Encryption Risks and Protections
Microsoft follows a control and compliance framework that focuses on risks to the Microsoft 365 service and to customer data. Microsoft implements a large set of technology and process-based methods (referred to as controls) to mitigate these risks. Identification, evaluation, and mitigation of risks via controls is a continuous process.
The implementation of controls within various layers of our cloud services such as facilities, network, servers, applications, users (such as Microsoft administrators) and data form a defense-in-depth strategy. The key to this strategy is that many different controls are implemented at different layers to protect against the same or similar risk scenarios. This multi-layered approach provides fail-safe protection in case a control fails for some reason.
Some risk scenarios and the currently available encryption technologies that mitigate them are listed below. These scenarios are in many cases also mitigated via other controls implemented in Office 365.
| Encryption Technology | Services | Key Management | Risk Scenario | Value |
|---|---|---|---|---|
| BitLocker | Exchange Online, SharePoint Online, and Skype for Business | Microsoft | Disks or servers are stolen or improperly recycled. | BitLocker provides a fail-safe approach to protect against loss of data due to stolen or improperly recycled hardware (server/disk). |
| Service encryption | SharePoint Online, Skype for Business, and OneDrive for Business; Exchange Online | Microsoft | Internal or external hacker tries to access individual files/data as a blob. | The encrypted data cannot be decrypted without access to keys. Helps to mitigate risk of a hacker accessing data. |
| Customer Key | SharePoint Online, OneDrive for Business, Exchange Online, and Skype for Business | Customer | N/A (This feature is designed as a compliance feature; not as a mitigation for any risk.) | Helps customers meet internal regulation and compliance obligations, and the ability to leave the service and revoke Microsoft's access to data |
| TLS between Microsoft 365 and clients | Exchange Online, SharePoint Online, OneDrive for Business, Skype for Business, Teams, and Yammer | Microsoft, Customer | Man-in-the-middle or other attack to tap the data flow between Microsoft 365 and client computers over Internet. | This implementation provides value to both Microsoft and customers and assures data integrity as it flows between Microsoft 365 and the client. |
| TLS between Microsoft datacenters | Exchange Online, SharePoint Online, OneDrive for Business, and Skype for Business | Microsoft | Man-in-the-middle or other attack to tap the customer data flow between Microsoft 365 servers located in different Microsoft datacenters. | This implementation is another method to protect data against attacks between Microsoft datacenters. |
| Azure Rights Management (included in Microsoft 365 or Azure Information Protection) | Exchange Online, SharePoint Online, and OneDrive for Business | Customer | Data falls into the hands of a person who should not have access to the data. | Azure Information Protection uses Azure RMS, which provides value to customers by using encryption, identity, and authorization policies to help secure files and email across multiple devices. Azure RMS provides value to customers where all emails originating from Microsoft 365 that match certain criteria (i.e., all emails to a certain address) can be automatically encrypted before they get sent to another recipient. |
| S/MIME | Exchange Online | Customer | Email falls into the hands of a person who is not the intended recipient. | S/MIME provides value to customers by assuring that email encrypted with S/MIME can only be decrypted by the direct recipient of the email. |
| Office 365 Message Encryption | Exchange Online, SharePoint Online | Customer | Email, including protected attachments, falls in hands of a person either within or outside Microsoft 365 who is not the intended recipient of the email. | OME provides value to customers where all emails originating from Microsoft 365 that match certain criteria (i.e., all emails to a certain address) are automatically encrypted before they get sent to another internal or an external recipient. |
| SMTP TLS with partner organization | Exchange Online | Customer | Email is intercepted via a man-in-the-middle or other attack while in transit from a Microsoft 365 tenant to another partner organization. | This scenario provides value to the customer such that they can send/receive all emails between their Microsoft 365 tenant and their partner's email organization inside an encrypted SMTP channel. |
Tip
If you're not an E5 customer, use the 90-day Microsoft Purview solutions trial to explore how additional Purview capabilities can help your organization manage data security and compliance needs. Start now at the Microsoft Purview compliance portal trials hub. Learn details about signing up and trial terms.
Encryption technologies available in multi-tenant environments
| Encryption Technology | Implemented by | Key Exchange Algorithm and Strength | Key Management* | FIPS 140-2 Validated |
|---|---|---|---|---|
| BitLocker | Exchange Online | AES 256-bit | AES external key is stored in a Secret Safe and in the registry of the Exchange server. The Secret Safe is a secured repository that requires high-level elevation and approvals to access. Access can be requested and approved only by using an internal tool called Lockbox. The AES external key is also stored in the Trusted Platform Module in the server. A 48-digit numerical password is stored in Active Directory and protected by Lockbox. | Yes |
| SharePoint Online | AES 256-bit | AES external key is stored in a Secret Safe. The Secret Safe is a secured repository that requires high-level elevation and approvals to access. Access can be requested and approved only by using an internal tool called Lockbox. The AES external key is also stored in the Trusted Platform Module in the server. A 48-digit numerical password is stored in Active Directory and protected by Lockbox. | Yes | |
| Skype for Business | AES 256-bit | AES external key is stored in a Secret Safe. The Secret Safe is a secured repository that requires high-level elevation and approvals to access. Access can be requested and approved only by using an internal tool called Lockbox. The AES external key is also stored in the Trusted Platform Module in the server. A 48-digit numerical password is stored in Active Directory and protected by Lockbox. | Yes | |
| Service Encryption | SharePoint Online | AES 256-bit | The keys used to encrypt the blobs are stored in the SharePoint Online Content Database. The SharePoint Online Content Database is protected by database access controls and encryption at rest. Encryption is performed using TDE in Azure SQL Database. These secrets are at the service level for SharePoint Online, not at the tenant level. These secrets (sometimes referred to as the master keys) are stored in a separate secure repository called the Key Store. TDE provides security at rest for both the active database and the database backups and transaction logs. When customers provide the optional key, the customer key is stored in Azure Key Vault, and the service uses the key to encrypt a tenant key, which is used to encrypt a site key, which is then used to encrypt the file level keys. Essentially, a new key hierarchy is introduced when the customer provides a key. | Yes |
| Skype for Business | AES 256-bit | Each piece of data is encrypted using a different randomly generated 256-bit key. The encryption key is stored in a corresponding metadata XML file, which is also encrypted by a per-conference master key. The master key is also randomly generated once per conference. | Yes | |
| Exchange Online | AES 256-bit | Each mailbox is encrypted using a data encryption policy that uses encryption keys controlled by Microsoft or by the customer (when Customer Key is used). | Yes | |
| TLS between Microsoft 365 and clients/partners | Exchange Online | Opportunistic TLS supporting multiple cipher suites | The TLS certificate for Exchange Online (outlook.office.com) is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. The TLS root certificate for Exchange Online is a 2048-bit SHA1RSA certificate issued by Baltimore CyberTrust Root. |
Yes, when TLS 1.2 with 256-bit cipher strength is used |
| SharePoint Online | TLS 1.2 with AES 256 Data Encryption in OneDrive for Business and SharePoint Online |
The TLS certificate for SharePoint Online (*.sharepoint.com) is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. The TLS root certificate for SharePoint Online is a 2048-bit SHA1RSA certificate issued by Baltimore CyberTrust Root. |
Yes | |
| Skype for Business | TLS for SIP communications and PSOM data sharing sessions | The TLS certificate for Skype for Business (*.lync.com) is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. The TLS root certificate for Skype for Business is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. |
Yes | |
| Microsoft Teams | TLS 1.2 with AES 256 Frequently asked questions about Microsoft Teams – Admin Help |
The TLS certificate for Microsoft Teams (teams.microsoft.com, edge.skype.com) is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. The TLS root certificate for Microsoft Teams is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. |
Yes | |
| TLS between Microsoft datacenters | All Microsoft 365 services | TLS 1.2 with AES 256 Secure Real-time Transport Protocol (SRTP) |
Microsoft uses an internally managed and deployed certification authority for server-to-server communications between Microsoft datacenters. | Yes |
| Azure Rights Management (included in Microsoft 365 or Azure Information Protection) | Exchange Online | Supports Cryptographic Mode 2, an updated and enhanced RMS cryptographic implementation. It supports RSA 2048 for signature and encryption, and SHA-256 for hash in the signature. | Managed by Microsoft. | Yes |
| SharePoint Online | Supports Cryptographic Mode 2, an updated and enhanced RMS cryptographic implementation. It supports RSA 2048 for signature and encryption, and SHA-256 for signature. | Managed by Microsoft, which is the default setting; or Customer-managed, which is an alternative to Microsoft-managed keys. Organizations that have an IT-managed Azure subscription can use BYOK and log its usage at no extra charge. For more information, see Implementing bring your own key. In this configuration, nCipher HSMs are used to protect your keys. For more information, see nCipher HSMs and Azure RMS. |
Yes | |
| S/MIME | Exchange Online | Cryptographic Message Syntax Standard 1.5 (PKCS #7) | Depends on the customer-managed public key infrastructure deployed. Key management is performed by the customer, and Microsoft never has access to the private keys used for signing and decryption. | Yes, when configured to encrypt outgoing messages with 3DES or AES256 |
| Office 365 Message Encryption | Exchange Online | Same as Azure RMS (Cryptographic Mode 2 - RSA 2048 for signature and encryption, and SHA-256 for signature) | Uses Azure Information Protection as its encryption infrastructure. The encryption method used depends on where you obtain the RMS keys used to encrypt and decrypt messages. | Yes |
| SMTP TLS with partner organization | Exchange Online | TLS 1.2 with AES 256 | The TLS certificate for Exchange Online (outlook.office.com) is a 2048-bit SHA-256 with RSA Encryption certificate issued by DigiCert Cloud Services CA-1. The TLS root certificate for Exchange Online is a 2048-bit SHA-1 with RSA Encryption certificate issued by GlobalSign Root CA – R1. Be aware that, for security reasons, our certificates do change from time to time. |
Yes, when TLS 1.2 with 256-bit cipher strength is used |
*TLS certificates referenced in this table are for US datacenters; non-US datacenters also use 2048-bit SHA256RSA certificates.
Encryption technologies available in Government cloud community environments
| Encryption Technology | Implemented by | Key Exchange Algorithm and Strength | Key Management* | FIPS 140-2 Validated |
|---|---|---|---|---|
| BitLocker | Exchange Online | AES 256-bit | AES external key is stored in a Secret Safe and in the registry of the Exchange server. The Secret Safe is a secured repository that requires high-level elevation and approvals to access. Access can be requested and approved only by using an internal tool called Lockbox. The AES external key is also stored in the Trusted Platform Module in the server. A 48-digit numerical password is stored in Active Directory and protected by Lockbox. | Yes |
| SharePoint Online | AES 256-bit | AES external key is stored in a Secret Safe. The Secret Safe is a secured repository that requires high-level elevation and approvals to access. Access can be requested and approved only by using an internal tool called Lockbox. The AES external key is also stored in the Trusted Platform Module in the server. A 48-digit numerical password is stored in Active Directory and protected by Lockbox. | Yes | |
| Skype for Business | AES 256-bit | AES external key is stored in a Secret Safe. The Secret Safe is a secured repository that requires high-level elevation and approvals to access. Access can be requested and approved only by using an internal tool called Lockbox. The AES external key is also stored in the Trusted Platform Module in the server. A 48-digit numerical password is stored in Active Directory and protected by Lockbox. | Yes | |
| Service Encryption | SharePoint Online | AES 256-bit | The keys used to encrypt the blobs are stored in the SharePoint Online Content Database. The SharePoint Online Content Databases is protected by database access controls and encryption at rest. Encryption is performed using TDE in Azure SQL Database. These secrets are at the service level for SharePoint Online, not at the tenant level. These secrets (sometimes referred to as the master keys) are stored in a separate secure repository called the Key Store. TDE provides security at rest for both the active database and the database backups and transaction logs. When customers provide the optional key, the Customer Key is stored in Azure Key Vault, and the service uses the key to encrypt a tenant key, which is used to encrypt a site key, which is then used to encrypt the file level keys. Essentially, a new key hierarchy is introduced when the customer provides a key. | Yes |
| Skype for Business | AES 256-bit | Each piece of data is encrypted using a different randomly generated 256-bit key. The encryption key is stored in a corresponding metadata XML file, which is also encrypted by a per-conference master key. The master key is also randomly generated once per conference. | Yes | |
| Exchange Online | AES 256-bit | Each mailbox is encrypted using a data encryption policy that uses encryption keys controlled by Microsoft or by the customer (when Customer Key is used). | Yes | |
| TLS between Microsoft 365 and clients/partners | Exchange Online | Opportunistic TLS supporting multiple cipher suites | The TLS certificate for Exchange Online (outlook.office.com) is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. The TLS root certificate for Exchange Online is a 2048-bit SHA1RSA certificate issued by Baltimore CyberTrust Root. |
Yes, when TLS 1.2 with 256-bit cipher strength is used |
| SharePoint Online | TLS 1.2 with AES 256 | The TLS certificate for SharePoint Online (*.sharepoint.com) is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. The TLS root certificate for SharePoint Online is a 2048-bit SHA1RSA certificate issued by Baltimore CyberTrust Root. |
Yes | |
| Skype for Business | TLS for SIP communications and PSOM data sharing sessions | The TLS certificate for Skype for Business (*.lync.com) is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. The TLS root certificate for Skype for Business is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. |
Yes | |
| Microsoft Teams | Frequently asked questions about Microsoft Teams – Admin Help | The TLS certificate for Microsoft Teams (teams.microsoft.com; edge.skype.com) is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. The TLS root certificate for Microsoft Teams is a 2048-bit SHA256RSA certificate issued by Baltimore CyberTrust Root. |
Yes | |
| TLS between Microsoft datacenters | Exchange Online, SharePoint Online, Skype for Business | TLS 1.2 with AES 256 | Microsoft uses an internally managed and deployed certification authority for server-to-server communications between Microsoft datacenters. | Yes |
| Secure Real-time Transport Protocol (SRTP) | ||||
| Azure Rights Management Service | Exchange Online | Supports Cryptographic Mode 2, an updated and enhanced RMS cryptographic implementation. It supports RSA 2048 for signature and encryption, and SHA-256 for hash in the signature. | Managed by Microsoft. | Yes |
| SharePoint Online | Supports Cryptographic Mode 2, an updated and enhanced RMS cryptographic implementation. It supports RSA 2048 for signature and encryption, and SHA-256 for hash in the signature. | Managed by Microsoft, which is the default setting; or Customer-managed (also known as BYOK), which is an alternative to Microsoft-managed keys. Organizations that have an IT-managed Azure subscription can use BYOK and log its usage at no extra charge. For more information, see Implementing bring your own key. In the BYOK scenario, nCipher HSMs are used to protect your keys. For more information, see nCipher HSMs and Azure RMS. |
Yes | |
| S/MIME | Exchange Online | Cryptographic Message Syntax Standard 1.5 (PKCS #7) | Depends on the public key infrastructure deployed. | Yes, when configured to encrypt outgoing messages with 3DES or AES-256. |
| Office 365 Message Encryption | Exchange Online | Same as Azure RMS (Cryptographic Mode 2 - RSA 2048 for signature and encryption, and SHA-256 for hash in the signature) | Uses Azure RMS as its encryption infrastructure. The encryption method used depends on where you obtain the RMS keys used to encrypt and decrypt messages. If you use Microsoft Azure RMS to obtain the keys, Cryptographic Mode 2 is used. If you use Active Directory (AD) RMS to obtain the keys, either Cryptographic Mode 1 or Cryptographic Mode 2 is used. The method used depends on your on-premises AD RMS deployment. Cryptographic Mode 1 is the original AD RMS cryptographic implementation. It supports RSA 1024 for signature and encryption and supports SHA-1 for signature. This mode continues to be supported by all current versions of RMS, except for BYOK configurations that use HSMs. |
Yes |
| SMTP TLS with partner organization | Exchange Online | TLS 1.2 with AES 256 | The TLS certificate for Exchange Online (outlook.office.com) is a 2048-bit SHA-256 with RSA Encryption certificate issued by DigiCert Cloud Services CA-1. The TLS root certificate for Exchange Online is a 2048-bit SHA-1 with RSA Encryption certificate issued by GlobalSign Root CA – R1. Be aware that, for security reasons, our certificates do change from time to time. |
Yes, when TLS 1.2 with 256-bit cipher strength is used |
*TLS certificates referenced in this table are for US datacenters; non-US datacenters also use 2048-bit SHA256RSA certificates.
Feedback
Submit and view feedback for