Microsoft Viva: Copilot Enhancements for smarter authoring

🚨 The Signal: Copilot in Viva Amplify can now generate communications from Word, Excel, and meeting content. This expands the potential for sensitive information exposure if not properly governed.

The Impact

All users creating content with Copilot in Viva Amplify are affected, increasing the risk of unintended sensitive data exposure.

• Content Creators: Risk of inadvertently including sensitive data from source files.
• Security Teams: Increased surface area for data loss prevention (DLP) monitoring.
• Compliance Officers: New considerations for data retention and classification policies.
• Management: Potential for reputational damage from sensitive information leaks.

The Action

1. Review and update Microsoft Purview Data Loss Prevention (DLP) policies to include Viva Amplify and associated data sources.
2. Educate users on responsible AI usage and data handling when using Copilot with sensitive content.
3. Implement or refine sensitivity labels for documents and meetings that may be used as Copilot inputs.
4. Monitor Copilot usage logs in Viva Amplify for unusual activity or data access patterns.
5. Assess existing information protection policies for alignment with expanded Copilot capabilities.

Domain: Agentic-AI · Impact: high · Workload: Microsoft Purview