Author: ultroni1

This policy detects risky interactions with AI tools, such as:

• User prompts that contain sensitive information
• AI responses that might inappropriately reveal internal data

Detection applies to tools like Microsoft 365 Copilot and Copilot in Microsoft Edge. These activities contribute to user risk scores and support Adaptive Protection. You can create this policy directly in the Insider Risk Management experience or through Data Security Posture Management (DSPM) for AI in Microsoft Purview.

This policy also supports wider risk detection when paired with:

• The Microsoft Insider Risk Extension for Microsoft Edge or the Purview Extension for Chrome
• A communication compliance policy to review messages for inappropriate content
• An optional HR connector to identify departing users

The Risky browser usage (preview) policy template in Microsoft Purview Insider Risk Management is designed to detect web browsing activity that might go against organizational policies. This includes visits to inappropriate, non-compliant, or potentially risky websites such as generative AI platforms. This template helps organizations:

• Detect and review risky web activity
• Identify visits to websites that might violate internal policies
• Promote responsible use of devices and networks
• Support compliance with acceptable use policies

Microsoft Purview Insider Risk Management is a compliance solution designed to help organizations detect, investigate, and mitigate internal risks, whether caused by accidental actions or intentional misuse. It supports the creation of policies that evaluate user behavior, assign risk scores, and trigger appropriate remediation actions, while maintaining user privacy.

As AI tools become more common in the workplace, new types of risk have emerged. To help manage these risks, Insider Risk Management includes policy templates that focus on detecting and responding to activity involving AI applications.

Use policy templates to detect risky AI activity

Insider Risk Management includes two preview policy templates that help detect and respond to risky behavior related to AI usage:

• Risky browser usage (preview): Detects when users access known generative AI websites from supported browsers.
• Risky AI usage (preview): Detects sensitive prompts or AI-generated responses in tools like Microsoft 365 Copilot. Detection contributes to user risk scoring and supports adaptive protection.

These templates help you:

• Identify behavior that might put sensitive data at risk
• Analyze how AI tools are used across supported applications and websites
• Respond to early signs of policy violations or risky behavior

In today’s digital landscape, where data breaches and online threats are increasingly common, understanding effective strategies for safeguarding sensitive information is critical, especially for organizations using generative AI. Microsoft Purview Endpoint Data Loss Prevention (DLP) plays a key role in this by protecting sensitive data from unintended exposure, using advanced tools designed for this purpose.

Understand endpoint DLP and browser restrictions

Endpoint DLP protects devices running Windows 10/11 and macOS by extending data protection capabilities. It monitors and safeguards sensitive information across various applications and activities, including web browsers. Endpoint DLP integrates seamlessly with Microsoft Edge for comprehensive monitoring and control. For Google Chrome and Mozilla Firefox, installing the Microsoft Purview extensions is required to enforce DLP policies effectively. These extensions enable administrators to monitor and restrict actions such as copying, pasting, and uploading sensitive data within these browsers. This approach ensures consistent data protection across different browsing environments.

Once you understand how endpoint DLP operates with browser activities, the next step is configuring these restrictions to fit your organization’s needs.

Combining sensitivity labels with Microsoft 365 Copilot brings benefits in both security and productivity:

1. Automated label inheritance: Copilot automatically adopts the sensitivity labels of the source files it uses. When Copilot creates new content from these files, it inherits their labels and protection settings, keeping data security consistent in new documents.
2. Data security: Copilot follows the protection settings of sensitivity labels, like encryption. This means data security is upheld, even when using AI features to handle or analyze sensitive information.
3. Compliance: Copilot manages sensitive data according to the organization’s security protocols and compliance standards.

Consider this example: Imagine a legal team working on a sensitive case. They use Copilot in Microsoft 365 to analyze a collection of legal documents. These documents are labeled with different sensitivity levels, ranging from General to Highly Confidential. As the legal team queries Copilot to summarize key points from these documents, Copilot recognizes each document’s sensitivity label. For documents labeled Highly Confidential, it restricts the summary’s detail level, ensuring that sensitive information isn’t inadvertently disclosed. This way, Copilot provides valuable insights while adhering to the firm’s strict confidentiality protocols.

Sensitivity labels are a key feature of Microsoft Purview Information Protection, helping organizations to classify and protect their data. You can customize these labels to suit different levels of data sensitivity, such as Personal, Public, or Confidential. Sensitivity labels can apply protection settings like:

• Encryption: This setting protects the data from unauthorized access, even if it’s shared outside the organization or stored on a device that’s lost or stolen.
• Content markings: This setting adds visual indicators to the data, such as watermarks, headers, and footers, to show the level of sensitivity and ownership.
• Access restrictions: This setting limits who can access, edit, print, or forward the data, based on the user’s identity and role.

They’re also useful beyond Microsoft services, working with third-party applications and devices. Sensitivity labels play an important role in data security within Microsoft 365, especially when used with Microsoft 365 Copilot. This combination ensures that business and compliance policies are consistently followed.

Copilot’s role with sensitivity labels

The way Copilot works with sensitivity labels is key to improving data protection in Microsoft 365. Copilot can:

• Recognize and use the labels during user interactions, helping to keep labeled data secure and compliant.
• Respect the encryption specified by the labels, checking if users have the right permissions before accessing labeled data.
• Identify and applying the appropriate labels to the content that it generates, based on the data source and the user’s preference.

For instance, if an HR manager uses Copilot in Microsoft 365 Chat to create a report from documents with different sensitivity levels, Copilot identifies these labels and make sure the report meets the required privacy standards. This integration ensures that Copilot’s AI-driven features enhance productivity without risking data security.

Microsoft 365 Copilot enhances productivity in Word, Excel, PowerPoint, Outlook, and Teams using AI models like GPT-4. It connects to Microsoft Graph for context-aware assistance in activities such as drafting documents, summarizing emails, and aiding Teams meetings. This extensive set of features highlights the importance of data security in AI-driven tools.

Understand Microsoft 365 Copilot

Microsoft 365 Copilot is an AI tool that enhances how users interact with Microsoft 365 applications, including Word, Excel, PowerPoint, Outlook, and Teams. It uses advanced language models, such as GPT-4, to understand, summarize, create, and predict content. Copilot connects with Microsoft Graph, which allows it to use emails, chats, and documents that you have permission to access, offering help that’s relevant to your context. Its uses include:

• Helping to draft documents in Word, using advanced language models to understand, summarize, create, and predict content.
• Creating presentations in PowerPoint, with the ability to generate images using DALL-E, an AI tool that can create realistic images from text descriptions.
• Summarizing email conversations in Outlook, using natural language processing to extract the main points and actions from long threads.
• Assisting in real-time during Teams meetings, using speech recognition and natural language understanding to transcribe, translate, and suggest responses.

Copilot is designed with a focus on maintaining high standards of security, compliance, and privacy.

A connected learning experience embeds multiple opportunities and modalities for learners to access content, and to demonstrate their learning, alongside their peers. A connected experience also bridges learning in the school with learning at home and in the community. For learners with diverse needs, a connected experience creates more continuity in learning and provides more opportunities to access content and access support from their peers, educators, and families. When designing a connected learning experience, leverage tools that foster communication, collaboration, and access to multi-modal content across devices.

An inclusive learning experience and environment are different for every student. To build an accessible learning experience, educators must be aware of the barriers to access and the variety of solutions available. While some learners have recognized learning differences, others may quietly struggle.

This module creates a lens to consider accessibility as a foundational approach to crafting the learning experience. In this module, participants explore the following principles: 

• Create a connected learning experience that bridges learning with the home and community.
• Cultivate lifelong skills that foster greater independence.
• Build systems and structures that reduce barriers to learning and aid learners with organization.
• Build a foundation for a personalized learning experience with appropriate hardware.
• Access timely data to select meaningful interventions.

Insider Risk Management helps organizations detect, investigate, and respond to internal risks. Before using these tools, ensure your organization meets all prerequisites and licensing requirements.

Subscriptions and licensing

To use Microsoft Purview Insider Risk Management, your organization must meet the following licensing and geographical requirements:

• Required license: A subscription to Microsoft 365 E5, Microsoft 365 E5 Compliance, or an equivalent plan that includes Insider Risk Management capabilities. Equivalent plans may include add-ons like Microsoft 365 E5 Insider Risk Management if paired with another base plan.
• Trial options: Organizations without an existing E5 plan can explore trial options in the Microsoft 365 admin center.
• Geographical availability: Insider Risk Management is supported in Azure-supported regions. Verify eligibility through Azure dependency availability by region.

If your organization uses premium indicators, such as advanced analytics or custom connectors, pay-as-you-go billing might be required to access these features.