Microsoft Copilot (Microsoft 365): [Copilot Extensibility] Customers can connect M365 Copilot with Freshservice to access IT service documentation with Copilot Connector

🚨 The Signal: Microsoft 365 Copilot can now connect to Freshservice, allowing Copilot to access IT service documentation. This expands Copilot's data access, increasing the attack surface for sensitive IT information.

The Impact

Security teams and IT admins are affected by increased data exposure risk through Copilot's expanded access to sensitive IT service documentation.

• Security teams face new risks from Copilot accessing sensitive IT documentation.
• IT admins must secure Freshservice data exposed via Copilot.
• Data owners need to assess Freshservice content for Copilot exposure.
• Compliance officers must review data handling policies for this integration.

The Action

1. Review Freshservice data classification and access controls for information exposed to Copilot.
2. Implement data loss prevention (DLP) policies to protect sensitive IT documentation accessed via Copilot.
3. Monitor Copilot usage logs for unusual access patterns to Freshservice data.
4. Educate users on appropriate use of Copilot when querying sensitive IT information.
5. Assess the necessity of this connector; disable if not required via Copilot admin settings.

Domain: Agentic-AI · Impact: high · Workload: Other