Microsoft Copilot (Microsoft 365): Reference a Loop or Page when creating a presentation with Copilot

🚨 The Signal: Copilot in PowerPoint can now reference Microsoft Loop components and Pages to generate presentations. This expands Copilot's data access, increasing the potential for sensitive information exposure if data governance is not robust.

The Impact

All users leveraging Copilot are affected, increasing the risk of inadvertent sensitive data exposure through AI-generated content.

• End users: Risk of oversharing sensitive data via Copilot-generated presentations.
• Security teams: Increased surface area for data leakage and compliance violations.
• Data owners: Potential for sensitive Loop/Page content to be used inappropriately.
• Compliance officers: New challenges in auditing data usage and adherence to policies.

The Action

1. Review and enforce Microsoft Purview Data Loss Prevention (DLP) policies for Loop and SharePoint Pages.
2. Implement or refine sensitivity labels for Loop components and SharePoint Pages containing sensitive data.
3. Educate users on responsible Copilot usage and the implications of referencing sensitive content.
4. Audit Copilot usage logs for unusual data access patterns or content generation.
5. Regularly review access controls on Loop workspaces and SharePoint sites hosting Pages.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps