Microsoft announces it will encrypt all data all content travelling between data centres following revelations of persistent spying from governments.
Microsoft has likened governmental spying on its customers' data to sophisticated malware and other cyber threats, joining Google and Yahoo by announcing it will encrypt all content travelling between its data centres.
The technology giant has announced a series of moves it is taking in a bid to restore customers' faith in its ability to keep information out of the hands of any governments looking to monitor it.
On the official Microsoft blog, Microsoft's general counsel Brad Smith said: "We are taking steps to ensure governments use legal process rather than technological brute force to access customer data."
The post was written in response to revelations of widespread spying by the US and UK governments on citizens around the world following top secret NSA documents leaked by Edward Snowden. However it was the specific revelations revealed in October that the NSA was tapping into the data travelling between data centres belonging to some of the world's biggest technology companies which moved Microsoft into action it seems.
"If true, these efforts threaten to seriously undermine confidence in the security and privacy of online communications. Indeed, government snooping potentially now constitutes an "advanced persistent threat," alongside sophisticated malware and cyber-attacks," Smith said.
The steps Microsoft is taking include:
- Expanding encryption across its services
- Reinforcing legal protections for customer data
- Enhancing the transparency of our software code,
Comprehensive engineering effort
Microsoft is planning a "comprehensive engineering effort" over the next 12 months focusing on a revamp of its encryption technology across its Outlook, Office, SkyDrive and Windows Azure products with content sent from customers to Microsoft now encrypted by default.
Microsoft has also announced that all of its key platform, productivity and communications services will encrypt customer content as it moves between data centres
To facilitate this, Microsoft will follow Google's lead and move to the stronger 2,048-bit encryption standard, with all new initiatives set to be in place by the end of 2014.
Experts believe that it will take more than a decade for anyone to break this encryption using brute force attacks, based on current computing technology. Yahoo and Faceook have also indicated they will begin using 2,048-bit encryption keys in the future.
In order to make things clearer for customers, Microsoft says it will improve transparency by "making it easier for customers to reassure themselves that our products do not contain back doors."
The company will also open transparency centres in Europe, Asia and the Americas in order to reassure government customers of its products' integrity.
"Ultimately, we're sensitive to the balances that must be struck when it comes to technology, security and the law. We all want to live in a world that is safe and secure, but we also want to live in a country that is protected by the Constitution. We want to ensure that important questions about government access are decided by courts rather than dictated by technological might," Smith concluded.