Microsoft said that it is going to offer all of its customers more information about the activity happening on their cloud platforms after years of criticism about its practice of charging extra for data that is vital to stopping some hacks
Starting from September, Microsoft will make “detailed logs of email access and more than 30 other types of log data” available for free in its basic cloud subscription tier. The company is also increasing the default retention period for log data from 90 days to 180 days.
These logging features were previously only available to premium subscribers, which made it harder for non premium users to detect hackers accessing their systems. Microsoft’s policy of charging extra for this basic information contradicted advice from the Department of Homeland Security’s Cybersecurity and CISA, which published guidance in April urging tech companies to offer log data and other critical features for free and by default.
Microsoft’s decision is likely to further increase pressure on other tech giants that continue charging extra for basic log data, including Amazon and Google.
Microsoft’s log-pricing policy was thrust into the spotlight last week after suspected Chinese hackers exploited a flaw in Microsoft’s system to breach the email accounts of roughly two dozen of its customers, including three government agencies.
The intrusion was stealthy enough to be invisible to any customer not paying for Microsoft’s premium log data. Fortunately, the State Department was paying for that data, spotted the attack and alerted Microsoft, which fixed the problem and kicked out the hackers.
While Microsoft didn’t mention this latest Chinese attack, the company on Wednesday said its announcement was the product of its “close partnership” with CISA.