Microsoft is starting to toll out a public preview for end-to-end encryption for Microsoft Teams calls, specifically for unscheduled one-to-one calls that encrypts the communication between both parties.
The company first announced this feature in March during an Ignite conference, and the company announced during this fall’s version of the virtual conference that the feature will be rolling out public preview.
Microsoft says end-to-end encryption is available for calls made between two parties using the latest version of Teams desktop client for Windows or Mac, or the latest versions of the app on iOS and Android.
For general availability, Microsoft has it pegged for next month on its Microsoft 365 roadmap website. However, it is unclear when Microsoft plans to roll out end-to-end encryption for groups or meetings.
According to the company, both participants must turn on the feature to enable end-to-end encryption, and only the real-time medial flow of video and voice data is encrypted.
However, IT must first enable end-to-end encryption for Teams one-on-one calls in the IT Admin port under Enhanced Encryption policies. There, admins can set which users can use the feature and decide whether the entire organization can use the enhanced encryption or just a select group of users – just like you would normally set other policies.
Admins can also manage end-to-end encryption policies using Microsoft PowerShell to apply policies to the tenant, users and groups.
To make end-to-end encryption calls available by using the Teams admin center:
- Sign in to the Teams admin center and navigate to Other settings > Enhanced encryption policies.
- Name the new policy, then for End-to-end call encryption, choose users can turn it on, and then choose Save.
- Once you’ve finished creating the policy, assign the policy to users, groups, or your entire tenant the same way you manage other Teams policies.
However, end-to-end encryption is still off by default after the policy is configured. After that, users need to turn it on in their Team settings by following these steps, per Microsoft:
- On the top right of the Teams window, select the profile picture (or the ellipses next to the profile picture).
- Choose Settings > Privacy.
- Turn on end-to-end encrypted calls by toggling the switch.
When both users have the setting enabled, they will see a shield in the top left corner of the Teams call. Users can hover over the shield to display confirmation that the call is end-to-end encryption.
Microsoft reminds users that Teams still secures a call or meeting with other encryption measures based on industry standards, and data exchanged during a call is “always secure while in transit and at rest,” according to Microsoft.
Other important points:
- End-to-end encryption will be synchronized across supported devices, so enabling it on one device will also turn it on for other devices.
- In Teams Mobile, users enable it by navigating to settings > calling and enabling it under Encryption.
- The mobile call will also show a lock and shield icon, and users can tap on that encryption indicator to reveal the 20-digit security code for the call. Both users can verify that the code matches to ensure the call is end-to-end encrypted.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Leave a Reply