Microsoft Copilot (Microsoft 365): Content Sources in Copilot Chat

🚨 The Signal: Copilot Chat now allows users to select specific content sources for responses. This directly limits information exposure, reducing the risk of accidental data leakage from unapproved sources.

The Impact

All Copilot users are affected, with a reduced risk of inadvertent data exposure.

• End-users: Reduced risk of accessing or generating responses from unintended data sources.
• Security Teams: Improved control over data boundaries within Copilot interactions.
• Data Owners: Better assurance that sensitive data is not inadvertently surfaced.
• Compliance Teams: Easier demonstration of data segregation within AI interactions.

The Action

1. Review existing Copilot data governance policies to incorporate this new content source selection capability.
2. Communicate to end-users on how to effectively use content source selection for secure and relevant interactions.
3. Monitor Copilot usage logs for patterns related to content source selection to identify potential policy gaps.
4. Consider creating specific Copilot content source groups for different sensitivity levels or departments.

Domain: Agentic-AI · Impact: medium · Workload: Other