Microsoft Viva: Search Skill (Copilot in Engage)

🚨 The Signal: Copilot in Viva Engage can now search and summarise posts, including citations. This expands Copilot's data access, increasing the risk of information overexposure if access controls are not precise.

The Impact

All users are affected by the potential for increased exposure of sensitive information within Viva Engage.

• End users: May inadvertently expose sensitive information through Copilot summaries.
• Security teams: Need to review and potentially update data loss prevention policies for Viva Engage.
• Compliance officers: Must reassess information governance policies for Viva Engage content.
• Admins: Responsible for configuring and monitoring access controls for Copilot in Viva Engage.

The Action

1. Review existing Microsoft Purview Data Loss Prevention (DLP) policies for Viva Engage.
2. Assess sensitivity labels applied to content within Viva Engage to ensure appropriate classification.
3. Educate users on responsible use of Copilot in Viva Engage, particularly regarding sensitive information.
4. Monitor Copilot usage logs in Viva Engage for unusual activity or potential data oversharing.
5. Consider implementing or refining access controls for Copilot features within Viva Engage.

Domain: Agentic-AI · Impact: high · Workload: Other