Risk & Repeat: Is Microsoft security back on track?

Microsoft has made strides to improve its security practices over the last year, but the company continues to face significant challenges and concerns.

Microsoft published its first Secure Future Initiative (SFI) progress report to show security enhancements the company has made since reaffirming its commitment to security earlier this year. Security industry reaction to the progress report has been broadly positive, though experts say there's still more work to be done.

However, Business Insider reported over the weekend that Microsoft told customers that security logging data for certain cloud services provided inconsistent, incomplete data for a two week-plus period last month. According to the report, the issue was caused by "a bug in one of Microsoft's internal monitoring agents."

UPDATE: A Microsoft spokesperson on Wednesday morning confirmed the issue to TechTarget Editorial and shared the following comment. "This issue was caused by an operational bug within our internal monitoring agent. We have communicated to all impacted customers and will continue to provide support as needed," the spokesperson said. Additionally, the spokesperson said the issue was an internal discovery unrelated to a security incident or compromise, that it only resulted in partially incomplete log data for affected services, and that most log data was unaffected.

Perhaps most top of mind in terms of Microsoft security is Recall, a feature exclusive to Copilot+ PCs that enables users to opt into taking snapshots of their computer usage in the background to create an "explorable timeline" users can utilize and reference via natural language searching. When it was announced earlier this year, what came with it was a wide range of privacy and security concerns.

The service was ultimately delayed and has was re-revealed in late September with significant new security features, such as enhanced privacy controls and encrypted sensitive information. The feature is currently in preview and will become widely available next month.

TechTarget editors Rob Wright and Alex Culafi discuss Recall, SFI progress and possible Microsoft logging issues on this episode of the Risk & Repeat podcast.

This article was updated on 10/9/2024.

Alexander Culafi is a senior information security news writer and podcast host for TechTarget Editorial.