check before: 2025-01-06
Product:
Copilot, Microsoft 365 admin center, Purview Data Loss Prevention
Platform:
Online, World tenant
Status:
Change type:
Feature update, Admin impact
Links:
Details:
We are updating how we enforce Data Loss Prevention (DLP) policies in Copilot Studio. Currently, enforcing DLP policies is a two-step process. A DLP policy must first be created in the Power Platform admin center (PPAC) for your tenant and then you must opt-in to enforce the DLP policy to copilots in your tenant using PowerShell commands, which allows three different enforcement levels:
Disabled. This is the default mode and no DLP checks are enforced for published bots or when updates are made to existing bots.
Soft-Enabled. This mode allows published bots to continue to run without enforcing any DLP policies but prevents any further updates to bots that are affected by DLP blocks.
Enabled. This mode enforces DLP policy checks for running bots and for updates made to existing bots.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-01-07
updated:
2025-01-07
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Increased Risk of Data Breaches
Transitioning to a more stringent DLP enforcement without preparation may lead to unintentional data exposure or breaches if existing bots are not compliant with the new policies.
- roles: Data Protection Officer, IT Security Manager
- references: https://www.microsoft.com/en-us/security/blog/2021/06/15/data-loss-prevention-what-you-need-to-know/
Operational Disruption
If bots are not updated to comply with the new DLP policies, they may be disabled or unable to receive updates, leading to operational disruptions and affecting user productivity.
- roles: Bot Developer, Business Analyst
- references: https://www.forbes.com/sites/bernardmarr/2021/01/25/the-top-5-data-loss-prevention-dlp-trends-in-2021/?sh=4c1c1c4e4b8e
User Experience Degradation
Users may experience delays or failures in bot functionalities if DLP policies are enforced without prior adjustments, leading to frustration and decreased satisfaction.
- roles: End User, Customer Support Representative
- references: https://www.gartner.com/en/information-technology/glossary/data-loss-prevention-dlp
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
Streamlined DLP Policy Management
With the upcoming changes to DLP enforcement, the transition to a Soft-Enabled and then Enabled mode will streamline DLP policy management, reducing the complexity of managing DLP settings across multiple platforms. This will help IT administrators save time and reduce the potential for errors in policy enforcement.
- next-steps: Conduct a review of current DLP policies to ensure they are comprehensive and align with the new enforcement levels. Train IT staff on the new processes and ensure documentation is updated accordingly.
- roles: IT Administrators, Compliance Officers, Data Protection Officers
- references: https://aka.ms/9260/1, https://aka.ms/9260/2
Enhanced User Compliance Awareness
The enforcement of DLP policies in Copilot Studio will enhance user awareness regarding data protection compliance. By enforcing these policies, users will be more cognizant of data handling practices, leading to a culture of compliance within the organization.
- next-steps: Develop and implement a training program for users on the importance of DLP policies and best practices for data handling. Regularly update users on changes to DLP enforcement and their responsibilities.
- roles: End Users, Compliance Officers, Data Protection Officers
- references: https://aka.ms/9260/1, https://aka.ms/9260/2
Proactive Risk Mitigation
Transitioning to an Enabled DLP policy will proactively mitigate risks associated with data breaches and non-compliance. This change will ensure that all bots adhere to DLP policies, significantly reducing the risk of data loss and enhancing overall security posture.
- next-steps: Perform a risk assessment to identify potential vulnerabilities related to current bot deployments. Implement additional security measures as necessary to align with the new DLP enforcement levels.
- roles: Security Officers, IT Administrators, Compliance Officers
- references: https://aka.ms/9260/1, https://aka.ms/9260/2
Potentional Risks**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
Hypothetical Work Council Statement**
XXXXXXX ... paid membership only
DPIA Draft**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 21 hours ago
