Encryption
When you move to Office 365 your data is encrypted by default—both at rest and in transit—through multiple encryption technologies, including Bitlocker, service encryption, and transport layer security (TLS). Additional controls are provided for more granular protection, such as Office 365 Message Encryption. For added compliance and control, there are a variety of encryption key options such as Customer Key, or bring your own key (BYOK) and hold your own key (HYOK) with Azure Information Protection.