Microsoft updates encryption for outlook.com and OneDrive

Earlier this month, Microsoft announced they were increasing the encryption used for their email and cloud storage services online. Microsoft’s vice president for Trustworthy Computing said in a recent blog post that Outlook.com will use Transport Layer Security (TLS) encryption for email coming in and going out. Based on the Secure Sockets Layer (SSL) standard, TLS is an encryption protocol for the internet that uses digital certificates for authentication and data communications that are secure.

This is good news for anyone who uses either of the Microsoft services online. The internet is constantly changing, with new threats popping up all the time. It’s up to Microsoft and other large companies to make sure they’re doing everything possible to keep users’ data safe from attacks. On July 1, Matt Thomlinson, Vice President of Trustworthy Computing Security at Microsoft wrote in his official blog:

Over the past six months, we have been working across the industry to further protect and help ensure your mail remains protected. This includes working closely with several international providers throughout our implementation, including, Deutsche Telekom, Yandex and Mail.Ru to test and help ensure that mail stays encrypted in transit to and from each email service. …

This encryption work builds on the existing protections already in many of our products and services, like Microsoft Azure, Skype and Office 365, and some improvements we have made over the last six months. A few examples include enhanced message encryption in Office 365 as well as Azure’s addition of ExpressRoute

OneCloud Security Updates

Additionally, the OneDrive cloud storage service from Microsoft has started using “perfect forward secrecy.” This is a system that uses one-time encryption keys for each and every connection to the cloud. Doing this makes it more difficult for nefarious hackers to get to old data because even if they steal the current key, it won’t be valid for the older data.

“In addition to the availability of TLS, Outlook.com has also enabled Perfect Forward Secrecy (PFS) encryption support for sending and receiving mail between email providers. Forward secrecy uses a different encryption key for every connection, making it more difficult for attackers to decrypt connections,” Thomlinson wrote.

Making it more difficult for attackers to decrypt connections from increasingly popular cloud storage services and email will help secure the web. However, more work needs to be done. Keeping the internet safe for average citizens is an ongoing task and one that’s crucial in today’s connected world.