Microsoft Copilot (Microsoft 365): Access Copilot Chat in your Microsoft 365 apps

🚨 The Signal: Copilot Chat is now directly accessible within Microsoft 365 apps via a side pane. This increases the attack surface for data exfiltration and prompt injection by making AI more pervasive.

The Impact

All users with Copilot licenses are affected, increasing the risk of sensitive data exposure and prompt injection attacks.

• End Users: Increased risk of inadvertently exposing sensitive data to Copilot.
• Security Teams: New vectors for prompt injection attacks require updated monitoring.
• Data Owners: Sensitive information is more easily accessible to AI, increasing exfiltration risk.
• Compliance Officers: Data residency and privacy controls need re-evaluation for AI interactions.

The Action

1. Review and enforce Microsoft Purview Data Loss Prevention (DLP) policies for Copilot interactions: Microsoft Purview compliance portal > Data loss prevention > Policies.
2. Implement and refine sensitivity labels for documents and emails to restrict Copilot access to highly sensitive data: Microsoft Purview compliance portal > Information protection > Labels.
3. Educate users on responsible Copilot usage, data handling, and prompt injection risks.
4. Monitor Copilot audit logs for unusual data access patterns or sensitive information queries: Microsoft Purview compliance portal > Audit.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps