I saw the below message in Message Center and wanted to share for others who want data at-rest encryption in Office 365. Details below.
“LockBox” with E5 license was a past feature for this same goal. It’s not yet clear to me how the two are different, but it’s great to see new options for customers to encrypt their data.
Cheers!
New feature: Customer Key for Office 365
MC124630
Published Date: Nov 09
Category: Stay Informed
How does this affect me?
On September 25th we announced general availability of Customer Key for Office 365. Customer Key enables organizations to provide and control their own encryption keys for their Office 365 data at-rest. With Customer key, customers are in control of their keys and can exercise the ability to revoke the keys to make their data unreadable to the service and initiate the path towards data deletion. Customer Key is built on top of service encryption, so customers receive an added layer of protection on top of BitLocker, as well as a more granular level of control in Office 365.
What do I need to do to prepare for this change?
There is nothing you need to do to prepare for this change however there are steps in order for you to use this feature to get started go to our technical documentation go to https://aka.ms/customerkey. Please click Additional Information to learn more about this feature.
Additional information: https://support.office.com/article/Customer-Key-for-Office-365-FAQ-41ae293a-bd5c-4083-acd8-e1a2b4329da6
Direct link: https://portal.office.com/AdminPortal/home?switchtomodern=true#/MessageCenter?id=MC124630
(Disclaimer- You will need global admin group access to view Message center)
Diagram
References
- https://blogs.office.com/2015/04/21/announcing-customer-lockbox-for-office-365/
- http://www.infoworld.com/article/3068592/encryption/your-data-their-cloud-bring-your-own-encryption-keys.html
- https://www.axon-it.com/blog/what-is-customer-lockbox-for-office-365/
- https://www.slideshare.net/nicconf/andy-malone-microsoft-office-365-security-deep-dive
