Many functions of daily life depend on large corporations, many of whom collect large amounts of data. Keeping this data secure is a considerable issue. Almost all companies collect data about their users, and there is no shortage of malicious parties who want their hands on this information.
“As someone in charge of managing the security of all the devices around the security, the security of the district’s data is of utmost importance,” said technology director Kevin Pennekamp.
Microsoft is no exception to this. They have been pushing their new Recall feature onto Windows users recently. The feature involves taking screenshots of users’ computers every few seconds and storing them for easy lookup later.
At first glance, this may not seem concerning, but having any sensitive information, such as banking or personal data, stored on a device is a gold mine which potential actors can take advantage of.
In addition, the feature wasn’t even encrypted when it debuted. This means if anyone gets ahold of this data, they would immediately have access to all of its contents.
After receiving large amounts of backlash, Microsoft made adjustments.
Additionally, Microsoft has gone back on their word multiple times regarding Recall, stating that it would only be available on their brand new “AI-enabled” computers, but then forced it onto all Windows devices. The company also stated the feature would be opt-in, but a few additional updates made it an opt-out feature.
Most security researches advised completely uninstalling Recall. This was a viable option until the most recent Windows update in which uninstalling Recall breaks critical components of the system. Users are now forced to merely disable the feature if they do not want it, and Microsoft’s history of re-enabling features on users’ devices without notice prompts concern.
Managing a whole network of computers is difficult enough, but with the addition of Microsoft’s Recall, it is much more difficult. The entire Pleasant Valley school district uses Windows as the operating system on its desktop computers, so the developments pose an issue.
The school district is forced to choose between either updating to new versions of Windows where Recall is forced on the devices, or remaining on older versions. Both have their drawbacks.
“The school must approach this situation carefully to keep this school district secure,” said senior Arush Kachru.
Data attacks on schools are not uncommon, and updating to versions with Recall enabled could make the district a target. But not updating means the devices won’t be able to receive other security patches or bug fixes that come with.
“Microsoft Recall poses a large security concern for the school district,” said Pennekamp. “Keeping the district’s technology network is already difficult enough.”
Luckily, there are some solutions. One such is WinUtil, a tool designed to help system admins who manage many Windows devices remove unneeded bloat and other general utilities. Shortly after the update that forced Recall onto all devices, WinUtil put out their own update in response that enables system admins to remove the Recall installation safely without breaking the essential tools.
