Finding the right balance: Microsoft security, privacy and functionality

Sniperindia
JAMF

Finding the right balance: Microsoft security, privacy and functionality

Paul Bowden of Microsoft helped Jamf Nation User Conference (JNUC) attendees understand how to get the most out of security, privacy via Microsoft, and go through new approaches and features in Jamf Pro. As was mentioned in the opening keynote, there are now Microsoft Office setting features now baked into Jamf Pro.

Bowden mentioned to attendees that he would be taking them through a ‘commonsense approach’ and to ask themselves, “What would I do to make Office more secure, less vulnerable to attacks, and how to understand risks to comply?”

To do this, Bowden mentioned they would need to:

  • Understand the default product options
  • Evaluate your risks and compliance policy
  • Implement the changes in Jamf Pro

“It’s a balance, between security and privacy,” Bowden said and showed a balance scale with security and privacy on opposite sides. Bowden continued telling attendees “the offset is on features and functionality.” If admins want to lock things down, the trade off is in functionality.

Bowden mentioned a goal of Microsoft is to collect feedback to better understand what their customers need. This has allowed Microsoft to provide better overall transparency and give customers a choice to determine the data they want to provide Microsoft.

Office includes in-product features that connect with back-end web services. You install Word on your local machine and you don’t really know or notice how many of those features are executed locally or how many are calling a web service. Some are more obvious than others.

In terms of the data Microsoft receives from users, they bucket them in three categories:

  1. Basic (aka Required) — Keeps Office secure, up-to-date and performing as expected.
  2. Full (aka Optional) — Product usage data and enhanced telemetry. Things you can optionally send to Microsoft to help make it better.
  3. Zero (aka None) — Don’t send any diagnostic data. “I bought the product, I don’t want this to phone home or send any data.” There are some trade-offs: If you don’t send Microsoft data, it’s more challenging to make products better since they won’t know what is being used and what is important to users.

Bowden next walked attendees through a demo of setting privacy options with the new ‘Application and Custom Settings’ payload. Read More

Sniper systems is jamf Reseller in Chennai

Back To Top