Practical Protection: Protecting Your Enterprise Against Microsoft Recall

You probably saw some of the flap about Microsoft’s recent introduction of the “Copilot+ PC” hardware brand and the Windows Recall feature that takes advantage of it. (If not here are a few handy articles to help you get up to speed.)

As much fun as it would be to continue to beat the drum about Recall’s security implications, and what Microsoft’s original plan to release it says about Satya’s “do security!” memo, I’ll skip that, since Microsoft announced a few hours after I submitted this column that they were going to delay Recall’s launch and limit its initial distribution to only members of Windows Insider. Instead, in this column I want to focus instead on how you can proactively protect your enterprise from Recall.

Understanding Your Options

The two biggest problems with Recall today are simple to explain. The first is that it can accidentally ingest sensitive data. The second is that an attacker can get access to that data more easily than any of us would like.

It’s very difficult to guarantee that no device running Recall will ever see any of your corporate data. For example, an employee with a Copilot+ PC at home, with Recall enabled, who is allowed to use OWA will be capturing the contents of the mail she reads. You might be able to mitigate this by blocking her BYOD device from using OWA… but then she could still read her mail by using a remote desktop or VDI. Of course, you could block that too, but pretty soon you end up back in 1994 when most people could only get their email when sitting in the office.

We can hope that Microsoft will eventually add conditional access controls to say “no Copilot+ PCs” or “no devices with Recall enabled” for various use cases, but for now, you should start by setting your expectations. Today, here’s what you can do:

• You can apply policies to block the use of Recall on managed devices
• You can configure individual devices to prevent Recall from ingesting data from certain applications
• You may be able to block certain classes of Copilot+ PC devices from connecting to Microsoft 365 apps and services via conditional access policies

However, perfect protection isn’t possible so you need to think about what other layered defensive measures make sense for your environment.

Step 1: Get Your Devices Managed

Copilot+ devices start shipping June 18, 2024, although there are a couple of hacks that allow you to enable Recall on devices that don’t have Copilot+ hardware. Even when they do start shipping, your organization may not plan on buying them, and/or your end users may not buy them as personally owned devices. There’s no new release date for Recall yet, either. All this is really good news, since the delay gives you a chance to pre-emptively set up controls on whether or not Recall is enabled via either Intune or Group Policy Objects (GPO). You have a short window to step up your device management implementation if you want to pre-emptively block Recall on managed devices; in my opinion, you should do so ASAP.

Blocking Recall on Devices

For now, your only real management option for Recall is to disable it. You can do this in two ways.

If you’re using Intune (or another similar device management solution), you can use the WindowsAI configuration service provider (CSP) to set the DisableAIDataAnalysis policy setting. This disables the Recall functionality.

If you’re using GPOs, you need to set the User Configuration > Administrative Templates > Windows Components > Windows AI > Turn off saving snapshots for Windows setting to “Enabled.”

Note that even if you don’t apply these settings, users can still disable Recall on their own.

As far as I know, there is no way to query a device to see if it has Recall enabled, nor to report on which Recall-enabled devices are in your device fleet. However, this is such an obviously useful capability that I imagine we will see it appear soon.

Blocking Recall from Capturing Application Data

For devices that have Recall enabled, you might want to prevent it from capturing data in certain applications. This is a little more difficult to do than just disabling Recall because, as of now, Recall allows users to exclude applications by using the Recall settings pane. There’s currently no way for an administrator to apply these blocks across a set of devices. Microsoft is rumored to be preparing a second wave of Recall changes before its GA release, and perhaps a mechanism for applying blocks through policy will be included.

You can also tell Recall to filter out specific websites, provided you’re using Edge, Firefox, Opera, or Chrome. Recall will automatically filter out private browsing sessions on all Chromium-based browsers (which includes those four). However, as of today there is no way to centrally manage the list of blocked sites, so every user has to do it themselves.

You control both of these blocking capabilities by adding the app or website to block from Windows Settings > Privacy & Security > Recall & Snapshots. Neither of these interfaces are especially sophisticated; for example, you can’t currently block websites by specifying a wildcard pattern (such as https://my-company.sharepoint.com/*). This would be an easy area for Microsoft to quickly improve.

It is important to note that if the user chooses to tell Recall to make a snapshot (using the Now option), it will do so. The snapshot isn’t supposed to be saved, but it will still be collected even if there are blocked apps or websites or private browsing sessions active.

Blocking Recall-enabled Devices

You may be able to build a workable conditional access policy set for your specific organizational needs. I say “may” because the device type field of CA policies isn’t very granular, and it’s not trustworthy—just creating a policy to block the device platform type of Windows, for example, may not work the way you expect. For that reason, the CA documentation suggests that you block devices based on device compliance policies instead. Microsoft does document blocking by device type, but the template they provide can’t block only Windows 11 devices. At present, CA policies don’t support blocking only devices that have Copilot+ hardware, or that have Recall enabled, but it wouldn’t surprise me to see this capability added in the future.

Additional Measures You Can Take

Microsoft already announced two sets of pre-release changes to Recall to address some of its security issues. They will undoubtedly make other changes as they assess the market impact of the feature and the adoption rate of Copilot+ hardware. Besides the steps I mentioned earlier, there are a couple of other things you can do to lessen the potential impact of Recall in your organization.

The first is to lower the value of data that Recall might capture. Recall will happily grab passwords or one-time authentication codes that are displayed on screen… so force your users to use app-based TOTP authentication through Microsoft Authenticator, and consider using passkeys, to remove passwords from the equation. If you’re concerned about users accessing sensitive data, you can use Azure information protection to restrict their ability to view it from outside your corporate network. Of course, both of these measures make daily work less convenient for users, so you have to consider their potential security value in that light.

Of course, the biggest measure you can take is not to buy Copilot+ PC hardware for your enterprise. That does nothing to protect you against BYOD users, of course, but it does reduce the total attack surface. I love the idea of an optimized coprocessor for handling machine-learning processing, but it may be an idea whose time should be parked a little longer until the OS-level security controls that support it have been more fully realized.