Tech giant Microsoft provides complimentary security logs in response to criticism from the State Department following a hacking incident
In a recent statement, Adam Meyers, the head of intelligence at CrowdStrike, has criticized Microsoft's security operation, deeming it as anachronistic. This criticism comes in the wake of a compromise of U.S. and Western European government agencies, which Meyers believes amplifies the crisis of trust faced by Microsoft's customers.
Meyers' concerns revolve around the systemic risk of Microsoft's technology. He states that relying on one monolithic vendor for technology, products, services, and security can lead to disaster. This sentiment is not new, as CrowdStrike has been critical of Microsoft for years.
In a positive move, Microsoft has announced that it will provide detailed email protocol logs, previously available only to premium subscribers, for free to users. This change will be facilitated through the Model Context Protocol (MCP) Server, which allows standardized reading, searching, and managing of emails through Microsoft Outlook.
Moreover, the default retention period for email logs in Microsoft Purview Audit Standard has been increased from 90 days to 180 days. This extended retention period will enable customers of Microsoft Purview Audit Standard to receive detailed email logs.
However, Meyers' statements once again highlight the systemic risk of Microsoft's technology. He suggests that there is a reason federal leaders are pushing software makers to build products that are secure by design. The compromise of government agencies serves as a stark reminder of the importance of robust and secure technology infrastructure.
As the technology landscape continues to evolve, it is crucial for companies like Microsoft to adapt and address the concerns raised by cybersecurity experts like Adam Meyers. Only then can they regain the trust of their customers and ensure the security of their data in an increasingly interconnected world.
