Zenity, the leader in security governance for business application and AI development, announced it can now secure the enterprise use of Copilot for Microsoft 365. Zenity is the first company to introduce a dedicated AI Security Posture Management solution for securing and governing the use of Enterprise AI Copilots and enables customers to securely leverage the full power of AI throughout the enterprise for all business users.
According to Microsoft, 70% of users say using Copilot for Microsoft 365 makes them more productive. Whether it’s automating repetitive tasks, summarizing meeting notes, or building applications with text prompts, Copilot provides invaluable productivity gains. However, Copilot for Microsoft 365 is unable to retrieve real-time information from third-party services, nor do business workflows typically run exclusively on M365 apps and data formats, necessitating the use of plugins.
While using and interacting with Copilot for Microsoft 365, business users of all technical backgrounds can integrate existing – and develop their own – plugins to add custom functionality to connect Copilot to various systems and data. However, this interconnectivity can exponentially increase the risks of data leakage due to:
- DLP gaps that cannot identify business context for Copilot use, causing least privilege violations.
- Plugins being susceptible to prompt injection attacks.
- Data access and use that is beyond the scope of design; even if unbeknownst to the business users building or interacting with it.
- Plugins being difficult to design, including complicated naming conventions that can cause additional operational challenges.
Adding to the market-leading security governance platform that unleashes business productivity across the enterprise, Zenity now provides customers with the ability to fully leverage enterprise copilots throughout the business and to all users. With this groundbreaking approach to AI security, security leaders benefit from:
- Increased visibility: Zenity enables customers to see the list of plugins that are used across the enterprise use of Copilot for Microsoft 365. Deep insights from Zenity also show who is interacting with the plugins and for what business reasons.
- Risk assessment: Determine which plugins and Copilot use cases contain excessive permissions, have access to sensitive data, and expose secrets. Zenity also assesses risk for custom plugins that are built and downloaded from the Microsoft store, which can be risky and untested.
- Enhanced security: Users gain an extra layer of security guardrails via automated playbooks and mitigation actions to ensure that as business users are customizing and integrating plugins, that it is done securely.
Ben Kliger, CEO, Zenity, said: “Customers want to extend the use of Generative AI Copilots to help push their businesses forward, but they need a way to do this safely and securely. With our enhanced capabilities, Zenity enables our users to unearth security vulnerabilities and risks like third-party access, embedded credentials and risky dependencies. CIOs and CISOs can be confident as they leverage the value of copilots to enhance productivity and streamline operations without creating security headaches.”
Source: PRNewsWire