OneNote: Copilot Notebook in OneNote on Mac

🚨 The Signal: Copilot Notebook, an AI-powered workspace, is now available in OneNote on Mac. This introduces new vectors for data exfiltration and unauthorized information access through AI processing of sensitive data.

The Impact

All users are affected, increasing the risk of sensitive data exposure and compliance violations through AI processing.

• End users: Risk of inadvertently exposing sensitive data to AI.
• Security teams: Increased surface area for data exfiltration and compliance monitoring.
• Compliance officers: New challenges in data residency and AI governance attestation.
• IT administrators: Need to review and update data handling policies for AI features.

The Action

1. Review and update Microsoft Purview Data Loss Prevention (DLP) policies to include Copilot Notebook content.
2. Assess existing data classification and labelling policies for applicability to AI-generated content.
3. Communicate updated acceptable use policies regarding sensitive data input into AI features.
4. Monitor Microsoft 365 audit logs for unusual Copilot Notebook activity or data access patterns.
5. Evaluate Microsoft Entra Conditional Access policies for AI-related applications to restrict access based on device or location.

Domain: Agentic-AI · Impact: high · Workload: M365 Apps