HomeWinBuzzer NewsMicrosoft Purview Extension of AuditLogging and Data Retention for Audit Standard...

Microsoft Purview Extension of AuditLogging and Data Retention for Audit Standard Pushed to 2024


has unveiled additional specifics about its plans to grow audit logging and data retention durations for Audit Standard users. The improvements were shared via a recent blog post by Rudra Mitra, Corporate Vice President for Microsoft's Data Security and Compliance. Among the anticipated additions for standard users include a lengthened audit logs retention time and thirty new types of audit logs.

Gradual Rollout until 2024

The extension of the audit log retention period started in October 2023. This progressive rollout will first become available for Microsoft's enterprise clients worldwide before being introduced to government customers. Mitra also indicated in his blog post that the new audit logs should be incorporated over the forthcoming months. However, some of these logs will not be available until mid or late 2024, as stated in Microsoft's roadmap.

Enhancements Welcomed But With Caveats

These upgrades were initially presented in a July announcement from Microsoft. The company had planned to increase the log storage duration from 90 to 180 days and expand the number of monitored log types in the standard version of Microsoft Purview Audit, all at no additional charges. The decision — which was championed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) – was made following discussions with customers. Despite the praises from CISA for this step towards better security, Mitra emphasized that such log data, though invaluable, should not be treated as a deterrent against cyberattacks.

Microsoft Purview Audit Premium offers a year of log storage, which aligns with CISA's recommendation for a full year of log storage to governmental organizations. Sources speculate that the agency may have pushed for these expansions due to data extraction attacks on governmental agencies in May through Microsoft Outlook, traced back to a -linked group named “Storm-0558”. CISA continues to advocate for advanced security features to be standard in all technology products, not available solely at premium pricing tiers.

Markus Kasanmascheff
Markus Kasanmascheff
Markus is the founder of WinBuzzer and has been playing with Windows and technology for more than 25 years. He is holding a Master´s degree in International Economics and previously worked as Lead Windows Expert for Softonic.com.

Recent News