Microsoft Relents, Offers Free Critical Logging to All 365 CustomersMicrosoft Relents, Offers Free Critical Logging to All 365 Customers
Industry pushback prompts Microsoft to drop premium pricing for access to cloud logging data.
July 20, 2023

Note: An earlier version of the story used "key" in the headline as a synonym for "critical." The result read as a possible reference to "keylogging," which was not the intent. The word was changed for clarity.
Microsoft dropped the fees associated with expanded logging access for all levels of 365 license holders, after complaints that the cloud service provider was effectively levying a logging tax on customers.
In parallel, a recent update from the Cybersecurity and Infrastructure Security Agency (CISA) on an espionage campaign being waged against Microsoft 365 by Chinese APT group Storm-0558 further highlighted the need for organizations to have access to detailed logging to gather evidence of compromise.
Microsoft acknowledged the need to make it more economical to access logging data. "These steps are the result of close coordination with commercial and government customers, and with CISA about the types of security log data Microsoft provides to cloud customers for insight and analysis as the threat landscape continues to evolve," the company said in a statement to Dark Reading.
Going forward, Microsoft Purview Audit Standard customers will get deeper visibility into security data, including detailed logs of email access and more than 30 other types of log data previously only available to Purview premium subscribers. "Purview Audit logs enable an enterprise to visualize cloud log data, helping customers to effectively respond to security events and investigate what data was accessed in a breach," Microsoft added.
Additionally, Microsoft will extend the retention time for logs from 90 days to 180 days.
CISA's executive assistant director for cybersecurity, Eric Goldstein, applauded Microsoft's move.
"We believe that every organization deserves to have products that are secure by design and come with necessary security data 'out of the box,'" Goldstein said, in a statement of support. "Microsoft's announcement today is an important step forward in advancing the security of our communities, companies, and country, recognizing our shared work yet to come."
About the Author(s)
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication Methods
Oct 26, 2023Modern Supply Chain Security: Integrated, Interconnected, and Context-Driven
Nov 06, 2023How to Combat the Latest Cloud Security Threats
Nov 06, 2023Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and Phishing
Nov 01, 2023SecOps & DevSecOps in the Cloud
Nov 06, 2023