Key Points
- Microsoft has expanded its Edge for Business browser to prevent data leaks from unsanctioned AI tools without blocking AI use entirely.
- New AI-powered browsing features, including Agent Mode, are built with enterprise security controls from day one.
- The browser now extends data protection to Outlook on the web and integrates with third-party security platforms.
Artificial intelligence has transformed both how and where work happens, making the web browser a central hub for productivity. This shift has also moved many security risks inside the browser, where traditional defenses can be less effective. At the RSA Conference 2026, Microsoft highlighted new capabilities for its Edge for Business browser. These updates are designed to secure AI usage and protect sensitive data directly within the browser, aligning with the product’s approach of embedding protections natively to reduce the workload for IT and security teams.
A primary focus is addressing the rise of "shadow AI," where employees independently use consumer-oriented generative AI tools for work. This practice, similar to earlier shadow IT trends, risks exposing sensitive company data. Employee inputs or file uploads to these tools can be retained or used to train models, potentially leading to intellectual property loss or long-term data exposure. Microsoft’s solution allows organizations to control AI use without an outright ban. Building on protections announced previously, the company has expanded the list of consumer AI tools that Purview data loss prevention can monitor. When a user in Edge for Business submits a prompt or file containing sensitive information, the system analyzes it in real time. The action can be audited or blocked instantly based on organizational policy. If blocked, the user sees a notification explaining the restriction and is offered a button to redirect the query to Microsoft 365 Copilot, where enterprise-grade data safeguards apply. Critically, these protections are tied to a user’s Entra ID sign-in, meaning they apply whether the device is company-managed or not, and they function regardless of browser attempts to circumvent them.
Alongside shadow AI controls, Microsoft is evolving Copilot within the browser itself. The company positions Edge for Business as the world’s first secure enterprise AI browser, introducing features like Agent Mode, multi-tab reasoning, and YouTube summarization. These tools help users handle complex, context-rich tasks faster. Agent Mode can automate multi-step workflows across approved websites. Multi-tab reasoning analyzes content from up to 30 open tabs, including PDFs and Microsoft 365 apps, to consolidate insights. YouTube summarization extracts key points from videos. Security is integrated from the start. Existing data loss prevention policies automatically apply to these AI-driven browsing activities. Each advanced feature also has its own management controls, allowing IT to enable them according to the organization’s risk tolerance. Agent Mode has additional specific safeguards: it is IT-enabled, restricted to a pre-approved list of sites, and provides user transparency with visual indicators and the ability to pause or stop actions. It also lacks access to saved passwords or payment methods.
The browser’s data protection now extends to Outlook on the web. Previously, sensitivity labels applied to emails could be bypassed when accessed via a browser, allowing copying, printing, or screenshots. Edge for Business now enforces label-based restrictions in the web version of Outlook, mirroring protections in Office online apps. For a labeled email, the browser blocks content copying to the clipboard, turns the screen black during screenshot attempts, and prevents printing according to policy. These controls are exclusive to Edge for Business and require a Microsoft 365 E5 license. They honor existing Purview labels without extra configuration, activated via an "Protect labeled content in Microsoft 365 online" setting in the Edge management service.
For organizations using non-Microsoft security tools, Edge for Business offers integration through its security connector framework. This allows existing device trust, data loss prevention, and reporting systems to apply within the browser. Microsoft announced new connectors from partners: Clever (for streamlined, trusted device logins in education), Devicie (for telemetry on browser extensions and security events), and Trellix (to apply endpoint DLP policies within the browser). The Devicie and Trellix connectors are generally available, while Clever’s is in preview. Additionally, support for reporting connectors on mobile iOS and Android devices is planned for the near future.
This development follows an industry report in July 2025 where Microsoft was named a Leader in the IDC MarketScape for enterprise browsers. As AI and web-based work grow, the browser has become a vital security perimeter. The ongoing enhancements to Edge for Business aim to provide a unified, secure environment that supports AI productivity, protects sensitive information, and connects with an organization’s broader security investments. New features like Agent Mode are forthcoming, while others, including expanded shadow AI tool support and mobile reporting, represent the next phase of this enterprise browser strategy.
Read the rest: Source Link
You might also like: Try AutoCAD 2026 for Windows, best free FTP Clients on Windows & browse the best Surface Laptops to buy.
Remember to like our facebook and our twitter @WindowsMode for a chance to win a free Surface every month.
Discover more from Windows Mode
Subscribe to get the latest posts sent to your email.
