Microsoft reportedly recently struck a deal with the security firm FireEye, according to a publication made in The Australian shop Arn. The agreement gives access to FireEye on all telemetry data collected by Windows 10.
The publication reports that FireEye will offer in return Microsoft's iSIGHT Intelligence software to be used by Windows Defender Advanced Threat Protection on all Windows 10 devices.
FireEye's iSIGHT Intelligence software is a future threat prevention application that can check if businesses meet the requirements and tools to cut off an attack.
On the other hand, Windows Defender is a program that comes embedded in Windows 10 and is enabled by default.
Customers using Pro and Enterprise can upgrade to Windows Defender Advanced Threat Protection with behavior sensors, security analysis, and cloud threats.
The publication states that the partnership definitely benefits Microsoft, namely the reputation and reliability of the Windows Defender commercial release.
A press release from FireEye released on 3 November at 2016 provides additional details on the deal.
Please note that the iSIGHT Intelligence software is available through Windows Defender Advanced Threat Protection (WDATP), but not the free version of Windows Defender.
WDATP clients can access various technical indicators provided by the software. These include the basic motivation of the attacker, tools he uses, information about the domains-targets and geographic areas, as well as a description of the attacker and his operations.
According to the ARN publication, security teams can have all Windows 10 telemetry data through subscription billing models.
The company will have access to the telemetry data of all Windows 10 devices. An overview of which versions of Windows are included is provided on its page TechNet on the Web.
Meanwhile, neither FireEye, nor Microsoft or the ARN publication disclosed details about the range of telemetry data that FireEye will have at its disposal.
But according to them Microsoft Terms of Service, more probably was expected:
"We share your personal data with your consent or as required, for the completion of any transaction or for the provision of any product you have requested or authorized. We also share data with Microsoft affiliates and affiliates, with suppliers who work on our behalf when required by law or to respond to legal proceedings, to protect our customers, to protect life, to maintain security our products and to protect the rights or property of Microsoft. "
At present, what we can safely say is that terms of the agreement are not yet known, so we can not know if FireEye will gain access to all telemetry data.
However, the fact that telemetry data is offered to third parties is quite problematic.
Below are the details that Microsoft collects, according to the terms of use of each software:
"Microsoft collects data to operate efficiently and offer you the best possible experience with its products. Some of this data is provided directly by you, such as when you create a Microsoft account, submit a search query to Bing, give a voice command to Cortana, send a document to OneDrive, purchase an MSDN subscription, sign up for Office 365, or contact us for support. We obtain certain data by recording how you interact with our products, for example, using technologies such as cookies and taking error reports or usage data from software running on your device.
We also get data from third parties. For example, we supplement the data we collect by buying demographic data from other companies. We also use services from other companies to identify your location based on the IP address, so we can customize certain products.
You have choices about the data we collect. When asked to provide personal data, you can refuse. However, if you choose not to provide data that is necessary to provide a product or feature, you may not be able to use that product or service.
The data we collect depends on the products and capabilities you use, and may include the following:
Name and contact information. We collect your name and surname, email address, postal address, telephone number and other similar contact information.
Credentials. We collect codes access, password hints, and similar security information used for authentication and account access.
Demographic data. We collect data about you, such as your age, gender, country and language of preference.
Input Data payments. We collect data that is necessary to process your payments if you make purchases, such as your payment instrument number (eg credit card number), and the security code associated with the payment instrument.
Usage data. We collect data about how you and your device interact with Microsoft and our products. For example, we collect the following:
- Product use data. We collect data about the features you use, the items you buy, and the websites you visit. This data includes your voice commands and your interactions with Bing, Cortana, and the chat bot that we have.
- Device data. We collect data about your device and the network you use to connect to our products. This includes data about the operating systems and other software installed on your device, including any product keys. The data also includes IP address, device identifiers (such as IMEI number for phones), regional and language settings.
- Error reports and performance data. We collect information about the performance of the products, as well as any problems you encounter with them. This data helps us diagnose problems with the products you use, as well as improve our products and provide solutions. Depending on your product and settings, the error reports may include data such as the type or severity of the problem, software or hardware-related details, file contents that you used when an error occurred, and data about another software on your device.
- Support Data. When you contact Microsoft for support, we collect data about you and your hardware and software, as well as other details related to the support incident. This data includes communication or authentication data, the content of your chats and other communications with Microsoft support, data about the state of the machine and application when the error occurred and during duration diagnostics, as well as system and registry data related to software installations and hardware configurations.
Interests and favorites. We collect data about your interests and favorites, such as groups watched in sports apps, stocks you're watching in economy apps, or your favorite cities that you add to weather apps. In addition to the information you provide yourself, your interests and favorites can also be inferred or derived from other data we collect.
Contacts and relationships. We collect data about your contacts and relationships if you use a Microsoft product to manage contacts, communicate, or interact with other people or organizations.
Location data. We collect data about your location, which may be accurate or inaccurate. Exact location data may be Global Positioning System (GPS) data as well as data from nearby mobile and Wi-Fi hotspots that we collect when you activate products or positioning capabilities. Inaccurate location data includes, for example, positions resulting from your IP address or data indicating less precisely where you are, such as city or postal code.
Content. We collect content from your files and communications when necessary to provide the products you use. For example, if you receive a message email via Outlook.com or Exchange Online, we need to collect the content of that message in order to deliver it to your Inbox, display it to you, allow you to reply to it and store it on your behalf; until you choose to delete it. Examples of this data include: the content of your documents, photos, music or videos that you upload to a Microsoft service such as OneDrive, and the content of your communications sent or received using Microsoft products such as Skype or Outlook.com, including the following:
- the theme line and the body of an email,
- the text or other content of an instant message,
- record audio and video from a video and video message
- the recording and transcription of a voicemail you receive or a text message you dictate.
We also collect the content of the messages you send to us, such as comments and reviews you write about the product, or questions and information you provide to customer support. When you contact us, for customer support for example, the telephone talks or chat sessions with our representatives may be monitored and recorded. If you visit our retail stores or other facilities, your image may be captured by our security cameras.
The product sections below describe data collection practices that apply to the use of these products. ”