Microsoft has had some bad luck when it comes to securing its systems against cyberattacks. In the past several weeks, the company has admitted that a denial of service attack caused its Office and Microsoft 365 services to be inaccessible to many of its customers.
More recently, Microsoft stated a suspected Chinese hacker group got their hands on an inactive MSA consumer signing key and used it to access Outlook.com and Outlook on the Web services, and it was able to access emails from a number of government agencies.
Now, the company is says it will give its enterprise customers more information on its security logs in an effort to learn more about possible future cyberattacks. Microsoft has partnered with the US Cybersecurity and Infrastructure Security Agency (CISA) on these efforts.
In the near future, Microsoft plans to give its customers access to a wider range of its cloud security logs at no additional cost to them. While Microsoft says these log reports don't directly prevent cyberattacks, they can be examined and analyzed so that Microsoft and companies that use its cloud-based services can prepare for any future attacks.
The blog post added:
As our expanded logging defaults roll out, Microsoft Purview Audit (Standard) customers will receive deeper visibility into security data, including detailed logs of email access and more than 30 other types of log data previously only available at the Microsoft Purview Audit (Premium) subscription level. In addition to new logging events becoming available, Microsoft is also increasing the default retention period for Audit Standard customers from 90 days to 180 days.
The logging updates will start to become available in September for all of Microsoft's government and commercial customers. It will be interesting to see if this new attempt at online security transparency will be an effective way for Microsoft and its customers to stop future cyberattacks.