Enable End-to-End Encryption on Microsoft Teams
Microsoft Teams recently introduced end-to-end encryption (E2EE) for one-to-one calls, providing enhanced security and privacy for users. In this article, we will explore how to enable E2EE on Teams and ensure that your calls are securely encrypted.
Who Can Enable E2EE on Teams Calls
Only IT admins have the authority to enable end-to-end encryption for one-on-one calls for all users. Once the IT admin has enabled E2EE, team members must individually enable it before they can use it. Reach out to your admin to confirm if the rollout has taken place.
What Is Encrypted With E2EE on Calls in Teams
Microsoft utilizes the Session Description Protocol (SDP) to encrypt all one-to-one calls on Teams. When E2EE is enabled on both ends, all one-to-one calls will be encrypted, ensuring that even Microsoft does not have access to the decrypted call details. Additionally, media files and messaging shared during the call are also encrypted, including text messages that are encrypted using Microsoft 365 encryption.
How to Enable/Disable E2EE on One-to-One Calls in Teams
To enable E2EE at the admin level, log in to the Teams Admin Center with your admin account credentials. Navigate to “Other settings > Enhanced encryption policies.” Create and name a new encryption policy, choose the option “Users can turn it on,” and save the changes.
Even when the admin enables encryption for one-to-one calls, individual users must still enable it on their end. To do this, click on the three-dot menu icon and select “Settings.” In the Privacy tab, enable the toggle for “End-to-end encryption calls.”
The E2EE setting will be synchronized across devices. If you enable E2EE on your device and make a call to someone who hasn't enabled it yet, Teams will automatically sync the setting and enable E2EE on their device.
Verify If E2EE Is Enabled and Working
After enabling E2EE, how can you confirm if the other person has also enabled it during a call? Microsoft Teams will display a shield with a lock icon on the upper left corner of the screen if E2EE is enabled. Hover over the icon to confirm the encryption. Compare the security code with the other user to ensure it matches. If both parties do not see the same security code, the call may not be encrypted properly. Check the settings and initiate the call again.
Please note that even if E2EE is not enabled for one-to-one calls, Microsoft still employs industry-standard practices to encrypt all data exchanged during the call while in transit and at rest.
How to Enable Teams E2EE on Mobile Apps
The admin settings for E2EE are not available on Teams mobile apps. To enable it as a user, open Teams Admin Center in a browser. You can access it via a mobile browser as well. Go to “Settings > Calling” and enable the toggle for “End-to-end encrypted calls.”
You can also verify if the call is encrypted by comparing the security code on both ends of the call. Tap on the shield with a lock icon during the call to reveal the security code.
FAQs
-
Is E2EE for Teams calls enabled by default?
No, IT admins must manually enable E2EE for private and secure calls, chats, and file transfers. -
Are there any drawbacks to using E2EE for one-on-one Teams calls?
Yes, certain services like recording, live captions and transcriptions, call transfer, call merge, call park, Cal Companion, and adding more members to turn one-to-one calls into a group call may not work when E2EE is enabled. Users can disable E2EE to utilize these features during the call. -
Is E2EE available on Teams mobile clients?
Yes, E2EE is available for both desktop clients (Windows and macOS) and mobile clients (Android and iOS). -
Are group calls encrypted in Teams?
Yes, group calls are also encrypted, but they use Microsoft 365 encryption instead.
Wrap Up
Microsoft Teams continues to evolve as a comprehensive collaboration platform, providing enhanced security and privacy features like E2EE. By enabling E2EE, you can ensure that your one-to-one calls on Teams are more secure and protected. If you're using Teams on a desktop, check out some cool shortcuts and tricks to maximize your productivity.
Jim's passion for Apple products ignited in 2007 when Steve Jobs introduced the first iPhone. This was a canon event in his life. Noticing a lack of iPad-focused content that is easy to understand even for “tech-noob”, he decided to create Tabletmonkeys in 2011.
Jim continues to share his expertise and passion for tablets, helping his audience as much as he can with his motto “One Swipe at a Time!”