
close
close
Microsoft lifted the curtain a bit today on how Microsoft OneDrive for Business and SharePoint Online handle data encryption. A post by ’SharePoint Team’ on the official Microsoft Office blog detailed how OneDrive for Business data is encrypted at rest and in flight.
‘…when your data is in transit, it is encrypted as data moves between you and the datacenter and between the server and the datacenter, which uses 2048 bit keys. However, the encryption technology applies not only when the data is moving between servers or datacenters, but also when the data is at rest.”
advertisment
Microsoft OneDrive for Business offers data encryption for data at rest and data in flight. Regular OneDrive users will have to wait for data at rest support at some point in the future. (Image: Dreamstime)
The Microsoft post revealed that BitLocker is used for data security at the disk level, but at the file layer each file is given a key that is Federal Information Processing Standard (FIPS) 140-2 compliant and uses 256-bit keys via the Advanced Encryption Standard (AES-256).
Microsoft has produced a video that goes into additional detail about what security methods it uses for data-at-rest for SharePoint Online and OneDrive for Business, and I’ve embedded that video below.
One thing that isn’t immediately clear when reading through the aforementioned blog post is whether those encryption features are included with the standard (consumer) version of OneDrive. A Microsoft blog post in July 2014 by Matt Thomlinson, the VP of trustworthy computing security, did state that OneDrive supported Perfect Forward Secrecy (PFS) encryption.
advertisment
“OneDrive customers now automatically get forward secrecy when accessing OneDrive through onedrive.live.com, our mobile OneDrive application and our sync clients,” Tomlinson wrote. “As with Outlook.com’s email transfer, this makes it more difficult for attackers to decrypt connections between their systems and OneDrive.”
I reached out to some Microsoft PR representatives earlier today to find out if OneDrive had the same level of data at rest encryption, and a spokesperson told me “We have rolled out encryption at rest for OneDrive for Business and are working on it for OneDrive.” So expect to see data-at-rest encryption support for normal OneDrive in the near future. When that happens I’ll update this post to reflect the latest official information.
So are you currently using Microsoft OneDrive for Business? I’d love to hear what you think about Microsoft’s OneDrive security efforts, so please add a comment to this blog post, or contact me on Twitter or Google+. You can also catch up on my posts in the Petri IT Knowledgebase forums.
More from Jeff James
advertisment
Petri Newsletters
Whether it’s Security or Cloud Computing, we have the know-how for you. Sign up for our newsletters here.
advertisment
More in Security
CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers
May 17, 2022 | Rabia Noureen
Microsoft's New Security Experts Service Protects Businesses Against Ransomware Attacks
May 9, 2022 | Rabia Noureen
Microsoft, Google, and Apple to Expand Passwordless Login Across All Major Platforms
May 5, 2022 | Rabia Noureen
Most popular on petri
Log in to save content to your profile.
Article saved!
Access saved content from your profile page. View Saved
Join The Conversation
Create a free account today to participate in forum conversations, comment on posts and more.
Copyright ©2019 BWW Media Group