Microsoft Copilot (Microsoft 365): Use Copilot to rephrase text as desired through custom prompt in PowerPoint

🚨 The Signal: Copilot in PowerPoint now allows users to rephrase text using natural language prompts. This expands AI-driven content generation, increasing potential for data leakage and unapproved content creation.

The Impact

All users are affected by the expanded AI capabilities, increasing risks of data exposure, unapproved content, and prompt injection.

• End users: Increased risk of inadvertently exposing sensitive data through prompts.
• Security teams: New vectors for data leakage and prompt injection attacks.
• Compliance officers: Challenges in maintaining data integrity and content approval workflows.
• Administrators: Need to review and enforce Copilot data governance policies.

The Action

1. Review and enforce Microsoft 365 Copilot data governance policies in the Microsoft 365 admin center.
2. Educate users on responsible AI use, data handling, and prompt engineering best practices.
3. Implement or refine Data Loss Prevention (DLP) policies to detect and prevent sensitive information exposure via Copilot interactions.
4. Monitor Copilot usage logs for unusual activity or potential policy violations.
5. Regularly audit content generated by Copilot for compliance with organisational standards.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps