Microsoft 365 app: Sharing Copilot Notebooks

🚨 The Signal: Copilot Notebooks can now be shared, exposing all instructions and context to collaborators. While chats remain private, the shared content could inadvertently reveal sensitive information or prompt injection vectors, increasing data exposure risk.

The Impact

All users are affected, increasing the risk of sensitive data exposure and potential prompt injection attacks via shared Copilot Notebooks.

• End-users: Risk of inadvertently sharing sensitive data or internal instructions.
• Security Teams: New vector for data exfiltration and prompt injection attacks.
• Compliance Teams: Increased challenge in maintaining data governance and privacy standards.
• AI Governance Teams: Need to update policies for sharing AI-generated content and prompts.

The Action

1. Review and update existing data loss prevention (DLP) policies to include Copilot Notebooks as a sensitive information location.
2. Develop and disseminate user guidance on appropriate content for Copilot Notebooks and safe sharing practices.
3. Implement or refine sensitivity labels for Copilot Notebook content to restrict sharing based on data classification.
4. Monitor audit logs for Copilot Notebook sharing activities to detect anomalous behavior.
5. Assess the feasibility of implementing Copilot access controls based on user roles or data sensitivity.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps