What you need to know
- With new data leak control capabilities, Microsoft is reducing browser data exfiltration in Edge for Business.
- The new capabilities prevent users from capturing screenshots and circulating important information with unauthorized users, as it displays a plain black screen when someone tries to capture a screenshot.
- Microsoft unveiled additional security measures for its controversial Windows Recall feature to promote privacy, amid backlash from concerned users and the discovery of several security loopholes.
Microsoft CEO Satya Nadella's pledge to make security the company's top priority as it underpins every layer of its tech stack is coming full circle. As you may know, Windows 11's new next-gen AI feature Windows Recall has been brewing controversy among users over its security and privacy. The cocktail of emotions and overall concern from users has prompted the tech giant to address the issues with additional security measures, including making Windows Hello enrollment mandatory to enable Windows Recall in Copilot+ PCs.
As it happens, this isn't the only security issue Microsoft is addressing today. Last year, Microsoft released a business-themed version of its Edge browser. Microsoft Edge for Business is designed to help users keep their personal and professional browsing separate. The browser is now gaining a new feature to help reduce data exfiltration with expanded screenshot prevention across more apps and AI tools.
If you don't have a Copilot+ PC with Windows Recall enabled, you probably use the good old snipping tool to snag screenshots of important documents, credentials, and more as you scour the internet. While this might seem harmless since the snapshots are stored locally (like Windows Recall's), an issue arises when these screenshots with critical information start circulating within the organization.
To address this, Microsoft has unveiled new data leak control capabilities in Edge for Business as part of the browser's screenshot prevention policies. Once the new capabilities are enabled, users won't be able to capture screenshots. Instead, the information will be covered with a black screen, rendering the efforts futile. It's worth noting that the data leak control capabilities also apply when using Copilot in the Edge sidebar. As such, you won't be able to capture prompts or responses while using the tool.
According to Microsoft:
"These policies can be set across Microsoft 365, Microsoft Defender for Cloud Apps (MDA), Microsoft Intune Mobile Application Management (MAM) and Microsoft Purview. This will give your organization additional protection to help keep sensitive data from leaking."
The feature is expected to ship to broad availability in the next few months. Microsoft is also improving leak protection in sensitive Word, Excel, and PowerPoint, which should be available in the next few weeks.