DiagTrack: Connected User Experience and Telemetry Service

DiagTrack: Connected User Experience and Telemetry Service

3 Minutes Read Updated on May 21, 2025

What is User Experience and Telemetry Services

In the age of software subscriptions, it is expected for over the air updates and bug fixes to happen instantaneously. To fix bugs and improve the user experience the software must be able to contact the creator to inform them of what is in need of optimization.

The Connected User Experience and Telemetry service, also known as DiagTrack or Customer Experience Improvement Program (CEIP), is a built-in Windows service that collects and transmits anonymized data about user experience and device health to Microsoft. This data can include things such as device specs, installed programs, basic error info, and Windows update details.

What is Authenticated Proxy usage?

An authenticated proxy is a type of proxy server that requires user authentication. When sending User Experience and Telemetry service data to Microsoft servers there are two options. When the setting is enabled, the data will be sent utilizing an authenticated proxy server (requiring username and password) configured within your network environment. If disabled, a direct connection with Microsoft endpoints is established, bypassing any proxy servers.

cis benchmark certified

The difference between using an authenticated proxy and direct

While the Connected User Experience and Telemetry service data is anonymized, it is not a perfect system and can still pose a security threat if in the wrong hands. Therefore sending the data through an existing third party authenticated proxy can be perceived as additional unnecessary risk.

Allowing the service to use authenticated proxies can help ensure that telemetry data is successfully transmitted, which is useful for keeping systems updated and secure. However, organizations must balance this with privacy considerations, ensuring that only necessary data is shared and that it complies with privacy policies and regulations.

Audit

Navigate to the UI Path articulated in the Remediation section and confirm it is set as
prescribed. This group policy setting is backed by the following registry location:

HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsDataCollection:Disable
EnterpriseAuthProxy


Disable connected user experiences and telemetry service

To establish the recommended configuration via Group Policy, set the following UI path to Enabled: Disable Authenticated Proxy usage:

Computer ConfigurationPoliciesAdministrative TemplatesWindows ComponentsData Collection and Preview BuildsConfigure Authenticated Proxy usage for the Connected User Experience and Telemetry service

Note: This Group Policy path may not exist by default. It is provided by the Group Policy template DataCollection.admx/adml that is included with the Microsoft Windows 10 Release 1703 Administrative Templates (or newer).

Default value

Disabled. (The Connected User Experience and Telemetry service will automatically use an authenticated proxy to send data back to Microsoft.)

Recommended setting for Configure Authenticated Proxy usage for the Connected User Experience and Telemetry service

The recommended state for this setting is: Enabled: Disable Authenticated Proxy usage.

 

Best practices

It is always best to evaluate the necessity of each setting on an individual basis for the needs of the company and ensure they align with your organization’s privacy policies and regulatory requirements.

By using server hardening it is possible to configure security settings specifically in line with the needs of the company, balancing security and privacy considerations.

Ben Balkin
Ben Balkin is a professional writer and blogger specializing in technology and innovation. As a contributor to the Calcom blog, Ben shares practical insights, useful tips, and engaging articles designed to simplify complex processes and make advanced technological solutions accessible to everyone. His writing style is clear, insightful, and inspiring, reflecting his strong belief in technology's power to enhance quality of life and empower businesses.

Related Articles

Kevin Mitnick has died: The Maverick of Cybersecurity

Kevin Mitnick has died: The Maverick of Cybersecurity

July 20, 2023

In the realm of cybersecurity, few names evoke as much awe and curiosity as Kevin…

Disable LLMNR Protocol for Network Security

Disable LLMNR Protocol for Network Security

July 28, 2024

What is LLMNR LLMNR (Link-Local Multicast Name Resolution) is a protocol used by legacy operating…

Windows Password Guidelines: Updated Best Practices for 2024

Windows Password Guidelines: Updated Best Practices for 2024

January 25, 2024

Setting and enforcing a policy for strong passwords should be a top priority for organizations in…

Ready to simplify compliance?

See automated compliance in action—book your demo today!

Share this article