Microsoft 365 admin center: Agents usage report

🚨 The Signal: A new report in the M365 admin center will show usage of M365 Copilot agents by both licensed and unlicensed users. This provides visibility into agent adoption and potential shadow AI use.

The Impact

Security teams and AI governance leads are affected, gaining visibility into potential shadow AI and data exposure risks.

• Security Teams: Risk of unmanaged AI agents creating data exposure.
• AI Governance Leads: Risk of non-compliant agent use and data handling.
• Compliance Officers: Risk of data leakage via unapproved AI agent interactions.
• IT Admins: Risk of unmanaged AI sprawl and increased attack surface.

The Action

1. Review the 'Agents usage report' in the Microsoft 365 admin center.
2. Identify user-created agents and agents built by Microsoft partners.
3. Assess usage by unlicensed users for potential policy violations.
4. Develop or refine internal policies for Copilot agent creation and use.
5. Implement data loss prevention (DLP) policies for Copilot interactions.

Domain: Agentic-AI · Impact: high · Workload: Other