Microsoft beefs up OneDrive, Outlook.com security; sets up first Transparency Center

In a bid to protect its customers from prying state intelligence agencies and cybercriminals, Microsoft is pushing forward with its promise with a new privacy initiative. “In December, we announced our commitment to further increase the security of our customers’ data. We also announced our plans to reinforce legal protections for our customers’ data, and continue to increase transparency in how we engage with governments around the world. We are making positive progress on all of these fronts,” Microsoft said in a blogpost.

The software giant announced that it is enhancing encryption for its e-mail service Outlook.com and cloud storage service OneDrive. In addition, Microsoft also opened its first Transparency Center in Redmond.
[caption id=“attachment_76132” align=“alignleft” width=“380”]  Representational image: Reuters[/caption]
As part of the new initiative, Outlook.com is now further protected by Transport Layer Security, or TLS, encryption for both outbound and inbound email. This means that when you send an email to someone, your email is encrypted and thus better protected as it travels between Microsoft and other email providers. “Of course, this requires their email service provider to also have TLS support.”

“This encryption work builds on the existing protections already in many of our products and services, like Microsoft Azure, Skype and Office 365, and some improvements we have made over the last six months,” Matt Thomlinson, vice president, Trustworthy Computing Security, Microsoft, wrote.

In addition to the availability of TLS, Outlook.com has also enabled Perfect Forward Secrecy (PFS) encryption support for sending and receiving mail between email providers. Forward secrecy uses a different encryption key for every connection, “making it more difficult for attackers to decrypt connections.”

In addition, OneDrive will now come with PFS encryption-enabled support. Customers now automatically get forward secrecy when accessing OneDrive through onedrive.live.com, the mobile OneDrive application and the company’s sync clients. “As with Outlook.com’s email transfer, this makes it more difficult for attackers to decrypt connections between their systems and OneDrive,” Thomlinson added.

Most importantly, the company has set up first Microsoft Transparency Center that will provide participating governments with the ability to review source code for Microsoft’s key products, assure themselves of their software integrity, and confirm there are no “back doors.”

“The Redmond location is the first in a number of regional transparency centres that we plan to open. We continue to make progress on the Transparency Center in Brussels that I announced in January, with other locations soon to be announced,” he noted.