Microsoft Copilot policy flaw exposes AI agents to unauthorized access
Microsoft Copilot's NoUsersCanAccessAgent policy fails to restrict AI agent access, requiring manual PowerShell fixes and raising data security risks.
Administrators have discovered a critical flaw in Microsoft Copilot's intended 'NoUsersCanAccessAgent' policy, designed to restrict user access to specific AI agents. Despite global restrictions, certain agents—including ExpenseTrackerBot and HRQueryAgent—remain installable, bypassing security measures. Read more about the policy flaw here.
Manual Workarounds and Operational Risks
Microsoft 365 tenants must now rely on per-agent PowerShell commands to manually disable access, a process described as time-consuming and error-prone, especially for large organizations. This failure to enforce access policies raises concerns about operational overhead and audit risks.
Security Implications
The flaw poses significant risks:
- Unauthorized agents can export data from SharePoint or OneDrive.
- Unmonitored RPA workflows may run without oversight.
- Sensitive information could be processed without compliance controls.
This undermines the purpose of access control settings and leaves systems vulnerable to misuse.
Mitigation Steps
Administrators are advised to:
- Audit agent inventories regularly.
- Enforce Conditional Access policies (e.g., MFA or device compliance).
- Monitor agent usage via logs and dashboards.
For more insights on AI and digital governance, explore Diplo’s chatbot.
Related News
Scalekit Raises 5.5M to Secure AI Agent Access
AI agents pose new security risks as they access sensitive systems; Scalekit's $5.5M funding aims to tackle authentication challenges in agentic workflows.
Microsoft Copilot Agents Bypass Access Policy Putting Data at Risk
Security researchers found Microsoft Copilot agents ignore the NoUsersCanAccessAgent policy, allowing unauthorized access to sensitive data despite admin settings.
About the Author
Alex Thompson
AI Technology Editor
Senior technology editor specializing in AI and machine learning content creation for 8 years. Former technical editor at AI Magazine, now provides technical documentation and content strategy services for multiple AI companies. Excels at transforming complex AI technical concepts into accessible content.