Dynamics CRM/365 in transit data has always been encrypted when using the online SaaS offering. The platform currently uses the HTTPS protocol with Transport Layer Security (TLS) 1.2 encryption.
Recently, Microsoft announced that data at rest is also encrypted using TDE (https://technet.microsoft.com/en-us/library/jj134930.aspx).
"All instances of Dynamics 365 (online) use Microsoft SQL Server Transparent Data Encryption (TDE) to perform real-time encryption of data when written to disk, also known as encryption at rest"
Read the Managing your Dynamics 365 online SQL TDE encryption key recipe of Chapter 7, Security, for instructions on how to change the key.
Online backups are encrypted for FIPS compliance and are stored in secured off-site vaults.