fbpx

Download free GDPR compliance checklist!

Tag Archives for " Microsoft "

NSA alerted Microsoft to major Windows 10 security flaw

The National Security Agency recently alerted Microsoft to a major flaw in its Windows operating system that could let hackers pose as legitimate software companies.

Microsoft issued a software update on Tuesday to fix the vulnerability, as part of its normal schedule for releasing software patches.

Source: NSA alerted Microsoft to major Windows 10 security flaw – CNN

Twitter and Microsoft show data privacy is moving from sticking point to selling point

A couple of tech heavyweights are making data privacy part of their branding, hoping to stay ahead of regulations.

Twitter thinks a strong position on data privacy could be advantageous. Distrust of social media platforms has never been so widespread, and in the current environment, it’s not crazy to decide that winning on trust can make a real long-term difference to user numbers and bottom line. Microsoft is another heavyweight positioning itself to benefit from a commitment to user data privacy.

Full article: Twitter and Microsoft show data privacy is moving from sticking point to selling point | VentureBeat

Microsoft updates terms on data privacy amid EU probe

Microsoft said it was updating the privacy provisions of its commercial cloud contracts after European regulators found its deals with European Union institutions failed to protect data in line with EU law.

The EDPS, the EU’s data watchdog, opened an investigation in April to assess whether Microsoft’s contracts with the European Commission and other EU institutions met data protection rules. It raised concerns about compliance in October.

Source: Microsoft updates terms on data privacy amid EU probe – Reuters

EU institution staff ‘unaware’ of Microsoft data misuse

Members of staff working across the EU institutions are “not aware” of the extent to which the US tech firm Microsoft collects and stores their data as part of the use of their products and services, the EU’s data protection watchdog has told.

The issue centres around the concern that the contractual terms under agreements for the provision of Microsoft products and services to the EU institutions could be in breach of EU data protection law.

Source: EU institution staff ‘unaware’ of Microsoft data misuse, EU data chief says – EURACTIV.com

EU contracts with Microsoft raising ‘serious’ data concerns

Europe’s chief data protection watchdog has raised concerns over contractual arrangements between Microsoft and the European Union institutions which are making use of its software products and services.

The European Data Protection Supervisor (EDPS) opened an enquiry into the contractual arrangements between EU institutions and the tech giant this April, following changes to rules governing EU outsourcing.

Though the investigation is still ongoing, preliminary results reveal serious concerns over the compliance of the relevant contractual terms with data protection rules and the role of Microsoft as a processor for EU institutions using its products and services.

Source: EU contracts with Microsoft raising ‘serious’ data concerns, says watchdog | TechCrunch

Study reveals cyber exposure through Microsoft products

Vulnerability assessment specialists, Intruder, today announced its research team has discovered that organisations including almost 40% of the FTSE 100, are affected by little-known user enumeration flaws in a range of popular Microsoft products.

The research uncovered that over 13,000 Skype for Business servers on the internet are vulnerable, potentially exposing an organisation’s internal Windows network to Denial of Service (DOS) and credential guessing attacks.

Source: #privacy: Study reveals UK cyber exposure through Microsoft products

Dutch regulator sees potential privacy breach in Microsoft Windows

Microsoft is remotely collecting data from users of Windows Home and Windows Pro, in a potential breach of privacy rules, the Dutch Data Protection Agency (DPA) said on Tuesday.

The DPA said it had found the practices while it was testing privacy protection changes in Windows made last year by Microsoft at the agency’s request.

Source: Dutch regulator sees potential privacy breach in Microsoft Windows – Reuters

Contractors at Microsoft eavesdrop on some Skype calls

Amazon and Google have been in the headlines recently over how the tech giants’ workers eavesdrop on the audio footage picked up by smart assistants. Now Microsoft has explaining to do following reports that its employees listen in on real Skype conversations that have gone through translation software processing.

People contracted to work with Microsoft take dialogues in for review as a means of translation quality control. No mention of this surveillance appears in Skype’s terms and conditions.

Source: Contractors at Microsoft eavesdrop on some Skype calls

New DPIA on Microsoft Office and Windows software: still privacy risks remaining

Three new DPIAs, which Privacy Company has carried out for the central Dutch government, show that Microsoft has mitigated the eight previously identified privacy risks for Office 365 ProPlus through a combination of technical, organisational and contractual measures.

However, the new privacy conditions for the central Dutch government do not yet apply to the data processing via Windows 10 Enterprise or the mobile Office apps. Moreover, certain technical improvements that Microsoft has implemented in Office 365 ProPlus are not (yet) available in Office Online.

Therefore, SLM Rijk advises government institutions to, for the time being, refrain from using Office Online and the mobile Office apps, and to opt for the lowest possible level of data collection in Windows 10.

Full article: New DPIA on Microsoft Office and Windows software: still privacy risks remaining (long blog)

German schools ban Office 365 due to privacy concerns

The German state of Hesse has ruled it’s illegal for its schools to use Office 365 after years of debate over whether the country’s schools and institutions should use Microsoft tools at all.

The Hesse Office for Data Protection and Information Freedom says the standard configuration in Office 365 could potentially make students’ and teachers’ personal data available to US officials. In addition to the information that users provide when they’re working in Office 365, the platform sends telemetry data back to the US.

Source: German Schools Ban Office 365, Cite Privacy Concerns

1 2 3 5
>