X

Encrypted messaging coming to Microsoft's Office 365 next year

The new feature will automatically encrypt e-mail sent on the service, regardless of the destination. Replies and forwards of messages will also be encrypted.

Steven Musil Night Editor / News
Steven Musil is the night news editor at CNET News. He's been hooked on tech since learning BASIC in the late '70s. When not cleaning up after his daughter and son, Steven can be found pedaling around the San Francisco Bay Area. Before joining CNET in 2000, Steven spent 10 years at various Bay Area newspapers.
Expertise I have more than 30 years' experience in journalism in the heart of the Silicon Valley.
Steven Musil
2 min read

In response to e-mail privacy concerns, Microsoft announced Thursday it will introduce message encryption for Office 365 in early 2014.

The new feature, dubbed Office 365 Message Encryption, will allow users to send automatically encrypted e-mail to recipients outside of their own company, regardless of its destination. In addition, all replies and forwards of that original message are automatically encrypted as well.

"No matter what the destination -- Outlook.com, Yahoo, Gmail, Exchange Server, Lotus Notes, GroupWise, Squirrel Mail, you name it -- you can send sensitive business communications with an additional level of protection against unauthorized access," Shobhit Sahay, product marketing manager on the Microsoft Exchange team, wrote in an Office 365 blog post Thursday.

The feature, which is expected to debut during the first quarter of 2014, will be free to Office 365 E3 and E4 users. It will also be included in the standalone version of Windows Azure Rights Management at no extra cost.

While Microsoft is pitching the new feature as essential to prevent unauthorized access to sensitive business communications, data encryption has attracted more interest since former NSA contractor Edward Snowden leaked classified documents revealing the agency's mass collection of e-mail metadata and other Internet communications.

As such, Internet companies have increased their focus on data security. A Yahoo spokesperson said last month that the Web company would begin using SSL (Secure Sockets Layer) to encrypt e-mail connections on January 8. Google has always offered Gmail users the ability to encrypt e-mail through HTTPS (Hypertext Transfer Protocol Secure) and made it the default setting in 2010.

Google also announced recently that it was employing 2,048-bit RSA encryption keys on all of its Web site security certificates, which are used to set up encrypted communications between a Web server and Web browser. Likewise, Yahoo announced earlier this week that it would encrypt all information flowing between data centers by the end of the first quarter in 2014.