HOME     MENU     SEARCH     NEWSLETTER    
CUSTOMER RELATIONSHIP MANAGEMENT NEWS. UPDATED 13 MINUTES AGO.
You are here: Home / Computing / Outlook, OneDrive Crypto Upgraded
Build Apps 5x Faster
For Half the Cost Enterprise Cloud Computing
On Force.com
Microsoft Upgrades Encryption for Outlook.com, OneDrive
Microsoft Upgrades Encryption for Outlook.com, OneDrive
By Jennifer LeClaire / CRM Daily Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
JULY
01
2014



Microsoft just beefed up security encryption for its Outlook.com Web mail and OneDrive cloud storage properties. The move appears to be a response to Google calling out Redmond, among other cloud computing providers, in June for not doing enough to protect the privacy of users.

Microsoft first announced plans to bolster security of customer data and reinforce legal protections in December. The company also pledged to increase the transparency in how it engages with international governments around the world. With that said, Matt Thomlinson, vice president of Trustworthy Computing Security at Microsoft, announced three milestones toward those commitments.

"First, Outlook.com is now further protected by Transport Layer Security, or TLS, encryption for both outbound and inbound e-mail," Thomlinson said. "This means that when you send an e-mail to someone, your e-mail is encrypted and thus better protected as it travels between Microsoft and other e-mail providers. Of course, this requires their e-mail service provider to also have TLS support."

Closing Back Doors

Over the past six months, Thomlinson said, Microsoft has been working with international providers, including Deutsche Telekom, Yandex and Mail.Ru to test that e-mail stays encrypted as it goes to and from various e-mail services.

"In addition to the availability of TLS, Outlook.com has also enabled Perfect Forward Secrecy (PFS) encryption support for sending and receiving mail between e-mail providers," Thomlinson said. "Forward secrecy uses a different encryption key for every connection, making it more difficult for attackers to decrypt connections."

OneDrive has also enabled PFS encryption support. That means OneDrive customers get automatic forward secrecy when accessing the cloud storage service through OneDrive.Live.com, the OneDrive application and sync clients.

Finally, Thomlinson shared how the company opened its first Microsoft Transparency Center on its Redmond, Washington, campus. As he describes it, the Transparency Centers will let participating governments review source code for key Microsoft products, assure themselves of their software integrity, and confirm there are no "back doors."

"As with most things relating to security, the landscape is ever-changing," Thomlinson said. "Our work is ongoing and we are continuing to advance on engineering and policy commitments with the goal of increasing protection for your data and increasing transparency in our processes."

A Good Move

We caught up with Wes Miller, an analyst at Directions on Microsoft, to get his thoughts on the beefed-up security. He told us Microsoft had this in the works for a while, though the company probably accelerated the new protection levels after Google called it out. The question is, does it matter as much as Google said it did?

"I think with consumers it matters to a degree. With businesses it matters more but the business subscriptions actually had pretty strong encryption for some time," Miller said.

"Anything that U.S. hosting providers can do to ease concerns for consumers or businesses that they are the only ones who have access to their documents is a good thing."

Tell Us What You Think
Comment:

Name:

Tom shrader:
Posted: 2014-07-07 @ 6:51pm PT
Cannot access my account since upgrade three days ago.

AnnoyedOneDriveUser:
Posted: 2014-07-02 @ 3:03pm PT
Too bad that they appear to have denied half of their users' access to OneDrive. Many experiencing a "Sorry, something went wrong" message when trying to sign into it now.

Perhaps MS should have tested their new upgrade before going live with it.

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
ISACA® offers a global community of more than 115,000 IS/IT constituents in over 180 countries. We develop and deliver industry-leading certifications, education, research and business frameworks. We equip individuals to be leaders in the fast-changing world of information systems and IT - Learn More>
MORE IN COMPUTING
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
Sony is no stranger to breaches. Sony’s PlayStation Network was hacked in 2011 and attackers obtained 77 million user accounts. The latest attack comes against Sony Pictures Entertainment.

MOBILE TECHNOLOGY SPOTLIGHT
In its bid for the wearables market, Sony is reportedly developing a watch made out of electronic paper for release as soon as next year. The e-paper watch will emphasize style over tech innovations.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.