Microsoft Corporation has released an update to address the security issues with its virtual Assistant Copilot. According to Business Insider, several corporate clients have delayed product launches due to instances of unauthorized access by employees to sensitive information.
The company has recently introduced new tools and management features aimed at helping customers prevent unauthorized access to confidential data, such as managers’ letters and HR documents. The updates focus on identifying and addressing issues related to over-sharing of information within organizations.
A Microsoft representative stated that artificial intelligence has played a crucial role in enabling companies to proactively manage internal documents. Each organization must establish its own access policies tailored to its industry-specific needs and acceptable risks. For instance, different employees may require access to specific files, workspaces, and resources.
The Copilot operates by indexing a company’s internal information similar to search engines. This virtual assistant can generate presentations and compile lists of the organization’s most profitable products based on available data.
Some IT departments in companies have granted unrestricted access to internal documents by choosing the “allow everyone” option instead of setting up user-specific permissions. This practice went unnoticed until a tool was introduced that allowed regular employees to locate and view confidential company documents.
As a result, customers using Copilot discovered that employees could access managers’ email inboxes and personnel documents. According to a Microsoft employee familiar with customer complaints, ordinary users logging into the system gained access to all corporate information, including the CEO’s correspondence.