Friday, May 17, 2013
Office 365 email data at rest now encrypted
A while back I wrote a blog post about how I’d found that Office 365 data at rest was not encrypted. However, according to this newly released document:
Security in Office 365 White paper - http://www.microsoft.com/en-au/download/details.aspx?id=26552
Customer data in Office 365 exists in two states: at rest on storage media and in transit from datacenter over a network to a customer device. All email content is encrypted on disk using BitLocker 256-bit AES Encryption. Protection covers all disks on mailbox servers and includes mailbox database files, mailbox transaction log files, search content index files, transport database files, transport transaction log files, and page file OS system disk tracing/message tracking logs.
So it now appears that Microsoft has implemented an additional level of security on client’s data, which is great news! Now if they could only do the same for SharePoint, but I am sure it is coming soon.