End-to-end encryption for Microsoft Teams users
Microsoft Teams recently added end-to-end encryption for its users!
E2EE (end-to-end encryption), as it is also known, is a security feature that protects data during message exchanges. It ensures that the content is only accessed by both sides of the conversation, that is, sender and recipient.
Previously, encryption was performed with data in transit and at rest. This allowed authorized services to decrypt content for data retention logging purposes. The increasing demand for online meetings in 2020 and the growing demand for software like Teams and Zoom meant that security and privacy needs had to be improved and built upon.
The demand to develop more effective strategies to protect companies and their data has increased considerably. With that in mind, Microsoft recently announced this new functionality, giving IT administrators the option to enable and control E2EE for individual calls.
However, even with the feature available, users will still need to enable it, as end-to-end encryption is disabled by default.
1. How to enable encryption
Initially, only company IT departments, or administrators, will be able to enable end-to-end encryption for Microsoft Teams users.
There will also be the option to enable encryption only for a group of people, such as leaders and users who handle sensitive information, or for the entire company. Also, both parties in the conversation must enable this setting to enable E2EE.
To enable the feature, the user will see the option in their settings, after authorization from the administrator. Encrypted calls support basic functions such as audio, video, screen sharing and chats, but activation prevents certain functions from working, they are:
- Caption and live transcription
- Call transfer (blind, secure and consultative)
- Call parking (or call waiting)
- Call merge
- Companion call and transfer to other devices
- Add participant, turning an individual call into a group call
At last, it is worth noting that if you need to use one of the features above, you can disable E2EE to use them the same way you enabled in the first place.
2. How to know if encryption is active on my Microsoft Teams app?
After the policy goes through and admin clearance is up, users will see a setting to enable end-to-end encryption for their individual calls.
To enable end-to-end encryption, users can follow these steps:
- In the upper-right corner of the Teams window, select your profile picture (or the ellipsis next to your profile picture)
- Choose Settings > Privacy
- Enable end-to-end encrypted calls by toggling the switch
How can both parties confirm that they are on an end-to-end encrypted call? With this release, users will see the encryption indicator in the Teams call window in the upper left corner. This indicator shows that the call is encrypted.
If a call is successfully end-to-end encrypted, both parties will see the end-to-end encryption indicator in the Teams call window. The Teams end-to-end encryption indicator is a shield with a padlock, as shown in the image below. Hovering the mouse over the indicator icon will confirm the call encryption.
Teams also displays a security code for the call. To confirm that end-to-end encryption is working correctly, verify that the same security code appears for both the caller and the called party.
If you haven’t enabled end-to-end encryption, rest assured, Teams still secures a call or meeting using industry-standard encryption. Data exchanged during calls is always secure in transit and at rest.
3. How to enable end-to-end encryption on my phone?
E2EE can also be used when users are on a mobile device with the latest update for iOS and Android.
Just follow the steps below:
- In Teams Mobile, go to Settings > Calling or Calls.
- Under Encryption, enable End-to-End Encrypted Calls.
Similar to PC calling, mobile calling also shows a padlock + shield icon. You can access the 20-digit security code by tapping the encryption indicator.
Just like the desktop app, users can verify that the code matches to ensure that both parties are in an end-to-end encrypted call.
4. Meetings and group audio/video calls
As of now, standard Microsoft 365 encryption secures group audio/video calls, while end-to-end encryption is not available.
In short, Microsoft says it’s working to bring end-to-end encryption to group meetings soon.
Are you ready to have end-to-end encryption on your Microsoft Teams call?
Are you still unsure what app to use for your calls and group meeting? Check out the Top 9 reasons to start using Discord today!