How do I send an encrypted email message?

Overview

Email messages can be protected to help preserve content confidentiality. Office 365 offers a service called Office Message Encryption (OME) which you can use to send protected messages. Messages sent via OME can only be read by the recipient and can be configured to disallow forwarding to other users.

WARNING: Care should be taken when sending sensitive information in email. OME is best suited for one time or occasional sharing. You are still responsible for ensuring information is only shared with appropriate parties. If you routinely share sensitive information with an authorized external entity, OME may not be the best solution. Contact your local support or ITS Security for further guidance or if you have any questions.

This article covers how to send an encrypted message. See KB article How do I view an OME protected message? for instructions how a recipient would open an encrypted message.

For more assistance, please contact your regional TSP or submit a ticket.

Outlook for Windows

Step 1

From the new message draft window, click the "Options" tab.

Drafting a new message in Outlook. Click Options tab

Step 2

Click the drop down under "Permission". You can choose "Do Not Forward" or "Encrypt-Only".

If you choose "Encrypt-Only" the message is encrypted. Recipients can share the email and any attachments with any third parties without restriction.

If you choose "Do Not Forward" the message is encrypted and additional protections prevent the recipients from forwarding the email message to others. Recipients can still reply to your email. Microsoft file format attachments (such as Word documents and Excel spreadsheets) are protected and remain encrypted even if downloaded. Non-Microsoft specific file formats, including PDF documents and image files, are not protected once downloaded and can be shared by the recipient without restriction.

Exercise caution when sending sensitive file attachments with either option.

Click Permissions and then Encrypt or Do Not Forward

Step 3

Outlook indicates the message will be protected.

Message protected and forwarding disallowed

 

 

back to Overview

 

Outlook Online Web App (OWA)

The process to send an encrypted message in Outlook Web App (OWA) differs depending on what you see when drafting a new message.

 

Overflow Menu

From the new message draft window, if you do not see a button labelled "Encrypt" in the menu bar, you need to navigate into the overflow menu. Click the 3 dot icon "...", select "Encrypt" and then choose "Encrypt" or "Do Not Forward".

If you choose "Encrypt" the message is encrypted. Recipients can share the email and any attachments with any third parties without restriction.

If you choose "Do Not Forward" the message is encrypted and additional protections prevent the recipients from forwarding the email message to others. Recipients can still reply to your email. Microsoft file format attachments (such as Word documents and Excel spreadsheets) are protected and remain encrypted even if downloaded. Non-Microsoft specific file formats, including PDF documents and image files, are not protected once downloaded and can be shared by the recipient without restriction.

Exercise caution when sending sensitive file attachments with either option.

OWA Overflow view

 

Encrypt Button

If you see an "Encrypt" button, you can click it to enable message encryption.

Step 1

Click "Encrypt".

Step 2

The message is marked for protection using Office Message Encryption. However, recipients can share the email and any attachments with any third parties without restriction.

To disallow recipient forwarding of the message in addition to encryption, click "Change permissions".

Click Change Permissions for more options

Step 3

Click the drop down in the pop-up window:

Click the permissions drop down

Select "Do Not Forward":

Click "Do Not Forward"

Click "OK":

Click OK

Step 4

The message remains encrypted and additional protections prevent the recipients from forwarding the email message to others. Recipients can still reply to your email. Microsoft file format attachments (such as Word documents and Excel spreadsheets) are protected and remain encrypted even if downloaded. Non-Microsoft specific file formats, including PDF documents and image files, are not protected once downloaded and can be shared by the recipient without restriction.The new message draft window indicates the protection status at the top.

Message status indicates do not forward is in effect.

 

 

back to Overview

 

Outlook for Mac

Step 1

From the new message draft window, click the "Options" tab.

Click the Options tab

Step 2

Click the down arrow next to the "Encrypt" lock icon. You can choose "Encrypt-Only" or "Do Not Forward".

If you choose "Encrypt-Only" the message is encrypted. Recipients can share the email and any attachments with any third parties without restriction.

If you choose "Do Not Forward" the message is encrypted and additional protections prevent the recipients from forwarding the email message to others. Recipients can still reply to your email. Microsoft file format attachments (such as Word documents and Excel spreadsheets) are protected and remain encrypted even if downloaded. Non-Microsoft specific file formats, including PDF documents and image files, are not protected once downloaded and can be shared by the recipient without restriction.

Exercise caution when sending sensitive file attachments with either option.

Mac click arrow next to Encrypt

Step 3

Outlook indicates the message will be protected.

Outlook indicates the message is encrypted

 

back to Overview