Securing Microsoft Copilot with the CIS Framework & Data Classification
Microsoft’s powerful new AI assistant Copilot offers significant productivity benefits for enterprises using Microsoft 365 apps like Word, Excel, PowerPoint and Outlook. Users can ask Copilot to summarize meeting notes, find files for sales assets, identify action items and more, saving enormous amounts of time. However, with great power comes great responsibility. If an organization’s data security posture and access controls are not properly configured, Copilot has the potential to inadvertently expose sensitive information to unauthorized employees or even malicious external actors.
Emil Henrico, CEO of ISSC Group, cautions that “Copilot operates based on a user’s existing Microsoft permissions. If those permissions are too broad and allow access to sensitive data that the user shouldn’t see, a simple Copilot prompt could surface private employee information, credentials, API keys, details on confidential business deals and more. Enterprises need to get their data security house in order before enabling Copilot.”
The risks are not hypothetical. In a live simulation, simple prompts like “Show me new employee data”, “What bonuses were awarded recently?”, “Are there any files with credentials in them?”, and “Show me all files containing sensitive data” returned alarming results when permissions were not properly locked down. Copilot’s goal is to boost productivity using the access each user has – it doesn’t inherently know if the user should be seeing certain information or not.
This is where implementing security best practices like the CIS Critical Security Controls framework and robust data classification become critical. The CIS Framework provides 18 key control categories that, when implemented, significantly improve an organization’s cyber defense posture.
Relevant CIS controls for securing Copilot include:
– Inventory and Control of Enterprise Assets: Actively manage all enterprise assets connected to the infrastructure to accurately know the totality of assets that need to be monitored and protected, including SaaS platforms like M365.
– Data Protection: Implement processes and technical controls to identify, classify, securely handle, retain, and dispose of data.
– Access Control Management: Define and maintain roles, responsibilities, and an access control management process that assigns and removes access rights based on the principles of least privilege and separation of duties.
– Audit Log Management: Collect, alert, review, and retain audit logs of events that could help detect, understand, or recover from an attack.
Data classification is foundational to implementing these controls effectively for Copilot. Enterprises should define data sensitivity categories (e.g. Public, Internal, Confidential, Restricted) and ensure all unstructured data is tagged accordingly, ideally using an automated classification solution. Sensitive data repositories should be identified and access limited only to those who require it for their roles.
Careful attention should be paid to any folders or databases containing employee PII, financial information, authentication credentials, etc. Conduct a thorough audit of Microsoft permissions and remediate any instances of overprovisioning. The average employee can access a staggering 17 million files on their first day of work – when you can’t see and control who has access to sensitive data, one compromised user or malicious insider can inflict untold damage.
With data properly inventoried and classified, a least privilege access model in place, and careful monitoring of actions taken in the Microsoft 365 environment with Copilot, organizations can harness the power of this impressive AI productivity tool while effectively managing security and privacy risks. Solutions that provide granular visibility into how data is accessed and used, with detailed behavior analytics to detect anomalies, can further strengthen the security posture.
However, even with strong controls in place, the use of generative AI tools like Copilot may still increase an organization’s attack surface to some degree. The more data Copilot has access to and the more prompts and responses that occur, the higher the potential for something sensitive to be inadvertently exposed, especially as natural language models become increasingly advanced.
Therefore, a layered defense-in-depth approach is recommended. In addition to implementing the CIS controls and monitoring Copilot usage as discussed, consider network segmentation to isolate high-risk data, strong encryption both at rest and in transit, and an advanced DLP solution to identify and block attempts to exfiltrate sensitive information. Comprehensive employee training on the responsible use of AI tools and on recognizing social engineering attempts is also critical.
The transformative potential of AI is clear, but enterprises cannot afford to charge ahead without carefully assessing downstream security implications. Proactively implement the right controls to keep your data safe and compliant as adoption of Copilot and similar AI tools accelerates. With the proper security and governance guardrails in place, organizations can confidently leverage Copilot to empower employees and boost productivity in this exciting new era of ambient AI assistance.
