Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Windows 10: Cortana keylogging saga won't affect enterprise versions

Margi Murphy | Sept. 14, 2015
Cortana's keylogging and telemetry tracking feature sparked privacy concerns

Windows 10 has had a bit of a publicity problem. The trade-off for free software is higher personal data collection - and the Microsoft user base isn't too pleased about it. ComputerworldUK looks at the terms and conditions plus the data collection features businesses should consider.

Data collection

PC owners who upgrade to the Windows 10 Software-as-a-service (SaaS) operating system have opted in to perpetual updates and improved features - in the same way a mobile phone or app might update. To fine-tune these updates, Microsoft developers will collect users' data. This includes Cortana, Microsoft's answer to Apple's Siri, which uses voice data to improve speech recognition and text checking algorithms.

Effectively, Microsoft is training its machine learning algorithm on its million-strong user base.

One aspect of its data mining involves keylogging: a method often associated with malware. Keylogging collects keystrokes, which it says it will use to correct spellings more effectively.

What else does it collect?

Microsoft collects and uses contacts, voice input, searching history, calendar details, content and communication history from messages and apps, and device location information and location history. Those using WiFi Sense will not be able to hide their location, even if their account location service is turned off. In Microsoft Edge, the Windows 10 internet browser, Cortana also collects and analyses browsing history.

IT professionals swiftly took to online forums and social media sites with tutorials on how to change privacy settings on the OS as users clued up last week.

However, some users may not be able to remove this default feature. Microsoft says that if you are using a Windows 8.1 MDM server and have tried to put the telemetry feature to level zero on a Windows 10 mobile device, it will be silently set to level one.

The telemetry feature has three settings: level one sends basic data, level two sends enhanced data (including "usage and insights" data). Level three sends "full telemetry data including diagnostic data such as system state," Microsoft says.

But it's good news for businesses as Windows 10 for enterprises and server devices can be set to level zero. This means no telemetry data is sent from OS components - but you will need to switch it from default.

Bitdefender's Chief Security Strategist, Catalin Cosoi, tells ComputerworldUK: "Telemetry tracking is enabled by default, but can be turned off via policies. The enterprise version of Windows 10 is the only SKU [version] that allows telemetry tracking to be set to off.

"Because enterprises have strict policies when it comes to data protection and confidentiality, Windows 10 for enterprises allows companies to opt out from sending any telemetry data to Microsoft, by enabling IT administrators to set data collection policies to non-permissive."

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.