The company said it would use best-in-class cryptography, including Perfect Forward Secrecy and 2048-bit key lengths, to encrypt by default customer content moving between Microsoft and customers. "All of our key platform, productivity and communications services will encrypt customer content as it moves between our data centers," Smith wrote. Microsoft is also in talks with other service providers to ensure that data, like email, traveling between service providers is protected. Perfect Forward Secrecy makes it difficult to decrypt data at a later date, even if the secret key is available.
Office 365 and Outlook.com customer content is already encrypted when traveling between customers and Microsoft, and most Office 365 workloads as well as Windows Azure storage are now encrypted in transit between Microsoft's data centers, Smith said. "In other areas we're accelerating plans to provide encryption," he added.