Symmetry Systems says it can help you safely use Microsoft Copilot
The company has come with a framework for it.
3 min. read
Published on
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more
Symmetry Systems, an emerging company that deals with data security management, says that its DSPM (Data Security Posture Management) tools can help users have a safe and secure environment when working alongside Microsoft Copilot.
The company says working with Copilot can sometimes be risky due to the tool’s many security breaches:
The deployment of Microsoft CoPilot necessitates a keen eye on security implications, especially given its reliance on existing permissions and policies. The challenge intensifies with broad platforms like Microsoft 365, where managing permissions for collaborative, unstructured data have already overwhelmed users, admins and security teams.
Symmetry Systems
The company also agrees that training Copilot to solve a certain task, is itself a risky situation, as the tool may inadvertently make use of and expose sensitive information.
Sources for training data for Copilot may not strictly align with the current user’s privileges and permissions. Copilot is often trained on data from multiple systems at access levels beyond the average user. As a result, outputs from Copilot may inadvertently expose data way beyond user privilege across the systems.
Symmetry Systems
However, the data security management company also says that its tools can be used to prevent such situations, and it offers suggestions for a framework, including:
Classify Data: Begin by understanding what data you have. Symmetry Systems helps organizations classify their data across Microsoft 365. This helps distinguish between sensitive and non-sensitive information, thereby setting the stage for secure CoPilot deployment.
Surface Identity & Access Risks: Identifying who has access to what is pivotal. Symmetry Systems illuminates the often-overlooked corners of your data, identifying overly permissive access that could be exploited inadvertently through use of CoPilot. Access controls for organizational Copilot usage, access to training and sensitive data, along with expected data segmentation must be thoroughly tested. Access levels for Copilot must be strictly aligned with individual end users, to avoid potential data exposure beyond the user’s privilege.
Act on a Remediation Plan: Armed with insights from Symmetry Systems, organizations can formulate and implement a remediation plan to tighten access controls, ensuring that CoPilot interacts only with data that is appropriate for its intended productivity enhancements.
Ongoing Monitoring: The journey doesn’t end with deployment. Continuous monitoring and adjustment of permissions and access controls are imperative to maintaining a secure CoPilot-enabled workspace. Symmetry Systems offers ongoing monitoring and actionable insights, enabling organizations to adapt to evolving data landscapes and maintain robust security postures.
Symmetry Systems
Microsoft made Copilot available to all of its 365 apps last year, in November, but the Redmond-based tech giant said that all the sensitive information shared with the AI tool is protected. However, in the light of AI-powered cyberattacks, an extra layer of protection would be always welcomed, considering just how devastating the breach of security can be.
You can read Symmetry Systems’ full blog post here.
