Microsoft is quietly implementing a major change to how users sign into their accounts, and for business owners relying on Microsoft’s suite of products; this is news worth paying attention to.

Some in the tech news world were surprised that the announcement was discreetly tucked away in the Microsoft Account Help page. But while this update news has largely flown under the radar, its implications are significant.

Starting in February 2025, Microsoft accounts that are accessed via web browsers or apps will no longer log users out automatically when the browser or app is closed.

Without manually signing out, anyone using the same device afterwards could potentially access private emails, Cloud files on OneDrive, or even the browsing activity tied to the account.

A Security Shift That is Raising Serious Questions

For many users, automatic sign-outs have long been a safety net relied upon when accessing accounts on public or shared devices.

This default security feature, used by countless other platforms as well, ensures that sensitive information isn’t left exposed.

Removing this automatic logout raises an important question: why has Microsoft made this change?

One theory is convenience.

While Microsoft has dedicated apps for its services, a significant number of users still access their accounts through browsers, whether it’s Outlook for emails or OneDrive for file storage. For users accessing accounts on personal devices, removing the need to sign in repeatedly makes sense as it saves time.

However, this small convenience comes at a potentially great cost.

If users forget to manually log out or neglect to use private browsing mode (which will remain an alternative for those concerned about security), their accounts could be left vulnerable to unauthorised access.

This should be particularly concerning for businesses handling sensitive client data or financial information, where even a small lapse in security could have serious repercussions.

Microsoft’s move also mirrors the way Google accounts currently operate, where users remain signed in indefinitely unless they actively log out or enable private browsing. While this has become an accepted norm for many, it has also attracted criticism for introducing unnecessary risks, especially for users who don’t have two-factor authentication enabled.

Implications for Businesses

For businesses that depend on Microsoft’s suite of apps, this change simply highlights the importance of implementing and maintaining tough cybersecurity practices. Without the safety net of automatic sign-outs, it is more important than ever for organisations to encourage employees to adopt safer habits, such as:

• Manually logging out after using shared or public devices.
• Enabling two-factor authentication (2FA) to add an extra layer of security to their accounts.
• Using private browsing mode, particularly when accessing accounts on devices not owned by the organisation.

A Worrying Lack of Transparency

What is perhaps most concerning about this shift is Microsoft’s relatively quiet rollout of the update.

Unlike other major policy changes, which are often accompanied by prominent announcements or user notifications, this decision has been buried in the company’s support pages. For a change with such significant security implications, a clearer and more publicised communication strategy would have certainly been the better approach.

Since the update is set to take effect in February 2025, businesses have little time to prepare.

And while Microsoft could still introduce warning messages or pop-ups to remind users that they will remain logged in unless they take specific actions, it is best to be proactive to the change, and start logging out of apps accessed by browsers now.

*

Need help with your business IT Security? Or maybe you need Managed IT Support or a reliable VoIP provider? At 24/7 IT Services, we help companies like yours. Contact us today for more information.

The post Microsoft’s Quiet Login Update Could Impact Your Business Security appeared first on 247 IT Services.

However, this shift in the way of doing business and storing data comes with a whole new set of considerations, particularly regarding data compliance, something that needs to be seriously managed to ensure that both business and customer data is kept safe.

Basic UK Regulations

UK data compliance is intricate. It is made up of various regulations that are used to govern how businesses handle data.

The General Data Protection Regulation (GDPR) remains the cornerstone of compliance, emphasising principles like data minimisation, transparency, and subject access requests.

Companies that handle and store personal data on Cloud-based servers are responsible for ensuring compliance with the GDPR. Generally, the company will be seen as the “Cloud customer” and as such will take on the role of the data controller. And even if the company isn’t in complete control over the Cloud (which can happen if the company is using a 3rd party provider), the company will still take on the responsibility around the handling of the data.

Aside from the GDPR, businesses need to also consider industry-specific regulations, such as the Payment Card Industry Data Security Standard (PCI DSS) for financial services or the National Health Service (NHS) data protection standards for healthcare.

The Challenges around Cloud Data Compliance

While the Cloud has numerous benefits, several factors can complicate compliance for UK businesses. If you are one of those businesses that rely heavily on Cloud storage, you must understand the difficulties around compliance, to ensure that you don’t fall on the wrong side of regulations. These are just a few of the data compliance challenges that you might encounter:

• Data Location and Residency Issues

One of the biggest concerns is data location and understanding where your Cloud provider stores data and having clear contractual clauses is a must.

The GDPR states that the personal data of EU citizens must be processed within the EEA (European Economic Area), unless stated otherwise. Businesses using Cloud services with servers outside the EEA need reliable and secure data transfer agreements (DTA) to ensure adequate data protection.

• Data Breaches

This is another of the biggest concerns around storing or handling data on the Cloud. Data breaches and the resulting data theft are always something that companies should not only keep in mind but be fully prepared for. It is important that businesses only choose Cloud services that are renowned for their security features. Such services should have particular control over the prevention of unauthorised access.

• Working with a Shared Responsibility Model

Cloud providers often have a “shared responsibility model” for data security. This means the provider secures the underlying infrastructure, while the businesses using the services remain responsible for the data itself and how it’s accessed and managed.

Businesses should be proactive when using this model and they can do this by implementing strong access controls, encryption, and data loss prevention (DLP) measures within their side of the Cloud environment.

• Responsible Vendor Management

Selecting a reputable Cloud provider is naturally a must.

Businesses should always conduct thorough due diligence on a vendor’s security practices, compliance certifications, and incident response protocols. They should also commit to regularly reviewing these aspects to maintain proper oversight.

Easy Strategies for Effective Cloud Compliance

UK businesses like yours can take certain, hands-on steps to address these challenges and ensure that the approach to the Cloud is fully data-compliant. You can take these steps by either hiring the services of an IT company or by appointing someone in your business to be the data compliance officer. If you opt for the latter, then these are some strategies to try out:

• Comprehensive Data Mapping – You should start by conducting a thorough data mapping exercise to identify all of the personal data stored and processed in your Cloud. This understanding helps to determine which regulations will apply to your company, as well as risk areas.
• Cloud Provider Selection – Choose a Cloud provider with a strong track record of compliance and which has tough security measures. You should also look for companies with certifications like ISO 27001 and SOC 2, which demonstrate a commitment to data security.
• Contractual Safeguards – Make sure that your contract with your Cloud provider clearly defines their responsibilities for data security and privacy.
• Internal Controls and Training – Implement internal controls for data access, encryption, and incident response within the Cloud environment. Regular employee training on data privacy best practices should also be something that you do on an on-going basis.
• Compliance Management Framework – Finally you shoulddevelop a comprehensive compliance management framework for the Cloud. This framework should map data flows, identify risks, and outline procedures for on-going monitoring and compliance audits, specifically for your business.

* If you need assistance with Cloud data compliance for your company, contact 24/7 IT Services today. Our helpful IT consultants can assist with Cloud Services, IT Security Solutions and more

The post Cloud Compliance Challenges and Solutions for UK Businesses appeared first on 247 IT Services.

Much like Google Cloud, Amazon Web, and the numerous other types of Cloud computing services out there, Azure is a helpful platform that is used by companies who, for example, lack the space and finances for a server. Instead of making a plan to bring in an expensive server, or to opt for a less effective and far less secure Cloud service, businesses can turn to Azure Cloud Computing for their data storage and data access needs.

Some of the Microsoft Azure features function through the use of virtual machines, which are created to be instantly accessible and to save on costs. There are a variety of types of virtual machines, and it is important that when a business is making the decision to move their workload over to Azure that they select or create the right machine for their needs. 

About Virtual Machines

Virtual machines can be created by Linux or Windows operating systems and these machines can include up to 416 vCPUs and 12 TB of memory. Other features include up to 3.7 million local storage IOPS per VM, 30 Gbps Ethernet and 200 Gbps Infiniband.

By using virtual machines, you will be able to enjoy a number of benefits that go beyond just having a huge amount of virtual space for your data. Other benefits that users will be able to experience include:

• Low cost billing. The service is based on a pay-as-you-go type of service, so you will only be charged for what you use. Alternatively, there are various subscription options available.
• Easy scalability. As your business grows so can your virtual machine through the use of the Azure Virtual Machine Scale Sets. Should you need to upscale, a new virtual machine can be implemented within minutes.
• Data is protected. Virtual machines are designed to encrypt data and protect it from threats. The system is setup in such a way that it is industry compliant.
• Linux or Windows. The virtual machine setup works efficiently on both operating systems.

The entire Azure system as well as the accompanying virtual machines are consistently updated to ensure smooth running and often new features are also added, giving those who use the system more to work with.

How can Microsoft Azure assist your business?

There are a variety of ways that Azure can transform your business, and help you out with day to day tasks:

• Both backups and the recovery of data is made simple as Azure keeps full data backups. Should you need to access or install a backup, the process requires just a few clicks. This is a huge timesaver and considering the scope and amount of data it will store, it is an incredibly cost-effective solution.
• You and your staff can work from anywhere. Azure is a Cloud system which instantly gives those who use it the means to work from wherever they want or need to.
• Collaborate with ease. Teams who need to share documents for work purposes can work together seamlessly as they are able to access their shared files from anywhere, and at any time.
• Free services. If you use Azure for more than 12 months you will gain access to an additional 55 services, including virtual machines for Linux, which will stay free forever while still only paying for what you use.

There is also the option of building your own virtual machines, something that many businesses might prefer to do, as this will give them more control when it comes to structuring a system that is customised just for the company.

For more information about how Microsoft Azure and its advanced virtual machines can help your business, you can contact 24/7 IT Services today. We offer our clients a versatile and highly effective Cloud Computing service.

The post A Quick Intro to Azure Cloud Computing for Linux and Windows. appeared first on 247 IT Services.