Skip to main content

Data at rest encryption - SharePoint and OneDrive

Author by Arthur Savage

"Our latest encryption feature with which content in OneDrive for Business and SharePoint Online will be encrypted at rest will start rolling out to customers soon. With this, the encryption technology in Office 365 moves beyond a single encryption key per disk to deliver a unique encryption key per file. With this technology, every file stored in SharePoint Online—including OneDrive for Business folders—is encrypted with its own key, and subsequent updates to the file are encrypted with their own unique key as well. Your organization’s files will be distributed across multiple Microsoft Azure Storage containers, each with separate credentials, rather than storing them all in a single database. By spreading encrypted files across storage locations, encrypting the map of file locations itself, and physically separating master encryption keys from both content and the file map, this new encryption storage technology makes OneDrive for Business and SharePoint Online a highly secure environment for your data.

Arthur Savage

Solution Architect