First up, Outlook.com is now cloaked in Transport Layer Security (TLS), cryptographic protocols used to safeguard data traveling between users – this works for both outbound and inbound messages. Matt Thomlinson, Vice President, Trustworthy Computing Security, at Microsoft says:
“Over the past six months, we have been working across the industry to further protect and help ensure your mail remains protected. This includes working closely with several international providers throughout our implementation, including, Deutsche Telekom, Yandex and Mail.Ru to test and help ensure that mail stays encrypted in transit to and from each email service.”
Additionally, Outlook.com also now supports Perfect Forward Secrecy (PFS) encryption specifically for mail transiting between different email providers. A different encryption key is used for each connection, thus making it more difficult to intercept.
Also, OneDrive, the cloud-based storage service formerly known as SkyDrive, now supports PFS encryption too, which is enabled automatically when a user accesses the service through onedrive.live.com or its mobile apps.
Microsoft made allusions to these plans back in December, as it revealed it was to expand its encryption to help thwart government snooping, something Thomlinson was keen to reiterate today. “This effort also helps us reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data,” he says.
Finally, the computing giant had previously intimated that it was looking to build a network of “transparency centers” across Europe, the Americas and Asia. The first of these opens today, perhaps unsurprisingly at its Redmond campus in Washington. These centers are designed to give government an outlet for reviewing “source code for our key products, assure themselves of their software integrity, and confirm there are no ‘back doors’.” It’s thought that Brussels in Belgium will be the next location to open.