Microsoft Rolls out End-to-End Encryption for Teams Calls

The new encryption measure will be welcomed by businesses that use Teams to discuss sensitive and confidential information.

Microsoft has officially updated its proprietary business communications platform, Microsoft Teams, so it now supports end-to-end encryption (E2EE) for one-to-one calls. 

The move comes after several announcements touting the change and a trial run in October 2021. The company joins Zoom and other web conferencing services in providing this security feature for customers. 

With many companies moving to remote and hybrid working over the pandemic, web conferencing like Teams has provided a valuable way to stay connected, with features such as this protecting against security threats.

Microsoft Teams is Now More Secure

Microsoft’s end-to-end encryption support is in the process of being rolled out right now, with Microsoft saying in a blog post this week that the provision should be “generally available” to users.

It’s important to note that the features are exclusively available for one-to-one Teams calls, as opposed to conference calls with three or more people in attendance. 

IT administrators will be able to turn on E2EE for calls, and they will retain the ability to disable it too. The company explains in the same blog post that:

By default end-to-end encryption will not be available to all users within the tenant. Once IT has configured the policy and enabled it for selected users, those selected users will still need to turn on end-to-end encryption in their Teams settings” – John Gruszczyk, Microsoft. 

Microsoft has a number of encryption provisions in place, already encrypting call data in transit (whilst it’s being sent) and at rest (once it’s delivered). 

Sharepoint encryption is utilized for files at rest and there’s also Onenote encryption for any notes made in Microsoft Teams chats. 

Some Settings and Features Now Unavailable

The only downside to Microsoft’s E2EE rollout is that some of the features typically available for Teams meeting participants are now unavailable because E2EE can’t be preserved whilst they’re in use. If users need these features, they’ll have to head into Teams settings and turn it off. 

Features that are incompatible with E2EE include recording, recording, live caption, and transcription, but also things like Call transfers, Call Park and Call Merge. You also won’t be able to transfer calls to other devices or add other participants. 

What is End-to-End Encryption?

End-to-end encryption is a type of encryption applied to data transfers between devices and facilitates a situation where only the device receiving the encrypted data is able to decrypt it.

By way of comparison, encryption-in-transit, on the other hand, would involve encrypting a packet of data, which would then be sent to a server, decrypted, re-encrypted, and then sent on to its final destination. 

Although the data is encrypted for most parts of the journey, importantly, it is not encrypted contiguously from one end to the other – which is what Microsoft Teams ow offers for one on one calls.

Web Conferencing Security is Vital

Over the last few years, with millions moving to remote environments, reserving confidential, private, or sensitive conversations for the office is, in many instances, no longer possible. 

This means that choosing a web conferencing service with adequate security measures is all the more important, especially in light of the huge rise in cyberattacks since the pandemic began. 

Microsoft Teams users now have that added security for one-to-one calls – but if your business doesn’t use a video calling service with E2EE, we’d recommend looking at other options so you can ensure what should be private, stays private.

Did you find this article helpful? Click on one of the following buttons
We're so happy you liked! Get more delivered to your inbox just like it.

We're sorry this article didn't help you today – we welcome feedback, so if there's any way you feel we could improve our content, please email us at contact@tech.co

Written by:
Aaron Drapkin is Tech.co's Content Manager. He has been researching and writing about technology, politics, and society in print and online publications since graduating with a Philosophy degree from the University of Bristol six years ago. Aaron's focus areas include VPNs, cybersecurity, AI and project management software. He has been quoted in the Daily Mirror, Daily Express, The Daily Mail, Computer Weekly, Cybernews, Lifewire, HR News and the Silicon Republic speaking on various privacy and cybersecurity issues, and has articles published in Wired, Vice, Metro, ProPrivacy, The Week, and Politics.co.uk covering a wide range of topics.
Back to top