Microsoft is improving the security of its popular consumer cloud services — Outlook.com and OneDrive. Here’s a look at what is being implemented and what it means to you as a user.
Back in December, the company announced that it would expand its use of encryption for its cloud services. In that article, which is interestingly named: Protecting Customer Data from Government Snooping. The company lays out plans for improving privacy and security throughout its cloud services:
· We are expanding encryption across our services.
· We are reinforcing legal protections for our customers’ data.
· We are enhancing the transparency of our software code, making it easier for customers to reassure themselves that our products do not contain back doors.
This week the company is bringing some of those ideas to fruition. On Tuesday, the company announced improved privacy and security for Outlook.com, OneDrive, and its Microsoft transparency Center. If you search Bing from your browser, you’ll see a message “We’ve made a few changes” and that will bring you to a page that gives you an overview of the new privacy, security, and transparency. It also includes some FAQs on what the new features have been added.
New Outlook.com Security
Microsoft rolled out a Transport Layer Security (TLS) on Outlook.com for inbound and outbound email. According Microsoft execs: “This means that when you send an email to someone, your email is encrypted and thus better protected as it travels between Microsoft and other email providers,” Of course that will all depend on if the recipient’s email service includes TLS support.
Here’s a few interesting notes from the TechNet blog post by Matt Thomlinson, Microsoft’s Vice President of Computing Security division:
We are in the midst of a comprehensive engineering effort to strengthen encryption across our networks and services…
This effort also helps us reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data.
Another layer of security is using Perfect Forward Secrecy (PFS). This encryption protocol has support for sending and receiving mail between email providers. It uses a different encryption key for every connection, which will make it more difficult for the bad guys to decrypt your connections.
OneDrive (formerly SkyDrive) Encryption
Like Outlook.com, Microsoft has enabled PFS for OneDrive too. It is enabled for accessing OneDrive via onedrive.live.com, mobile OneDrive apps, and sync clients. This extra layer of encryption will make it more difficult for would be attackers to decrypt connection between your system and OneDrive.
This is great news to hear as it gives you more peace of mind when using Microsoft’s services. On top of the enhanced security, the company also began rolling out even more storage for free accounts and Office 365 – more storage and enhanced security…win, win.
Microsoft Transparency Center
This is another plus to today’s announcement. The company has opened its first Microsoft Transparency Center in Redmond, WA.
I’m pleased to announce that today we opened the first Microsoft Transparency Center, on our Redmond, Wash. campus. Our Transparency Centers provide participating governments with the ability to review source code for our key products, assure themselves of their software integrity, and confirm there are no “back doors.
We’re not exactly sure what this Transparency Center does, and how it cooperates with governments, but we’ll definitely keep our eye open for other details.
I am personally big fan of Microsoft’s cloud services for consumers, and this seems like an enhancement the company (and other big online tech giants) need to announce sooner than later. Not just for PR since the so-call “Snowden revelations” and the negative publicity that hammered Microsoft and others either. The fact is, more users are actually starting to care about their online privacy. They’re questioning the big online services about their privacy and security. I definitely wouldn’t go as far to say “this is wonderful! All my communications are safe now!”
Because, in the end, the government still has the ability to issue subpoena’s and get whatever data it wants. And everything you do is still being archived in giant data centers by the NSA. This is a start though, and I urge everyone to pressure their online service of choice, and request security and privacy features be implemented.
For even more details on Microsoft’s new encryption and security – the fine print if you will – read the Microsoft Services Agreement.
if you want to learn more about Outlook.com and/or OneDrive (formerly SkyDrive) check out our archive of great content on them: