Microsoft has announced a wave of security upgrades designed to help protect its customers from government surveillance campaigns, such as PRISM.
Vice president of Microsoft’s Trustworthy Computing (TwC) Security, Matt Thomlinson, announced the upgrades in a blog post, promising the firm will begin encrypting its OneDrive and Outlook services.
“Outlook.com is now further protected by Transport Layer Security (TLS) encryption for both outbound and inbound email. This means that when you send an email to someone, your email is encrypted and thus better protected as it travels between Microsoft and other email providers,” he said.
“Second, OneDrive has now enabled PFS [Perfect Forward Secrecy] encryption support as well. OneDrive customers now automatically get forward secrecy when accessing OneDrive through onedrive.live.com, our mobile OneDrive application and our sync clients. This makes it more difficult for attackers to decrypt connections between their systems and OneDrive.”
Thomlinson said the upgrades will offer customers assurance that their data is protected and will not be monitored.
“We are in the midst of a comprehensive engineering effort to strengthen encryption across our networks and services. Our goal is to provide even greater protection for data across all the great Microsoft services you use and depend on every day,” read the post.
“This effort also helps us reinforce that governments use appropriate legal processes, not technical brute force, if they want access to that data.”
Concerns over intelligence agencies’ digital surveillance activities spiked in 2013 when whistleblower Edward Snowden leaked documents to the press proving that the US National Security Agency (NSA) was siphoning vast amounts of customer data from companies including Microsoft, Google, Facebook and Yahoo.
Thomlinson revealed that the firm will also open a series of Transparency Centers that will let non-US governments independently check the security of Microsoft products as an added layer of assurance to its customers.
“Our Transparency Centers provide participating governments with the ability to review source code for our key products, assure themselves of their software integrity, and confirm there are no ‘back doors’,” read the post.
“The Redmond location is the first in a number of regional Transparency Centers that we plan to open. We continue to make progress on the Transparency Center in Brussels that I announced in January, with other locations soon to be announced.”
Microsoft is one of many companies to bolster its services’ encryption since PRISM. Google began encrypting its Gmail and Search services in a bid to calm customers’ fears in March.