violetkaipa - Fotolia


Windows 10's Cortana boosts productivity, privacy concerns

In Windows 10, Cortana can enhance user productivity with improved organization and Web searching, but it collects location and text information, as well as other data.

One of the most talked about Windows 10 features is Cortana, a virtual assistant embedded in the operating system and available to desktop users on-demand.

In Windows 10, Cortana replaces traditional search features and adds advanced capabilities that support both text and voice input. Cortana is more than just an enhanced search engine. It is a Microsoft cloud service powered by Bing, with integrated OS touch points and ongoing data collection. Introduced in Windows Phone 8.1, Cortana offers a wide range of integrated features to assist users with scheduling, task reminders, travel updates, location information and other services. It also provides search capabilities that span the local file and application systems and stretch to the Web.

With Cortana, Microsoft hopes to deliver a virtual assistant that provides both relevant and timely personalized information to users, helping boost productivity and enhance the user experience.

The potential dark side of Windows 10's Cortana

To deliver Cortana effectively and steadily improve the service, Microsoft collects data about the users and systems that access Cortana, including personal information such as an individual's interests, locations and preferences.

Cortana collects data about how users browse and search for information, as well as how they use their devices and other services. According to Microsoft, the data comes from any of the following sources:

Location services: Cortana retrieves current location history and other location indicators, such as geotagged photos.

Communication history: The service tracks call, email and text message histories to determine the most relevant contacts and preferred methods of communication, and to help improve services such as speech recognition.

Email and text messages: Cortana scans message text to add events to the calendar, flag priority messages and track important event

Speech and input personalization: It sends speech data to Microsoft to build personalized speech models and improve speech recognition.

Services and applications: Cortana collects data from other Microsoft services to enhance personalization, such as learning a user's favorite places through Bing Maps. Users can also connect to third-party services for additional personalization based on data from those services.

Browsing and search history: The service retrieves browsing histories from Microsoft Edge -- if a user chooses to send that history to Microsoft -- and uses Bing search query tracking.

Microsoft assures customers that all data is encrypted in transit and stored in ultra-secure facilities. The company also says it does not scan message content to deliver targeted advertising, and that no one is listening in on phone calls.

Despite the company's claims about securing data and protecting privacy, industries that handle highly sensitive data should be reluctant to transmit information back to Microsoft. For example, military and intelligence agencies would not want to enable any form of data collection, especially because Cortana requires location services.

What types of Cortana controls exist?

Because Windows 10's Cortana is a cloud service, users must be logged in to take advantage of the virtual assistant's capabilities.

Cortana replaces traditional Windows search features and adds advanced capabilities that support both text and voice input.

To make Cortana work, a user must associate a Microsoft account with his system account, even if the system account is a directory-managed enterprise domain account. Organizations that let employees use Cortana on their Windows 10 Enterprise desktops must be able to manage the domain accounts and let users associate Microsoft accounts.

Unfortunately, setting up desktops to accommodate Microsoft accounts is not always straightforward. For example, administrators must prevent upgrades and configuration changes from creating multiple Microsoft accounts on a single machine. Otherwise, Cortana might not work for a domain account running on that machine, which could lead to additional support calls and resource allocation. As a result, it is particularly difficult to support Cortana on multi-user desktops.

For organizations that want to forego Microsoft accounts altogether -- and subsequently the services they support -- Microsoft provides the Group Policy setting "Block Microsoft accounts" which supports three options. The first is "the policy is disabled" where users can work with Microsoft accounts to access features such as Cortana. The "users can't add Microsoft accounts" setting prevents users from creating new Microsoft accounts, switching a local account to a Microsoft account or connecting a domain account to a Microsoft account. Finally, the "users can't add or log on with Microsoft accounts"
setting stops users with existing Microsoft accounts from logging in to Windows. According to Microsoft, selecting this option can make it impossible for an existing administrator to log on or manage a system.

Controlling Microsoft accounts is only one part of the equation, however. An organization might want to allow its employees to associate Microsoft accounts with their domain logins, but still limit Cortana in Windows 10.

Fortunately, the latest Windows 10 Enterprise update supports a number of new Group Policy settings for controlling Cortana:

  • "Allow Cortana" determines whether Cortana can run on a device.
  • "Allow search and Cortana to use location" controls whether Cortana can provide location-aware search results.
  • "Do not allow Web search" chooses whether to search the Web from the desktop search box.
  • "Don't search the Web or display Web results in Search" regulates whether to search the Web from Cortana.
  • "Set what information is set in search" decides what information is shared with Bing when searching.

The updated Windows 10 Enterprise edition and the Education edition let administrators completely disable the OS from sending telemetry information to Microsoft. These are the only Windows 10 editions that allow an organization to fully control what information it sends back to Microsoft.

To Cortana or not to Cortana?

Services such as Cortana make workers more productive. Users can search local resources and Web-based information more effectively and manage their tasks and schedules more efficiently, but the productivity comes with a trade-off: Microsoft's extensive data collection. To be at its most effective, Windows 10's Cortana must know what the user is doing and where he is at all times so it can maximize relevancy and personalization.

With Cortana, organizations have a clear choice. If the productivity gains outweigh the security concerns, Cortana is a fit. If an organization doesn't want all its information sent to Microsoft, it should pass.

Next Steps

Cortana, the medical assistant?

A look at Cortana in the enterprise

The business case for Windows 10's Cortana

Dig Deeper on Windows 10