sensitive data being inadvertently summarized and exposed.

• End users: Risk of sensitive data being summarized and visible in the 'Discussion' tab.
• Security teams: Need to ensure data loss prevention policies adequately cover AI-generated summaries.
• Compliance officers: Must assess if AI summaries align with data handling and privacy regulations.

The Action

1. Review existing Microsoft Purview Data Loss Prevention (DLP) policies to ensure they cover AI-generated content summaries within Microsoft 365 applications.
2. Educate users on the potential for sensitive information within comments to be summarized by Copilot and the importance of appropriate comment content.
3. Monitor Microsoft 365 audit logs for unusual access patterns to documents with Copilot summaries, especially those containing sensitive data.

Domain: M365-Apps · Impact: low · Workload: M365 Apps