Microsoft Copilot (Microsoft 365): Update document sections from new sources

🚨 The Signal: Copilot can now refresh document sections from other files, pulling content without manual copy-pasting. This increases efficiency but raises data provenance and accidental information disclosure risks.

The Impact

All users are affected, with a moderate security risk of unintended data exposure and compliance challenges.

• End users: Risk of inadvertently pulling sensitive data into documents.
• Security teams: Increased complexity in monitoring data flow and preventing unauthorized disclosure.
• Compliance officers: Challenges in demonstrating data provenance and adherence to information handling policies.
• Admins: Need to understand new data pathways for DLP and access control policies.

The Action

1. Review and update existing Data Loss Prevention (DLP) policies in Microsoft Purview to account for Copilot's new content sourcing capabilities.
2. Educate users on responsible use of Copilot's document refresh feature, emphasizing data sensitivity and source verification.
3. Monitor Microsoft Purview audit logs for unusual Copilot activity related to document content sourcing.
4. Assess current information classification and labelling policies to ensure they adequately cover content sourced via Copilot.
5. Consider implementing sensitivity labels on documents to restrict Copilot's ability to pull content from highly sensitive sources.

Domain: Agentic-AI · Impact: medium · Workload: M365 Apps