Microsoft 365 - Getting Started with Message Encryption
With Microsoft 365 Message Encryption (OME), you can send and receive encrypted email messages between people inside and outside our organization. Microsoft 365 Message Encryption works with Microsoft 365, Yahoo!, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content.
Why would I want to use OME
Have you ever had your email or documents shared or given to other people than you intended, or seen your company’s information shared with people outside the company by accident? Maybe you have information that you want to share confidentially with only a few trusted colleagues for purposes of collecting feedback, but you’re concerned that the information may get leaked inadvertently before you are ready?
Microsoft 365 and Message Encryption
- Who can use OME?
Any UW-Madison Microsoft 365 account.
- Can internal/external mail systems interact with encrypted messages?
Yes/No - this will depend on the encryption type.
- What encryption types are available to me and what do they mean?
-
Encrypt-Only: Messages that have the new encrypt-only policy applied can be read directly in Outlook on the web, in Outlook for iOS and Android, and now Outlook for PC versions 2019 and Microsoft 365. Other customers will see a message with a link. That link will take Microsoft 365 users to Outlook on the web to read the message. Users with other email accounts will be prompted to obtain a one-time passcode and read the message in a browser window.
-
Do Not Forward: Only the recipients of the email or document (data file) will be able to view and reply. They cannot forward or share with other people or print. Even if someone you did not specifically give permission to access the file gets it, he or she will not be able to view the contents, because the policy is checked upon opening and the information is encrypted the entire time.
-
Confidential: Only people inside UW-Madison's implementation of Microsoft 365 (that is, user with a Microsoft 365 account @wisc.edu) can access the content, make edits, and share with others inside our implementation of Microsoft 365.
-
Confidential View Only: Only people inside UW-Madison's implementation of Microsoft 365 can view this content but cannot edit or change it in any way. They can print and share with others inside our implementation of Microsoft 365.
-
- What clients can be used to send encrypted messages?
Outlook on web | Outlook desktop client - see below for instructions on how to send an encrypted message using one of these clients
- What can I do when I receive an encrypted message?
- The first time that you open a message that uses restricted permission, Outlook must connect to a licensing server to verify your credentials and download a use license. The use license defines the level of access that you have to a file. After the certificate is installed, you can view the contents of the message by opening the message.
- If you are a UW-Madison Microsoft 365 user and using a Microsoft Outlook client, you will only be able to perform the actions defined by the message encryption permission set by the sender. If you are using a non-Microsoft Outlook client, you will be prompted to sign into your Microsoft 365 account to view the message. View the following video for complete details on how to interact with an encrypted message.
- If you are not a UW-Madison Microsoft 365 user, you will be prompted to sign into Microsoft 365 either with your Google account or via a one-time password. View the following video for complete details on how to interact with an encrypted message.
- When replying to an encrypted message via the Office Message encryption portal, it will use the same encryption setting as the original message.
How do I send an encrypted message using?
Note: At this time, Outlook for Android/iOS do not have the ability to send encrypted messages.
- Outlook on the web - browser
-
- Log into Outlook on the web.
- Go to Outlook.
- Open a new email message or reply to an existing message.
- Click the Options menu.
- Within the message window, click the encrypt menu option within the ribbon:
- Select the desired permissions you would like to set on the message you are sending:
- The following data/information will appear in the message window:
- If you want to change this encryption, use the 'Change Permissions' link.
- After you have entered the rest of the message details, send the message - the recipient(s) will receive this message in the encrypted format you selected above.
-
- Outlook for Windows/Mac
-
- Start Outlook.
- Confirm you are authenticated correctly - if not, fix this issue before proceeding.
- Open a new email message or reply to an existing message.
- Go to Options menu.
- Click Encrypt button and select the desired encryption you want to use. For Outlook 2019 and Outlook 2016, in an email message, choose Options, select Permissions.
Important: If this is the first time you are attempting to use this feature, you will need to sign into the rights management server.
- Click on "Connect to Right Management Servers and get templates."
- If you are prompted to log in, please do so using the credentials of the account you have configured Outlook for. This is usually your NetID account.
- Restart Outlook.
- Open a new email message or reply to an existing message.
- Go to Options menu.
- Click Encrypt button and select the desired encryption you want to use. For Outlook 2019 and Outlook 2016, click Permissions button.
- After you have entered the rest of the message details, send the message - the recipient(s) will receive this message in the encrypted format you selected above.
-