Late last year, Microsoft said they were taking steps to beef up encryption and security practices in light of the NSA's wide-reaching surveillance programs. They've since made good on that promise as Microsoft's webmail and cloud storage services are now a bit more secure.
The Redmond-based company on Tuesday revealed that Outlook.com now uses Transport Layer Security (TLS) for both outbound and inbound messages. This means that when you send an e-mail to someone, it'll be encrypted as it travels between Microsoft and the recipient's e-mail provider.
The recipient's provider will also need to support TLS for this to be effective. Fortunately, a number of larger services like Gmail already use TLS.
Additionally, Outlook.com has also been upgraded to use Perfect Forward Secrecy (PFS) encryption for sending and receiving mail between providers. PFS is a method that uses a different encryption key for every connection which makes it more difficult for eavesdroppers to decrypt connections.
Microsoft has also enabled PFS encryption on OneDrive. Customers will automatically get forward secrecy when accessing the cloud storage service through onedrive.live.com, the mobile OneDrive application and sync clients.
Microsoft vice president of Trustworthy Computing Security Matt Thomlinson said in a blog post that they are in the midst of a comprehensive engineering effort to strengthen encryption across their networks and services. The goal, he added, is to provide greater protection for users and also help Microsoft reinforce the idea that governments should use appropriate legal processes instead of brute force if they want access to data.