Security questions Accessibility Insights - Windows #1660
Comments
microsoft-github-policy-service
bot
added
the
status: new
|
I got answer on Q3 - thanks https://privacy.microsoft.com/en-us/privacystatement |
|
Hi, @RababGomaa. Our telemetry contains usage data only, with no user-identifiable data or personal data. You can find specific details about collected telemetry at https://github.com/microsoft/accessibility-insights-windows/blob/main/docs/TelemetryOverview.md. That provides actual samples of the data that we collect via telemetry, as well as how domain admins can completely disable telemetry within an organization. That said, here's an attempt at your questions: Q1: I think the answer here is no. The only ID that we have for a given user/device combination is a randomly generated identifier that is regenerated on a monthly basis. Q2: Please see the link above Q4: We have no specific security guidance. If you're concerned about telemetry, use the domain admin control that is described at the link above Q5: We routinely monitor for CVE's. As of right now, all known CVE's have been addressed in the product. Please close this issue at your convenience. Thanks! |
DaveTryon
added
status: needs author feedback
|
The team requires additional author feedback; please review their replies and update this issue accordingly. Thank you for contributing to Accessibility Insights! |
DaveTryon
moved this from Needs triage
to Needs customer input
in Accessibility Insights
microsoft-github-policy-service
bot
added
the
status: no recent activity
|
This issue has been automatically marked as stale because it is marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. Thank you for contributing to Accessibility Insights! |
2 similar comments
|
This issue has been automatically marked as stale because it is marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. Thank you for contributing to Accessibility Insights! |
|
This issue has been automatically marked as stale because it is marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment. Thank you for contributing to Accessibility Insights! |
DaveTryon
removed
status: needs author feedback
and others
accessibility-insights-DesktopYour question here
The security team needs to complete an assessment before they accept to install the desktop version on the machines of the accessibility team. Here are a few questions that I need answers for. Thanks!
Q1 - Identification and authentication
Is there a way to uniquely identifi and authenticate users prior to access the tool.
Q2 - Encryption:
Q3 - Data collection
Please indicate the data collected by Microsoft via the Accessibility Insight.
Make sure to provide enough context. If you have spoken to a team member please mention them here.
Add any items (screenshots etc) that will help.
Q4 - Security recommendations
Microsoft security recommendations to apply them if you follow the aforementioned requirements.
Q5 - Common Vulnerabilities and Exposures (CVE)
The common Vulnerabilities and Exposures (CVE) system https://cve.mitre.org/cve/ provides a reference method for publicly known information-security vulnerabilities and exposures. Using the CVE list, add all CVE names and descriptions that have not been mitigated.
The text was updated successfully, but these errors were encountered: