New service: Data-at-rest encryption for Microsoft 365

Microsoft 365 provides baseline, volume-level encryption through BitLocker. Service Encryption provides an added layer of data-at-rest encryption at the application level. Customer Key allows you to control your organization’s encryption keys.

As an application level encryption service, Customer Key support exists today for Exchange Online, Skype for Business, SharePoint Online, and OneDrive for Business workloads in Microsoft’s data centers. We are extending Customer Key support to provide a tenant level encryption support through a new service called Data-at-rest encryption for Microsoft 365.

This feature is associated with Microsoft 365 Roadmap ID 68869.

When this will happen

Rollout is late March through late April.

How this will affect your organization

Data-at-rest encryption for Microsoft 365 gives you the ability to create and apply a tenant level data encryption policy that will encrypt data across the following workloads using customer managed keys:

  • Exchange Online (all data)
  • Microsoft Teams (new data)
    • Teams call and meeting recordings stored in Teams storage
    • Teams chat messages (1:1 chats, group chats, meeting chats and channel conversations)
    • Teams chat notifications
    • Teams chat suggestions by Cortana
    • Teams media messages (images, code snippets, videos messages, audio messages, wiki images)
    • Teams presence status messages

If you opt for this service, there is no impact to your organization or your data as long you maintain the health and accessibility of the keys.

What you need to do to prepare

To access the service, Data-at-rest Encryption for Microsoft 365, reach out to Microsoft at m365-ck@service.microsoft.com with your onboarding request.

Please review Public Preview documentation to understand how the service works. Specific documentation for Data-at-Rest Encryption for Microsoft 365 will be available once the service is rolled out.

Message ID: MC242838


No comments yet

Leave a Reply


I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.