494516 – Microsoft Edge: v.138 – Policies to manage Shadow IT

Product:

Copilot, Microsoft Edge

Platform:

Web, World tenant

Status:

Launched

Change type:

Links:

Details:

M365 Commercial customers can use Edge polices (WebContentFilteringBlockedCategories) to block non-secure LLMs in Edge and block other browsers to redirect users to a more secure alternative like Copilot Chat.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:
General Availability

Created:
2025-05-23

updated:
2025-07-22

Docu to Check

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

Microsoft Edge has introduced new policies that help businesses manage and redirect employees to secure web browsers and tools, reducing the risks associated with "Shadow IT" and ensuring company data protection.

Direct effects for Operations**

Blocking Non-Secure LLMs
Implementing policies to block non-secure LLMs may disrupt user access to legitimate tools and resources, leading to frustration and decreased productivity.
   - roles: End Users, IT Support Staff
   - references: https://techcommunity.microsoft.com/t5/microsoft-edge-blog/microsoft-edge-v-138-policies-to-manage-shadow-it/ba-p/3901230

Redirecting Users to Copilot Chat
Redirecting users from other browsers to Copilot Chat without preparation may cause confusion and hinder workflow, as users may not be familiar with the new tool.
   - roles: End Users, Training Coordinators
   - references: https://techcommunity.microsoft.com/t5/microsoft-edge-blog/microsoft-edge-v-138-policies-to-manage-shadow-it/ba-p/3901230

Increased IT Support Requests
Changes in browser policies may lead to an increase in IT support requests as users encounter issues or have questions about the new configurations.
   - roles: IT Support Staff, Help Desk Agents
   - references: https://techcommunity.microsoft.com/t5/microsoft-edge-blog/microsoft-edge-v-138-policies-to-manage-shadow-it/ba-p/3901230

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Enhancing Security Compliance
Implementing Edge policies to block non-secure LLMs can significantly reduce the risk of data breaches and ensure compliance with security regulations. This enhances the overall security posture of the organization.
   - next-steps: Conduct a security assessment to identify potential risks associated with Shadow IT and develop a policy framework for managing LLM access. Roll out the Edge policies to enforce compliance across the organization.
   - roles: IT Security Officer, Compliance Manager, CIO
   - references: https://techcommunity.microsoft.com/t5/itops-talk-blog/edge-policies-to-manage-shadow-it/ba-p/3720126, https://www.microsoft.com/en-us/security/blog/2023/09/14/understanding-shadow-it-and-how-to-manage-it/

Improving User Experience with Controlled Browsing
By redirecting users to secure alternatives like Copilot Chat, organizations can ensure that employees have access to safe and efficient tools, improving productivity and user satisfaction.
   - next-steps: Communicate the changes to users and provide training on using Copilot Chat effectively. Monitor user feedback and adjust policies as necessary to enhance user experience.
   - roles: IT Manager, Training Coordinator, CIO
   - references: https://www.microsoft.com/en-us/microsoft-365/blog/2023/09/15/empowering-employees-with-secure-tools/, https://www.zdnet.com/article/microsoft-edge-gets-new-features-to-improve-productivity/

Streamlining IT Administration
Centralized management of Edge policies allows IT departments to efficiently enforce security measures and monitor compliance, reducing the administrative burden associated with managing multiple browsers and tools.
   - next-steps: Set up a centralized policy management system for Edge and train IT staff on the new processes. Regularly review and update policies based on user behavior and security threats.
   - roles: IT Administrator, Network Manager, CIO
   - references: https://docs.microsoft.com/en-us/deployedge/microsoft-edge-policies, https://www.techradar.com/news/how-to-manage-your-browsers-in-the-enterprise

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only