Microsoft has updated OneDrive and Outlook.com with new encryption methods that are designed to protect users from snooping. The move comes after Google released a chart back in June that highlights cloud computing providers that are better protected, and the ones still behind the curb.
Microsoft first announced its intentions to beef up security of customer data back in December of 2013; unfortunately, it took the company six months to get the job done. However, as things stand, it is better late than never, as hackers are getting increasingly brave in their actions and the NSA existence is still haunting the Internet.
The new security system is based around Transport Layer Security encryption. This means emails sent from Outlook.com to another email provider is encrypted and protected from prying eyes. However, the other email provider must also have support for TLS for this work.
"First, Outlook.com is now further protected by Transport Layer Security, or TLS, encryption for both outbound and inbound email," said Vice President Matt Thomlinson, Trustworthy Computing Security, Microsoft. "This means that when you send an email to someone, your email is encrypted and thus better protected as it travels between Microsoft and other email providers. Of course, this requires their email service provider to also have TLS support."
In addition, OneDrive is also getting a boost in security, but it won't use TLS encryption. Instead, Microsoft is using Perfect Forward Secrecy encryption or PFS for short. This will work across all sync clients, the web and applications that support OneDrive.
Bear in mind that Outlook.com also uses PFS for added security. This is mainly about closing backdoors, which should make it increasingly difficult for hackers to access user data.
Furthermore, Thomlinson touched on Microsoft Transparency Center. This is the first transparency center for the company, and it is designed to allow governments in participation to review the source code of some Microsoft products. This is to allow governments to make sure there are no backdoors for hackers or the NSA to enter.
What Microsoft is doing is a step into the right direction as security is becoming a major concern since the NSA and Heartbleed debacle. Furthermore, giving governments around the world access to source codes via the Transparency Center should put more faith in Microsoft products.
Time will tell if Transparency Center works with the Chinese, or if these new security methods are enough to keep the NSA at bay.