Microsoft 365 app: Copilot Notebooks are now available to 13-17 year-old users with Entra ID accounts

🚨 The Signal: Copilot Notebooks are now available to 13-17 year-old users with Entra ID accounts. This expands AI-driven content creation capabilities to a younger demographic, increasing potential data exposure and governance challenges.

The Impact

Students aged 13-17 are affected, with increased risk of inappropriate content generation and data privacy concerns.

• Students: Risk of generating or being exposed to inappropriate AI content.
• Educators: Need to monitor and guide AI tool usage by students.
• Security Teams: Increased surface area for data leakage and privacy incidents.
• Compliance Teams: New considerations for data handling and AI governance for minors.

The Action

1. Review and update existing Acceptable Use Policies to include AI tool usage guidelines for students.
2. Educate students and staff on responsible AI use, data privacy, and content generation risks.
3. Monitor Copilot usage logs for unusual activity or policy violations (if logging is available and configured).
4. Evaluate Microsoft Purview Data Loss Prevention (DLP) policies for Copilot interactions and sensitive data handling.
5. Consider implementing Microsoft Entra Conditional Access policies to restrict Copilot access based on user groups or device compliance if granular control is required.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps