Back in June, we learned that Microsoft has begun testing support for end-to-end encryption (E2EE) in its online collaboration app, Teams. Although chat data is encrypted both in rest and transit, meetings were not encrypted end-to-end. Today, Microsoft has announced that a public preview of E2EE in Teams calls is now available for organizations to utilize.
Since this is a preview, there are a few caveats to be aware of. As of now, E2EE is only supported in unscheduled one-to-one Teams calls, and is not available for groups calls and meetings. Of course, both participants of the call will need to enable E2EE on their respective devices for this process to take place. If E2EE is enabled, several other features will become unavailable such as recording, live captions and transcription, call transfer, Call Park, Call Merge, Call Companion, and the possibility to add more participants to the call. The capability is not available for PSTN calls either.
If a call is end-to-end encrypted, a shield with a lock icon will appear in the Teams window. A 20-digit security code will be also be shown and both parties can verify that the same code is visible to them. Once a call has E2EE enabled, no other party, including Microsoft, will have access to the decrypted content. Furthermore, your preferences for E2EE will carry across devices as long as you have the latest desktop client installed on Windows and Mac, or if you're running the latest version of the Android or iOS app.
Depending upon customer feedback, Microsoft will explore if E2EE can be rolled out for group calls at a later, unspecified date. Groups calls and chat currently utilize a pattern called "Microsoft encryption". If you're an IT admin or a commercial user of Teams, you can head over to the blog post here to find out details about the E2EE methodology and how to enable it across your entire organization.