At Ignite last year, we announced several new encryption capabilities including Customer Key, which enables customers to provide and control their own keys that are used to encrypt their Office 365 data at-rest.
Customer Key was designed for customers that have certain compliance obligations that require the ability to control their own encryption keys.
With Customer Key, you can control your organization's encryption keys and then configure Office 365 to use them to encrypt your data at-rest. Data at-rest includes customer data from Exchange Online and Skype for Business that is stored in mailboxes and files that are stored in SharePoint Online and OneDrive for Business.
Today we are announcing that Customer Key is now generally available for Exchange Online in Office 365 government cloud instances: GCC, GCC High and DoD. We plan to make available Customer Key for SharePoint Online and OneDrive for Business in Office 365 government cloud instances by end of Q3 CY2018.
Customer Key is offered for Exchange Online in the Office 365 Government Community Cloud suite, "E5", and the Advanced Compliance SKU. Additionally, customers must also purchase Azure Key Vault. For more details on licensing please read the FAQ below.
For more details on Customer Key, review the resources and links below:
- Customer Key announcement at Ignite
- Customer Key FAQ
- Deep Dive on Customer Key Webinar
- Setting up Customer Key
- Microsoft 365 Cloud Encryption Whitepapers (Introduction, Deep Dive)
- Common misconceptions and truths of SaaS encryption