Planner: Capabilities in Microsoft Cowork

🚨 The Signal: Microsoft Cowork will integrate Planner, allowing AI agents to execute tasks across M365 and write back progress. This expands AI agent capabilities, increasing potential for data access and automated actions.

The Impact

All users are affected by increased AI agent capabilities, posing a risk of unintended data exposure or unauthorized actions if not properly governed.

  • End users: Risk of over-permissioned AI agents performing unintended actions.
  • Security teams: New attack surface for prompt injection and data exfiltration via AI agents.
  • Admins: Increased complexity in managing AI agent permissions and data access.
  • Compliance officers: Challenges in auditing AI agent actions and data handling for regulatory adherence.

The Action

  1. Review and update existing Copilot data governance policies to explicitly cover Cowork and Planner integration.
  2. Implement least-privilege principles for AI agent identities and their access to M365 services.
  3. Establish monitoring and auditing for AI agent activities within Cowork, focusing on data access and modification.
  4. Educate users on responsible use of AI agents in Cowork and the implications of granting approval for automated actions.
  5. Assess the impact on ASD ISM controls related to automated information system processing and data integrity.

Domain: Agentic-AI · Impact: high · Workload: Other