What encryption is used for files in SharePoint (at rest and in transit)?

Question

Hi there

What encryption is used for files in SharePoint (at rest and in transit)?

Thanks.

Answer 1

1.Encryption of data in transit

In OneDrive for Business and SharePoint Online, there are two scenarios in which data enters and exits the datacenters.

• Client communication with the server Communication to OneDrive for Business across the Internet uses SSL/TLS connections. All SSL connections are established using 2048-bit keys.
• Data movement between datacenters The primary reason to move data between datacenters is for geo-replication to enable disaster recovery. For instance, SQL Server transaction logs and blob storage deltas travel along this pipe. While this data is already transmitted by using a private network, it is further protected with best-in-class encryption.

2.Encryption of data at rest

Encryption at rest includes two components: BitLocker disk-level encryption and per-file encryption of customer content.

Here is an article for details: https://learn.microsoft.com/en-us/microsoft-365/compliance/data-encryption-in-odb-and-spo?view=o365-worldwide#encryption-of-data-at-rest

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 2

In SharePoint, files are encrypted both at rest and in transit.

For files at rest, SharePoint uses Azure Storage Service Encryption (SSE) which uses 256-bit AES encryption. This encryption is applied automatically to all files stored in SharePoint Online.

For files in transit, SharePoint uses HTTPS (TLS 1.2) encryption. This ensures that the data sent between the client and server is secure and cannot be intercepted by any unauthorized parties.