May 28, 2025 - In many meetings today, multiple participants use different AI-powered meeting recap tools such as Fireflies.ai and Read.ai. After the meeting concludes, each tool automatically sends out its own summary to attendees, prompting them to sign up for the service. While these tools appear to offer convenience, they can behave like digital viruses — spreading through exposure. It is highly likely in these meetings that several attendees may click "sign up," unintentionally accelerating the spread. Each new meeting then becomes a fresh point of infection. Unregulated use of these tools can lead to tool sprawl, fragmented data, and increased security vulnerabilities. Employees may integrate third-party services without IT oversight, putting sensitive company information at risk.

Can an Organization Afford That Kind of Exposure?

To prevent this type of uncontrolled spread, Microsoft 365 administrators can disable users' ability to install unauthorized meeting apps.

Here’s the Anti-Viral Prescription:

1. Sign-in to Microsoft Entra ID or the Azure Portal and search for “Enterprise Applications”:

2. On the Enterprise Application page, search for third-party AI viruses such as Fireflies.ai:

3. Once on the page, click on the Security tab drop-down and select Permissions, User Consent:

4. You can then see who provided permissions:

5. Close this, and on the same left-hand tab, select Manage, then select Users and Groups. Remove Assignment:

6. Repeat steps for any additional AI Viruses you may have and consider/provide/retrain on proper AI tools such as Microsoft Copilot.

7. We also recommend blocking the ability for users to grant consent or only from verified publishers (depending on your organizational needs):

While AI tools can unlock incredible business efficiencies, organizations must remain vigilant against what can best be described as AI viruses. Microsoft Copilot — deeply integrated into the Microsoft 365 ecosystem — is a powerful, secure solution that aligns seamlessly with the tools employees already use.

By following the steps outlined above to block unauthorized third-party meeting tools, organizations can stop these “infections” at the source. But prevention doesn’t end there.

Now Is the Time to Take Control

It is critical to establish an AI strategy that supports your company’s goals and values while maintaining oversight and security. These tools can gradually infiltrate your environment through enthusiastic employees — meet their needs with sanctioned solutions that boost productivity without sacrificing compliance or security.

Blocking unauthorized tools is just the beginning. Want to find out if employees are already using unapproved AI apps? Looking to shift them toward enterprise-approved solutions? Take this anti-viral prescription as your first step and call us in the morning. Citrin Cooperman’s Digital Services Practice is here to help you get ahead in the AI game.