No One Likes a Snitch

9822925673?profile=RESIZE_400xIt is the time of year when that little snitch, “The Elf on the Shelf” returns to the bane of most children.  Luckily that tattletale only works for a couple of weeks a year and then is returned to a box in the attic.  There is a new “Elf” in town, who will never take a day off. Do you think there are limits to what your employer can see you do online? Some new Microsoft updates may make you think a little more about that.   It may be that you think your employer is doing evil, unspeakable, or merely unpleasant or illegal things. But it may equally be that you're less a whistleblower and more tending toward the unpleasant, untrustworthy, or even illegal yourself.

Microsoft is preparing a couple of little updates that may curb employee rule-breaking enthusiasm.  This news comes courtesy of Microsoft's roadmap service, where Redmond prepares you for the joys to come.

The first is headlined: "Microsoft 365 compliance center: Insider risk management Increased visibility on browsers."  It all sounded wonderful until you those last four words? For this is the roadmap for administrators. When you give any administrator "increased visibility on browsers," you can feel sure this means an elevated level of surveillance of what employees are typing into those browsers.

In this case, Microsoft is targeting "risky activity." Which may have an “evolving” definition.  And who is programming the snitches?  It offers a link to its compliance center, where the very first sentence has whistleblower built-in: "Web browsers are often used by users to access both sensitive and non-sensitive files within an organization."   What is the compliance center monitoring? It states: "files copied to personal cloud storage, files printed to local or network devices, files transferred or copied to a network share, files copied to USB devices."

Users have assumed this was the case? But now there will be mysteriously increased visibility.  "How might this visibility be increased?"   There is another roadmap update that may offer some clues.  This one proclaims: "Microsoft 365 compliance center: Insider risk management and new ML detectors."

Your company will soon have extra-special robots to crawl along after you and observe users’ every "risky" action. It is not enough to have increased visibility on browsers. You must also have Machine Learning constantly alert for someone revealing your lunch schedule.  Microsoft offers a link to its Insider Risk Management page. This enjoys some delicious phrasing: "Customers acknowledge insights related to the individual user's behavior, character, or performance materially related to employment can be calculated by the administrator and made available to others in the organization."

This is all understandable. The easier it gets for employees to behave in even marginally nefarious ways, the more there has to be security to prevent them from doing it.  The more that cyber weaknesses exist, the more someone might want to exploit them.  There is another small representation of the complete lack of trust among humans and especially between management and employees. Technology, because of its immediacy and ubiquity and open use by all.

The more companies introduce spy software upon their employees, especially employees working from home, the less trust can exist between those who work and those who manage.  The more companies want to follow every single moment of their employees' working lives and even non-working lives the less it feels like we're all in this together.

There is a certain symbolism in the product name, Microsoft 365 will soon be following you around 365 days a year.

Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments, or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com

Weekly Cyber Intelligence Briefings

Weekly Cyber Intelligence Briefings:

REDSHORTS - Weekly Cyber Intelligence Briefings

https://attendee.gotowebinar.com/register/3702558539639477516

E-mail me when people leave their comments –

You need to be a member of Red Sky Alliance to add comments!