this post was submitted on 03 Jun 2024
1300 points (96.4% liked)
Technology
59534 readers
3199 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
They’re gonna need a way for IT departments to categorically disable Recall from doing any visual capture/scraping of data. I work in a HIPAA-constrained industry, and the entire concept of MS’s Recall is 100% a non-starter. The legal liability alone categorically disqualifies it from being an acceptable piece of software to run on ANY system that has access to ANY PII or PHI.
Yeah, that's why I mentioned in my comment that enterprise/professional versions will almost certainly allow it to be completely disabled via GPO, as this would be a death sentence for Windows. Businesses and governments across the world would immediately begin planning to off board to something else otherwise.
Hmm. Do you allow people to VPN in from non-company-controlled laptops? Because I figure that anyone doing work at home is going to be maybe unwittingly having local copies made of data that they're working with.
No, we do not. Our corporate network connectivity is pretty tightly controlled, and non-issue devices are not permitted on sensitive networks - either VPN or on-premises. I haven’t bothered asking, but I would assume they’re doing system-wide MAC filters as one of the security layers.
I mean yeah it’s possible to exfil data, but it definitely takes some effort, and doing so would be a willful violation of some pretty significant security policies (up to and including “you’re fired, security will escort you out”, depending on the data and the circumstances”), and, you know, it’s nice having a job. Not to mention, I think HIPAA and GDPR privacy stuff, while often tedious in terms of implementation, are absolutely good and worthwhile things for consumers and users, and should not be ignored for expediency or profit.