Microsoft Viva: Viva Pulse - Authoring with M365 Copilot

🚨 The Signal: Viva Pulse now integrates Copilot for survey authoring, enabling AI-assisted question generation and survey creation. This introduces new avenues for data handling and potential information disclosure via AI prompts.

The Impact

End users are affected by new Copilot capabilities, increasing the risk of inadvertent sensitive information exposure through AI prompts.

• End users: Risk of exposing sensitive internal information through Copilot prompts.
• Security teams: Need to monitor and audit Copilot interactions for data leakage.
• Compliance teams: Review existing data handling policies for AI-assisted content creation.

The Action

1. Review and update existing Acceptable Use Policies to include guidelines for Copilot interaction and data input.
2. Educate end-users on responsible AI use, specifically regarding sensitive information in prompts.
3. Implement Microsoft Purview Data Loss Prevention (DLP) policies to detect and prevent sensitive data sharing via Viva Pulse and Copilot.
4. Monitor Microsoft 365 audit logs for Copilot activity within Viva Pulse to identify potential misuse or data exposure.

Domain: Agentic-AI · Impact: medium · Workload: M365 Apps