Office 365 Data at Rest EncryptionVevo Digital
For companies seeking to migrate to the Microsoft Cloud Services, Microsoft created a series of videos that speak high level to common risk and control considerations. This specific video will walk you through how Office 365 data is encrypted at rest, and dive into several encryption key management options, which are available to further meet business needs and compliance obligations.
For data at rest, Office 365 uses various encryption technologies like BitLocker and service encryption. BitLocker offers volume-level encryption by encrypting the physical disk containing customer data. This helps reduce the risk of data being compromised if the physical disk is stolen. Service encryption provides an added layer of encryption beyond BitLocker at the application level, such as files and mailboxes in Office 365. It also offers strong separation of server admin roles and customer data, while providing an added layer of protection against physical data theft.
Service encryption also provides the option for customers to control and manage their own encryption keys. For customers who have compliance requirements that call out certain key arrangements with their cloud service provider, we provide several encryption key management options to meet their business needs.