Microsoft Edge: Microsoft 365 Copilot Chat access to page content will soon extend to work across multiple open tabs

🚨 The Signal: Microsoft 365 Copilot Chat in Edge will soon access content across multiple open tabs, not just the active page. This expands the data accessible to Copilot, increasing potential data exposure if not properly governed.

The Impact

All users are affected, with an increased risk of sensitive data exposure if existing DLP and access policies are not robust.

• End users: Increased risk of inadvertently exposing sensitive data to Copilot.
• Security teams: Must verify DLP policies adequately cover multi-tab Copilot access.
• Data owners: Potential for broader data access by AI, requiring re-evaluation of data classification.
• Compliance officers: Need to ensure Copilot's expanded access aligns with regulatory requirements.

The Action

1. Review existing Microsoft Purview DLP policies to ensure they adequately protect sensitive information accessed by Copilot across multiple tabs.
2. Verify Microsoft Entra Conditional Access policies for Copilot access are aligned with data sensitivity.
3. Communicate updated Copilot usage guidelines to end-users, emphasizing data handling best practices.
4. Monitor Microsoft Purview audit logs for Copilot activities involving sensitive data across multiple tabs.

Domain: Agentic-AI · Impact: high · Workload: Other