Microsoft Copilot (Microsoft 365): Receive coaching on your writing in Copilot in Word

🚨 The Signal: Copilot in Word now offers AI-generated writing coaching, reviewing content for structure, flow, and tone. This introduces new avenues for sensitive information processing by AI, requiring careful data governance.

The Impact

All users are affected, with a moderate security risk due to increased AI processing of potentially sensitive document content.

• End-users: Risk of inadvertently exposing sensitive data to AI models.
• Security Team: Increased surface area for data leakage and prompt injection concerns.
• Compliance Team: New considerations for data residency and AI processing of regulated information.

The Action

1. Review and update existing Microsoft 365 Copilot data governance policies to explicitly address AI coaching features.
2. Communicate to end-users about responsible use of Copilot's coaching feature, emphasizing avoidance of highly sensitive data.
3. Monitor Copilot usage logs for unusual activity or data patterns related to document analysis.
4. Evaluate Microsoft Purview Data Loss Prevention (DLP) policies for effectiveness with Copilot-generated content and interactions.

Domain: Agentic-AI · Impact: medium · Workload: M365 Apps