There was an announcement that at the RSA Conference (April 2015) that was really interesting. Exchange Online was going to be adding some additional advanced encryption above what is already available today.
Today – There are a lot of good solutions in Exchange Online. There is Rights Management, S/MIME support and Office 365 Message Encryption (OME) which can all be used to encrypt what I call the message payload (the actual email). As well, Microsoft BitLocker drive level encryption has been applied into Exchange Online so data is encrypted at rest. Additionally remember that all data in transit to Office 365 is encrypted.
So what is being added? – On top of the really good encryption and protection, Microsoft is going to make more strides for Exchange Online. Last year, a new file based encryption solution was added for SharePoint Online and OneDrive for Business. This solution encrypts every file stored with its own unique key, and re-encrypts with a new key for subsequent update. There is a lot more to this solution. For Exchange Online, a similar content level encryption solution is be made available by the end of CY 2015.
The announcement also stated that in 2016, customers will be enabled to generate their own keys for this content level encryption across Office 365!
This just adds yet another layer of data protection and encryption demonstrating Office 365’s commitment. Very very very exciting.
Here is the announcement - http://blogs.office.com/2015/04/21/enhancing-transparency-and-control-for-office-365-customers/
Here is a good presentation from the recent Ignite Conference (May 2015) on Encryption solutions available today in Exchange Online - http://channel9.msdn.com/Events/Ignite/2015/BRK3172