Microsoft Teams: Channel Agent

🚨 The Signal: A new AI agent in Microsoft Teams channels can autonomously manage projects, create reports, send emails, and schedule meetings. This introduces new risks for data exfiltration and unauthorised actions if not properly governed.

The Impact

All users and security teams are affected by the introduction of an autonomous AI agent, posing a significant risk of data exposure and unauthorised actions.

• End users: Risk of over-reliance on AI, potential for data leakage through agent actions.
• Security teams: New attack surface for prompt injection and privilege escalation.
• Compliance officers: Challenges in auditing agent actions and data access.
• Administrators: Need for new policies to control agent capabilities and data access.

The Action

1. Review and implement Microsoft Purview Data Loss Prevention (DLP) policies for Teams and Copilot.
2. Define and enforce Copilot access controls and permissions within the Microsoft 365 admin center.
3. Educate users on responsible AI use, prompt engineering, and data handling best practices with agents.
4. Monitor Copilot audit logs for unusual agent activities or data access patterns.
5. Establish an internal governance framework for autonomous AI agents, including review processes for agent-generated content.

Domain: Agentic-AI · Impact: high · Workload: Teams