Outlook: Immersive Search

🚨 The Signal: Outlook search now integrates Copilot, summarising emails, Teams messages, and documents. This centralises information access, potentially exposing sensitive data more broadly if not properly governed, and increases the attack surface for prompt injection.

The Impact

All users are affected, with a high risk of sensitive data exposure and prompt injection vulnerabilities if Copilot access and data handling are not strictly controlled.

• End Users: Risk of oversharing sensitive information via Copilot interactions.
• Security Team: Increased surface for prompt injection attacks and data exfiltration.
• Data Owners: Reduced visibility into how their data is summarised and shared.
• Compliance Officers: New challenges in meeting data residency and privacy requirements.

The Action

1. Review and enforce Microsoft Purview Data Loss Prevention (DLP) policies for Copilot interactions (Purview portal > Data loss prevention > Policies).
2. Implement Microsoft Purview Information Protection (MPIP) sensitivity labels for all relevant data types (Purview portal > Information protection > Labels).
3. Configure Copilot access controls and data scope within the Microsoft 365 admin center (admin.microsoft.com > Settings > Org settings > Microsoft Copilot).
4. Educate users on responsible Copilot usage, data sensitivity, and prompt engineering best practices.
5. Monitor Copilot audit logs for unusual data access patterns or potential prompt injection attempts (Purview portal > Audit).

Domain: Agentic-AI · Impact: high · Workload: M365 Apps