Microsoft Viva: Viva Glint - Export Executive Summary report in Viva Glint to editable PowerPoint slides

🚨 The Signal: Viva Glint Executive Summary reports can now be exported as editable PowerPoint files instead of static images. This increases the risk of sensitive HR data being easily modified or shared outside controlled environments, impacting data integrity and confidentiality.

The Impact

HR and management users are affected, with increased risk of sensitive employee data being mishandled or exfiltrated.

• HR Managers: Increased risk of unintentional data modification or sharing of sensitive employee feedback.
• Security Teams: New vector for data loss prevention (DLP) monitoring and incident response.
• Compliance Officers: Greater challenge in demonstrating adherence to data handling policies for sensitive HR data.

The Action

1. Review and update existing Data Loss Prevention (DLP) policies in Microsoft Purview to specifically target Viva Glint content and PowerPoint files containing sensitive HR data.
2. Communicate updated data handling guidelines to HR and management teams regarding the export and sharing of Viva Glint reports.
3. Implement or reinforce sensitivity labels for documents containing HR data, ensuring they are applied to exported Glint reports.
4. Monitor audit logs for Viva Glint export activities and PowerPoint file sharing, focusing on unusual patterns or high-volume exports.

Impact: high · Workload: Other