Office 365 - Message Encryption
Posted by Lewis Purver, Last modified by Lewis Purver on 17 September 2019 02:54 PM
How can I send encrypted Messages using Office 365?
How to Encrypt a Message
To encrypt a message with OWA, click the Protect button in the New Message window, then click Change Permissions in the message bar, and then select “Encrypt” from the set of available templates (Figure 1).
You can read encrypted messages using Outlook for iOS or Android, but you cannot create encrypted messages from these clients.
Automatic Decryption for Some Clients
Decryption is automatic if your mailbox belongs to an Office 365 tenant and you use an “enlightened” client (those that understand Azure Information Protection). The latest version of OWA and Outlook mobile handle decryption with aplomb (Figure 2).
The Outlook Experience
Although current versions of Outlook for Windows and Mac handle protected messages seamlessly, they need an upgrade to expose the option to encrypt messages and to be able to process encrypted messages. Until that upgrade is available, you must read encrypted messages using the Office 365 Message Encryption portal, which is the same experience as recipients outside Office 365 have.
Figure 3 shows how an unenlightened version of Outlook for Windows displays an encrypted message. Because this version of Outlook doesn’t know how to handle the file in the encrypted wrapper, it tells the recipient who sent the message and gives a link to the portal to read the message.
To Encrypt or Protect, that is the Question
Given the choice to encrypt or protect messages, what should you do? Here’s a simple rule of thumb.
This rule of thumb is based on the simple fact that encryption works for all email addresses, so it is the catch-all solution when a need exists to protect content sent outside the company. Not every destination might be able to understand the limitations set by rights templates, but if a template is configured to support recipients in an external domain, it is an excellent way to protect information for the lifetime of the content.