Microsoft Copilot (Microsoft 365): Copilot suggested rename

🚨 The Signal: Copilot in OneDrive now suggests file renames based on content, including Office, PDF, and image files. This automates file organisation but introduces AI processing of sensitive data.

The Impact

All users are affected, with a moderate risk of unintended data exposure or classification issues due to AI processing.

• End users: May inadvertently expose sensitive data through AI-generated names.
• Security teams: Need to monitor AI data processing for compliance with data handling policies.
• Data owners: Risk of misclassification if AI suggestions are not reviewed.
• Compliance officers: Must ensure AI processing aligns with privacy and data governance policies.

The Action

1. Review Microsoft 365 Copilot data governance settings in Microsoft Purview.
2. Communicate to users about reviewing AI-suggested file names for sensitive information.
3. Update data handling policies to address AI-driven content analysis and naming.
4. Monitor audit logs for file rename activities, especially those involving Copilot suggestions.

Domain: Agentic-AI · Impact: medium · Workload: OneDrive