Microsoft Announces Encryption in Outlook.com, OneDrive

Microsoft added encryption to emailing service Outlook.com and to its cloud storage service, OneDrive, to enhance security of its customers, the company announced in a blog post.

“We are in the midst of a comprehensive engineering effort to strengthen encryption across our networks and services. Our goal is to provide even greater protection for data across all the great Microsoft services,” said Matt Thomlinson, vice president at Trustworthy Computing Security, Microsoft.

Outlook now uses Transport Layer Security (TLS) encryption for both incoming and outgoing mails, which means communications are encrypted in transit to and from other email providers, as long as they support the TLS protocol.

Outlook has also enabled Perfect Forward Secrecy (PFS), a property that employs a single-use key, derived from another long-term secret key, to secure a section of the data. This way, the damage resulted from compromise of the session key is minimal. “Forward secrecy” is also included in OneDrive to make decryption and access to someone`s cloud harder.

The company revealed the opening of a Microsoft Transparency Center in Washington. “Our Transparency Centers provide participating governments with the ability to review source code for our key products, assure themselves of their software integrity, and confirm there are no `back doors`,” Thomlinson added.

Microsoft`s efforts are part of an ongoing plan to improve encryption across its consumer and enterprise cloud services, including Outlook.com, its Azure platform, Office 365 and other products.