Office 365 - Getting Started with Message Encryption

With Office 365 Message Encryption (OME), you can send and receive encrypted email messages between people inside and outside our organization. Office 365 Message Encryption works with Office 365, Yahoo!, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content.

Note: If you are looking to use a digitally sign and encrypt information to prove its authenticity, please see digital signature documentation.

Why would I want to use OME

Have you ever had your email or documents shared or given to other people than you intended, or seen your company’s information shared with people outside the company by accident? Maybe you have information that you want to share confidentially with only a few trusted colleagues for purposes of collecting feedback, but you’re concerned that the information may get leaked inadvertently before you are ready?

Office 365 and Message Encryption

  • Who can use OME?

    Any UW-Madison Office 365 account.

  • Can internal/external mail systems interact with encrypted messages?

    Yes/No - this will depend on the encryption type.

  • What encryption types are available to me and what do they mean?

    • Encrypt-Only: Messages that have the new encrypt-only policy applied can be read directly in Outlook on the web, in Outlook for iOS and Android, and now Outlook for PC versions 2019 and Office 365. Other customers will see a message with a link. That link will take Office 365 users to Outlook on the web to read the message. Users with other email accounts will be prompted to obtain a one-time passcode and read the message in a browser window.

    • Do Not Forward: Only the recipients of the email or document (data file) will be able to view and reply. They cannot forward or share with other people or print. Even if someone you did not specifically give permission to access the file gets it, he or she will not be able to view the contents, because the policy is checked upon opening and the information is encrypted the entire time.

    • Confidential: Only people inside UW-Madison's implementation of Office 365 (that is, people with an Office 365 account @wisc.edu) can access the content, make edits, and share with others inside our implementation of Office 365.

    • Confidential View Only: Only people inside UW-Madison's implementation of Office 365 can view this content but cannot edit or change it in any way. They can print and share with others inside our implementation of Office 365.


  • What clients can be used to send encrypted messages?

    Outlook on web | Outlook desktop client - see below for instructions on how to send an encrypted message using one of these clients

  • What can I do when I receive an encrypted message?

    • The first time that you open a message that uses restricted permission, Outlook must connect to a licensing server to verify your credentials and download a use license. The use license defines the level of access that you have to a file. After the certificate is installed, you can view the contents of the message by opening the message.
    • If you are a UW-Madison Office 365 user and using a Microsoft Outlook client, you will only be able to perform the actions defined by the message encryption permission set by the sender. If you are using a non-Microsoft Outlook client, you will be prompted to sign into your Office 365 account to view the message. View the following video for complete details on how to interact with an encrypted message.
    • If you not a UW-Madison Office 365 user, you will be prompted to sign into Office 365 either with your Google account or via a one-time password. View the following video for complete details on how to interact with an encrypted message.
    • When replying to an encrypted message via the Office Message encryption portal, it will use the same encryption setting as the original message.

How do I send an encrypted message using?

Note: At this time, Outlook for Android/iOS do not have the ability to send encrypted messages.

  •  Outlook on the web - browser

      1. Log into Outlook on the web.
      2. Go to Outlook.
      3. Open a new email message or reply to an existing message.
      4. Within the message window, click Protect link located at the top of the message window. The following data will appear in the message window:
        protect action item
      5. The default is set to "Do Not Forward". If you want to change this encryption, use the 'Change Permissions' link.
      6. After you have entered the rest of the message details, send the message - the recipient(s) will receive this message in the encrypted format you selected above.



  •  Outlook for Windows/Mac

      1. Start Outlook.
      2. Confirm you are authenticated correctly - if not, fix this issue before proceeding.
      3. Open a new email message or reply to an existing message.
      4. Go to Options menu.
      5. Click Encrypt button and select the desired encryption you want to use. For Outlook 2019 and Outlook 2016, in an email message, choose Options, select Permissions.

        Important: If this is the first time you are attempting to use this feature, you will need to sign into the rights management server.

        1. Click on "Connect to Right Management Servers and get templates."
        2. If you are prompted to log in, please do so using the credentials of the account you have configured Outlook for. This is usually your NetID account.
        3. Restart Outlook.
        4. Open a new email message or reply to an existing message.
        5. Go to Options menu.
        6. Click Encrypt button and select the desired encryption you want to use.
      6. After you have entered the rest of the message details, send the message - the recipient(s) will receive this message in the encrypted format you selected above.


Resources




Keywords:microsoft office365 o365 message encryption ome encrypt do not forward only confidential view only secure security email send receive protect rights management proplus 2016 2019   Doc ID:82185
Owner:O365 S.Group:Office 365
Created:2018-05-10 13:32 CDTUpdated:2020-09-18 12:40 CDT
Sites:DoIT Help Desk, DoIT Tech Store, Office 365
Feedback:  2   0