Data entry: Copilot for Microsoft 365’s most important drawback
Most of the probably critical security points with Copilot begin with what sort of entry the genAI software is given to company information, and the way that entry will be misused by hackers, and even by folks inside an organization.
Ivan Fioravanti, co-founder and CTO for CoreView, which focuses on Microsoft 365 administration configuration and security, notes in a weblog submit that when an organization installs Copilot for Microsoft 365, it will get the identical permissions mannequin for information entry already in place for Microsoft 365. That mannequin, he says, is designed to make sure “solely licensed customers can work together with delicate data.”
Nonetheless, there are security gaps enterprises may simply miss. Fioravanti warns that dangerous Copilot configuration settings may very well be enabled by default. These settings can provide Copilot “entry to delicate information with out applicable safeguards in place. Default settings may permit Copilot to work together with exterior plugins and entry net content material, introducing new assault surfaces.”
