Microsoft Copilot (Microsoft 365): [Copilot Extensibility] Improve discovery of Champion connector prompts for Users

🚨 The Signal: Copilot will now suggest 'champion' connector prompts to users, improving discovery of pre-defined prompts. This increases the likelihood of users interacting with integrated enterprise data via Copilot, potentially exposing more sensitive information.

The Impact

All Copilot users are affected, increasing the risk of inadvertent data exposure through more accessible prompts.

• End users: Increased risk of oversharing data if prompts are not carefully crafted.
• Security teams: Need to monitor Copilot usage and data access more closely.
• Data owners: Must ensure data classifications and access controls are robust.
• Compliance teams: Review data handling policies for Copilot interactions.

The Action

1. Review and refine data access policies for all Copilot connectors.
2. Implement data loss prevention (DLP) policies for Copilot interactions.
3. Educate users on responsible prompt engineering and data handling within Copilot.
4. Monitor Copilot audit logs for unusual data access patterns.
5. Regularly review and update 'champion' prompts to ensure they align with security best practices.

Domain: Agentic-AI · Impact: high · Workload: Other