Matt Thomlinson, Vice President of Trustworthy Computing Security at Microsoft, updated the Technet blog with news that Microsoft is beefing up security in regards to Outlook.com and OneDrive. This move is part of a broader effort to protect user data from the NSA and other unwanted snoops secretly trying to get a peek at user data.
"We are in the midst of a comprehensive engineering effort to strengthen encryption across our networks and services. Our goal is to provide even greater protection for data across all the great Microsoft services you use and depend on every day," Thomlinson writes. "This effort also helps us reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data."
He first mentions Outlook.com, which is now protected by Transport Layer Security, or TLS. This will be applied to both inbound and outbound email, meaning that when an Outlook.com user sends an email, it's encrypted as it travels to the recipient. The drawback is that in order to receive encrypted email, the recipient's service must support TLS as well.
Thomlinson says that Microsoft is working with major email providers to make sure that TLS is up and running across the industry, and that email stays encrypted to and from each email service. Several examples of this movement include Deutsche Telekom, Yandex and Mail.Ru.
"This encryption work builds on the existing protections already in many of our products and services, like Microsoft Azure, Skype and Office 365, and some improvements we have made over the last six months," he writes. "A few examples include enhanced message encryption in Office 365 as well as Azure's addition of ExpressRoute, a service that enables businesses to create private connections between Azure datacenters and infrastructure on their premises or in a colocation environment."
Outlook.com has also enabled Perfect Forward Secrecy (PFS) encryption support. This method uses a different encryption key for every connection, Thomlinson writes, making it harder for hackers to decrypt the connections. OneDrive uses PFS as well, allowing customers to automatically receive forward secrecy when accessing the online storage locker through the web address, sync clients and mobile apps.
Finally, Microsoft has launched its very first Transparency Center on the Redmond, Washington campus. Participating governments can now review Microsoft's source code for key products to make sure the software has no evil secrets, and doesn't provide "back doors" for hackers and snooping government officials.
"The Redmond location is the first in a number of regional transparency centers that we plan to open. We continue to make progress on the Transparency Center in Brussels that I announced in January, with other locations soon to be announced," he writes.