Microsoft has announced some major security milestones that honors the company’s commitment to security and more transparency. Earlier last year, Microsoft had announced its commitment for enhancing the security of customer’s data. It had announced its plans to reinforce legal protections for its customers’ data and increase transparency in how it will engages with governments around the world. It has made significant progress in these fronts. Microsoft’s goal is to provide greater protection across all the Microsoft services which people use every day. These steps by Microsoft also reinforces that if government want to access data, government uses appropriate legal processes and not technical brute force.
To honor these commitments, Microsoft has announced these 3 significant milestones:
1. More protection for Outlook.com by TLS,encryption for both outbound and inbound email
Outlook.com gets further security with Transport Layer Security or TLS and encryption for outbound and inbound mails. So when you send an email, your email is encrypted as it travels between Microsoft and other email providers provided other email service provider also have TLS support.
Over the past six months, we have been working across the industry to further protect and help ensure your mail remains protected. This includes working closely with several international providers throughout our implementation, including, Deutsche Telekom, Yandex and Mail.Ru to test and help ensure that mail stays encrypted in transit to and from each email service.
This encryption work builds on the existing protections already in many of the products and services, like Microsoft Azure, Skype and Office 365.
This is a significant engineering effort given the large number of services Microsoft offers and the hundreds of millions of customers we serve around the world.
In addition to the availability of TLS, Outlook.com has also enabled Perfect Forward Secrecy (PFS) encryption support for sending and receiving mail between email providers. Forward secrecy uses a different encryption key for every connection, making it more difficult for attackers to decrypt connections.
2. OneDrive now enabled with PFS encryption support
OneDrive too has now enabled PFS encryption support.
OneDrive customers now automatically get forward secrecy when accessing OneDrive through onedrive.live.com, our mobile OneDrive application and our sync clients. As with Outlook.com’s email transfer, this makes it more difficult for attackers to decrypt connections between their systems and OneDrive.
3. Microsoft opens its first Microsoft Transparency Center
Microsoft has opened its first Microsoft Transparency Center in Redmond campus.
Our Transparency Centers provide participating governments with the ability to review the source code for our key products, assure themselves of their software integrity, and confirm there are no “back doors.”
The Redmond center is the first in a number of regional transparency centers that Microsoft has planned to open. Announcing these major milestones in security, Microsoft said the work is ongoing and it continues its commitment of increasing data protection of its users and increasing transparency.
