Zero-Trust Security: Why Does Microsoft Consider Commercial Customers' IT Admins Above Reproach, & Expose Itself, & Its Support Engg. To Malpractices!
I would like to ask Microsoft the following question: If Microsoft was so serious about "Zero-Trust" security, then, it could have made all forms of their log dumps - read-only - so that, B2B clients, & Microsoft support agents alike, would be assured that the data uploaded by the former, (B2B clients's IT Admins), to the latter's, (Microsoft's), FTP site has genuine integrity ! So, why hasn't it done so ?!? This has already been done for the online, & on-premises #B2C consumers alike, with the Microsoft Support Diagnostic Tool, (MSDT); whereby an "#ActiveX control...is used to securely transfer files, & diagnostic utilities from Microsoft, & to upload information back to Microsoft. This file is stored in the %windir%\Downloaded Program Files folder." (Source: https://tinyurl.com/54arvefa) So, with this tool, operator error isn't possible either inadvertently, or intentionally, as the process is automated, & the logs are read-only. However, with the case of B2B customers' logs, only those who are cloud-based customers, have such protection. "If you sign in to the Microsoft Support & Recovery Assistant, (SaRA), by using an account in Office365, you also see an option to send your files to Microsoft. This option is helpful if you are working with a Microsoft support engineer. Select Send to have your log files securely uploaded." (Source: https://tinyurl.com/hb3by3v3) However, on-premises B2B customers are not so well-protected, & the integrity of their data can be doubtful, when it is in the hands of IT admins or Support Engineer-agents alike ! This has proved costly, recently, when an IT Admin intentionally damaged his firm's M365 cloud network. (Source: https://tinyurl.com/ad3vffrt) So, IT Admins aren't above reproach ! Read-Only logs, or automated logging, & uploading of these logs to Microsoft is the all the more imperative, because some diagnostic packages may require enabling tracing, or specific logs that may "remain" enabled on the computer until the diagnostic uploads troubleshooting information to Microsoft Support. A support agent cannot simply have the IT admin client upload these logs while on call with them, as these logs have to "remain" enabled for sometime, longer than the duration of the average phone call between any parties, for these logs to be useful enough to Microsoft utilities to identify & analyze the root cause. So, the logger cannot verify remoting in, (except by being onsite, & in-person), whether the logs are genuine ! In retrospect, this is a gaping loophole, & no stone must be unturned to ensure Zero-Trust security, & this urgent tweak is necessary to restore confidence in the Integrity of the after-sales Microsoft support function ! (Verbose, time-&-memory-intensive logging resources gathered, should be worth the effort made by Support Engineers.)