Netskope Global Technical Success (GTS)
Microsoft 365 Copilot (Corporate) - DLP Controls ‘Post’
Netskope Cloud Version - 125
Objective
DLP on Source Code for Microsoft 365 Copilot activity - ‘Post’
Prerequisite
- Netskope SWG/NGSWG
- Backend Flag - ‘Websocket’ needs to be enabled on your Netskope Tenant. Kindly raise a support ticket with Netskope Customer Service to enable the same.
Context
End-users often utilize Microsoft 365 Copilot, sometimes sharing sensitive source code-level information, inadvertently exposing their organization to potential data exfiltration risks. This article highlights how Netskope effectively addresses this concern. Netskope DLP can swiftly detect source codes within the chat environment and proactively prevent the unauthorized transmission of sensitive data.
Do You Know?
- Please review the parent article before proceeding further.
| Parent Article |
- Netskope acknowledges Microsoft 365 Copilot as a Cloud Application and provides a pre-defined cloud app connector.
- As of April 25, 2025 with Netskope’s Microsoft 365 Copilot predefined connector, customers can exercise control over the following activities:
- Microsoft 365 Copilot application utilizes the WebSocket protocol for communication
- Please note that for applying DLP controls on Microsoft 365 Copilot ‘Websocket’ feature flag needs to be enabled for appropriate functioning and matching of Realtime Protection Policy. The goal of the Websocket feature is to provide a mechanism for browser-based applications that need two-way communication with servers that does not rely on opening multiple HTTP connections.
Configuration
Step 1 - DLP Profile
- Netskope's predefined DLP profile effectively detects source codes
Path: Netskope Tenant UI >>> Policies >>> Profiles - - - DLP
- The predefined DLP profile can detect source codes written in below programming languages
Step 2 - Real-time protection policy
Path: Netskope Tenant UI >>> Policies >>> Real-time Protection >>> New Policy
Verification
- For testing I copied a random code written in C Programming from Link
- Access Microsoft 365 Copilot and Post the source code
- As you can see below, Netskope DLP detected source code and now Microsoft 365 Copilot does not load the Posted content
Note - User Notification format used above Link
- Check policy hits
- Check DLP Incident to know more about the data upload. DLP incidents like below:
Path: Netskope Tenant UI >>> Incidents >>> DLP
- If desired results are not obtained, verifying the SSL inspection settings is step 1
Terms and Condition
- All documented information undergoes testing and verification to ensure accuracy.
- In the future, it is possible that the application's functionality may be altered by the vendor. If any such changes are brought to our attention, we will promptly update the documentation to reflect them.
Notes
- This article is authored by Netskope Global Technical Success (GTS).
- For any further inquiries related to this article, please contact Netskope GTS by submitting a support case with 'Case Type – How To Questions'.