Microsoft outlines Windows Recall security and confidentiality characteristics

“Virtualization-Based Security (VBS) Enclaves leverage the identical hypervisor as Azure to partition the system’s memory into a specialized secured zone where data can be processed,” mentioned David Weston, executive vice president for Corporate and OS Security at Microsoft. “Following the Zero Trust principles, software inside these enclaves can apply cryptographic attestation protocols to ensure that the surroundings are safe before executing sensitive tasks, such as snapshot handling.”

According to Weston, Microsoft will furnish users with a variety of confidentiality management tools. Users have the flexibility to individually delete recorded snapshots or in bulk within a defined timeframe and define the duration for which Recall content should be preserved. Default content filtration is in place to deter Recall from capturing screenshots of sensitive information like credit card data and websites — especially those related to health or finance.

“Through the Recall management features, users have the ability to store a significant or minute amount of data based on their preferences, all while retaining control over their information,” he added.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts