Search the Petri IT Knowledgebase

The Unofficial M365 Changelog

Sponsors

Podcasts

Learning Center
search icon

close

Icon for Latest Whitepaper

Latest Whitepaper

Choosing an MFA Solution for Your Active Directory Environment? Ask These 15 Questions.
Icon for On-Demand Webinar

On-Demand Webinar

Combating Cyberattacks in 2022: Prepare to Defend Your Active Directory
Icon for Live Webinar Coming Soon

Live Webinar Coming Soon

Deep Dive: How to Migrate Native GPOs to Microsoft Intune
Icon for Upcoming Conference

Upcoming Conference

GET-IT Microsoft Cloud Security and Compliance 1-Day Virtual Conference

Home

Security

Microsoft Outlines OneDrive for Business Data at Rest Encryption, OneDrive Support Coming Soon

Jeff James

 |

Jan 30, 2015

Microsoft lifted the curtain a bit today on how Microsoft OneDrive for Business and SharePoint Online handle data encryption. A post by ’SharePoint Team’ on the official Microsoft Office blog detailed how OneDrive for Business data is encrypted at rest and in flight.

‘…when your data is in transit, it is encrypted as data moves between you and the datacenter and between the server and the datacenter, which uses 2048 bit keys. However, the encryption technology applies not only when the data is moving between servers or datacenters, but also when the data is at rest.”

advertisment

OneDrive for Business Data at Rest Encryption

Microsoft OneDrive for Business offers data encryption for data at rest and data in flight. Regular OneDrive users will have to wait for data at rest support at some point in the future. (Image: Dreamstime)

OneDrive for Business Disk Encryption and File Encryption

The Microsoft post revealed that BitLocker is used for data security at the disk level, but at the file layer each file is given a key that is Federal Information Processing Standard (FIPS) 140-2 compliant and uses 256-bit keys via the Advanced Encryption Standard (AES-256).

Microsoft has produced a video that goes into additional detail about what security methods it uses for data-at-rest for SharePoint Online and OneDrive for Business, and I’ve embedded that video below.

What about data encryption for OneDrive?

One thing that isn’t immediately clear when reading through the aforementioned blog post is whether those encryption features are included with the standard (consumer) version of OneDrive. A Microsoft blog post in July 2014 by Matt Thomlinson, the VP of trustworthy computing security, did state that OneDrive supported Perfect Forward Secrecy (PFS) encryption.

advertisment

“OneDrive customers now automatically get forward secrecy when accessing OneDrive through onedrive.live.com, our mobile OneDrive application and our sync clients,” Tomlinson wrote. “As with Outlook.com’s email transfer, this makes it more difficult for attackers to decrypt connections between their systems and OneDrive.”

I reached out to some Microsoft PR representatives earlier today to find out if OneDrive had the same level of data at rest encryption, and a spokesperson told me “We have rolled out encryption at rest for OneDrive for Business and are working on it for OneDrive.” So expect to see data-at-rest encryption support for normal OneDrive in the near future. When that happens I’ll update this post to reflect the latest official information.

So are you currently using Microsoft OneDrive for Business? I’d love to hear what you think about Microsoft’s OneDrive security efforts, so please add a comment to this blog post, or contact me on Twitter or Google+. You can also catch up on my posts in the Petri IT Knowledgebase forums.

More from Jeff James

Sponsored: Why Choose Between the Public or Private Cloud? Choose HPE Flexible Capacity to Get the Best of Both Worlds

Considering an All-Flash Storage Solution? Hewlett Packard Enterprise Technology Services Storage Consulting Can Help

Learning from Experience: Insights from the Front Lines of IT Transformation

advertisment

Petri Newsletters

Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.

advertisment

More in Security

Windows Server 3 Hero Approved

CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers

May 17, 2022 | Rabia Noureen

Security

F5 Confirms New Remote Code Execution Flaw in BIG-IP Systems

May 9, 2022 | Rabia Noureen

Security

Microsoft's New Security Experts Service Protects Businesses Against Ransomware Attacks

May 9, 2022 | Rabia Noureen

Security

Microsoft, Google, and Apple to Expand Passwordless Login Across All Major Platforms

May 5, 2022 | Rabia Noureen

DevOps code

GitHub to Require All Code Contributors to Enable 2FA by Late 2023

May 5, 2022 | Rabia Noureen

Security Authenticator

Microsoft Authenticator Now Lets Users Generate Strong Passwords

May 5, 2022 | Rabia Noureen

Most popular on petri

Log in to save content to your profile.

Login

Sign Up

Username/Email

Password

Forgot Password?

Login

Article saved!

Access saved content from your profile page. View Saved

Reach out

Contact Us

Advertising

About Us

Media Kit

Learn More

Podcasts

Learning Center

Webinars

Sitemap

Windows

Cloud

Office 365

Servers

Join The Conversation

Create a free account today to participate in forum conversations, comment on posts and more.

Copyright ©2019 BWW Media Group

Terms and Conditions of Use

 |

Privacy Policy