MC1013453 – Upcoming Changes for M365 Copilot Chat with Link Safety

Product:

Copilot, Defender, Defender for Office 365, Defender XDR, Microsoft 365 Apps, Microsoft 365 suite

Platform:

Online, Web, World tenant

Status:

Change type:

New feature, User impact, Admin impact

Links:

Details:

Summary:
Upcoming changes to M365 Copilot Chat include integration with SafeLinks for URL protection, native time-of-click URL reputation checks, and the cessation of hyperlink redaction. Rollout begins in late March 2025 and completes by late May 2025. These updates enhance link security in chat responses.

Details:
We are excited to announce some important updates to M365 Copilot Chat that will enhance security and user experience, following:
Integration with SafeLinks:
M365 Copilot Chat will integrate with SafeLinks in Defender for Office 365 to provide time-of-click URL protection for the hyperlinks included in its chat responses.
This change applies to users with Microsoft Defender for Office 365 Plan 1 or Plan 2 service plans. No policy configuration is needed within the SafeLinks policy.
Within Microsoft Defender for Office 365 Security Center, URL protection report will show the relevant summary and trend views for threats detected and actions taken on URL clicks.
Native Time-of-Click URL Reputation Check:
For users without SafeLinks protection (which is available as part of Microsoft Defender for Office 365), M365 Copilot Chat will natively enable time-of-click URL reputation check for the hyperlinks returned in its chat responses.
Hyperlink Redaction Changes:
M365 Copilot Chat will no longer redact hyperlinks in its chat responses if they are found in the grounding data used to generate the responses.
[When this will happen:]
General Availability (Worldwide): We will begin rolling out in late March 2025 and expect to complete by late May 2025.
Rollout will start on desktop and web and will complete with mobile versions. We plan to extend these updates to Copilot Chat experiences in Office apps in the future.

Change Category:
XXXXXXX ... free basic plan only

Scope:
XXXXXXX ... free basic plan only

Release Phase:

Created:
2025-02-22

updated:
2025-02-22

Task Type

XXXXXXX ... free basic plan only

Docu to Check

XXXXXXX ... free basic plan only

MS How does it affect me

XXXXXXX ... free basic plan only

MS Preperations

XXXXXXX ... free basic plan only

MS Urgency

XXXXXXX ... free basic plan only

MS workload name

XXXXXXX ... free basic plan only

summary for non-techies**

XXXXXXX ... free basic plan only

Direct effects for Operations**

Increased User Exposure to Malicious Links
Without proper preparation, users may encounter malicious URLs in chat responses due to the cessation of hyperlink redaction, leading to potential security breaches.
   - roles: End Users, IT Support
   - references: https://learn.microsoft.com/defender-office-365/safe-links-about?view=o365-worldwide

User Confusion Over Link Behavior
Users may be confused by the new behavior of hyperlinks not being redacted, potentially leading to misinterpretation of chat responses and increased risk of clicking unsafe links.
   - roles: End Users, Training Coordinators
   - references: https://learn.microsoft.com/en-us/defender-office-365/reports-defender-for-office-365#url-protection-report

Inadequate Security Awareness
If users are not informed about the new time-of-click URL reputation checks, they may not understand the importance of verifying links before clicking, increasing vulnerability to phishing attacks.
   - roles: End Users, Security Awareness Trainers
   - references: https://learn.microsoft.com/defender-office-365/safe-links-about?view=o365-worldwide

Increased IT Support Requests
The changes may lead to a spike in IT support requests as users encounter issues or confusion regarding the new link handling, straining IT resources.
   - roles: IT Support, Help Desk Staff
   - references: https://learn.microsoft.com/en-us/defender-office-365/reports-defender-for-office-365#url-protection-report

Potential Compliance Risks
The changes may inadvertently expose the organization to compliance risks if users click on unverified links, leading to data breaches or loss of sensitive information.
   - roles: Compliance Officers, Data Protection Officers
   - references: https://learn.microsoft.com/defender-office-365/safe-links-about?view=o365-worldwide

Configutation Options**

XXXXXXX ... paid membership only

Opportunities**

Enhanced Security Awareness Training
With the integration of SafeLinks and time-of-click URL reputation checks, there is an opportunity to enhance security awareness training for users. Training can focus on recognizing phishing attempts and understanding the importance of link safety, thus improving overall cybersecurity posture.
   - next-steps: Develop a training program that incorporates the new features of M365 Copilot Chat, emphasizing link safety and security best practices. Schedule training sessions and create documentation for users.
   - roles: IT Security Manager, Training Coordinator, Compliance Officer
   - references: https://learn.microsoft.com/defender-office-365/safe-links-about?view=o365-worldwide, https://www.csoonline.com/article/3295305/how-to-train-employees-on-cybersecurity.html

Improved Reporting and Analytics
The URL protection report feature in Defender for Office 365 allows for enhanced monitoring of threats. This presents an opportunity to implement more robust analytics and reporting systems to track user interactions with links, thereby identifying potential security threats and user behavior trends.
   - next-steps: Set up a regular review process for the URL protection reports, analyze the data for trends, and adjust security measures accordingly. Consider integrating this data into existing IT dashboards for better visibility.
   - roles: IT Manager, Data Analyst, Security Analyst
   - references: https://learn.microsoft.com/en-us/defender-office-365/reports-defender-for-office-365#url-protection-report, https://www.forbes.com/sites/bernardmarr/2020/02/24/the-top-5-benefits-of-data-analytics-in-business/

Streamlined IT Administrative Tasks
The cessation of hyperlink redaction can streamline IT administrative tasks related to monitoring and managing user communications. By reducing the need for oversight on redacted links, IT can focus on more critical areas of user support and security management.
   - next-steps: Review current monitoring processes to eliminate unnecessary steps related to hyperlink redaction. Allocate resources to areas that require more attention, such as user support or advanced threat detection.
   - roles: IT Administrator, Operations Manager, Help Desk Supervisor
   - references: https://www.techrepublic.com/article/5-ways-to-streamline-it-administrative-tasks/, https://www.zdnet.com/article/how-to-improve-it-operations-with-streamlined-communication/

Potentional Risks**

XXXXXXX ... paid membership only

IT Security**

XXXXXXX ... paid membership only

explanation for non-techies**

XXXXXXX ... free basic plan only