Microsoft Copilot (Microsoft 365): Press and hold Win + C or Copilot key to activate voice on the Microsoft 365 Copilot app

🚨 The Signal: A new keyboard shortcut (Win + C or Copilot key) now activates voice input for Microsoft 365 Copilot. This enhances user interaction but increases the potential for sensitive data exposure through voice prompts if not properly governed.

The Impact

All users are affected, increasing the risk of inadvertent sensitive data exposure through voice input to Copilot.

• End Users: Risk of accidentally inputting sensitive data via voice.
• Security Teams: Increased surface area for data leakage and prompt injection.
• Compliance Teams: New considerations for data privacy and recording policies.
• Admins: Need to reinforce data handling policies for voice interactions.

The Action

1. Review and update existing Copilot data governance policies to explicitly cover voice input.
2. Communicate updated data handling guidelines to all users, emphasizing sensitive information.
3. Educate users on the implications of voice input and the types of data not to share.
4. Monitor Copilot usage logs for unusual data access patterns or sensitive information sharing.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps