Microsoft Copilot (Microsoft 365): [Copilot Extensibility] Delete Schema Properties via Copilot Connector APIs

🚨 The Signal: Admins can now delete unused schema properties from custom Copilot connectors. This improves data hygiene and reduces the attack surface by removing unnecessary data exposure points in AI interactions.

The Impact

Developers and security teams are affected, as this change reduces the risk of exposing unnecessary data through Copilot connectors.

• Developers: Reduced overhead in managing connector schemas, lowering risk of stale data exposure.
• Security Teams: Improved data minimisation posture for Copilot integrations.
• Data Owners: Enhanced control over what data is exposed to Copilot.
• Compliance Teams: Easier demonstration of data minimisation efforts.

The Action

1. Review existing custom Copilot connectors for unused or sensitive schema properties.
2. Utilise Copilot connector APIs to delete identified unnecessary properties.
3. Implement a regular review process for custom connector schemas to maintain data hygiene.
4. Update internal documentation for Copilot connector development and maintenance to include schema property deletion best practices.

Domain: Agentic-AI · Impact: medium · Workload: Other