updated 04:11 pm EDT, Tue July 1, 2014
Outlook, OneDrive traffic gains encryption to increase security
Microsoft has announced three new ways the company will improve the security of customer data in the wake of the NSA surveillance revelations. New encryption has been added to Outlook.com, with OneDrive also receiving a similar encryption-based security boost, and the company is also introducing its first "Microsoft Transparency Center" on its Redmond campus, in order to help governments understand and trust the security of the company's software.
Transport Layer Security (TLS) has been added to both inbound and outbound email on Outlook.com, with mail being encrypted as it travels between email providers. To bolster security more, Perfect Forward Security (PFS), a system that uses a different encryption key for every connection made, has been added to all email messages. OneDrive, the company's cloud storage service, also includes PFS encryption support. This applies not only to the website, but also for access via its mobile app, and for sync clients.
Microsoft hinted at these plans in December, with the ultimate aim of preventing government agencies from being able to collect messages stored in emails as they are transmitted between servers. The sentiment has been echoed by Google recently, with the company releasing a transparency report specifically aimed at email encryption.
The new Transparency Center will provide "participating governments with the ability to review source code for our key products," in order to assure them of the software's integrity, and that there are no "back doors" available to use for surveillance. Another Transparency Center is being planned for Brussels to cover the European market, with other regional locations also on the way.