Microsoft 365 Copilot: Work from your recent prompts in Draft with Copilot

🚨 The Signal: Copilot in Word now suggests recent prompts, potentially exposing sensitive information from past interactions to unauthorised users if devices are shared or left unattended. This increases data spill risk.

The Impact

All users are affected, increasing the risk of sensitive data exposure through shared or unattended devices.

• End-users: Risk of sensitive data exposure if prompts contain confidential information.
• Security Teams: Increased risk of data spills and potential compliance breaches.
• Admins: Need to reinforce data handling policies and user education.
• Organisations: Potential for reputational damage and regulatory non-compliance.

The Action

1. Review and update data handling policies to include Copilot prompt management.
2. Educate users on the risks of sensitive data in prompts and secure device practices.
3. Implement or reinforce screen lock policies for unattended workstations.
4. Monitor Copilot usage for unusual patterns or potential data exposure incidents.

Domain: Agentic-AI · Impact: medium · Workload: M365 Apps