Microsoft 365 - Outlook - Sending Encrypted Email

Overview

Microsoft has updated its email encryption solutions to provide a unified experience whether you are sending a protected message internally or outside of the University. Email encryption (also referred to as message protection) is enabled for NEOMED Microsoft 365 email accounts. In conjunction with your NEOMED Microsoft 365 account, email encryption provides an additional layer of security when members of the NEOMED community send email using Outlook.

Email encryption converts the message from readable, plain text into scrambled, cipher text and only the intended recipient(s) can view the message. This function also encrypts any attachments sent with an encrypted message and allows you to send emails that are protected from copying, forwarding, and/or printing.

How do I create an encrypted email?

Outlook on the Web

When composing a new email, you can choose to protect your message by clicking the Encrypt button (found between Attach and Discard):

By default, this will apply the Encrypt protection policy to the email when it is sent. The Encrypt policy encrypts the message and the message’s attachment(s); however, the message can be forwarded, copied, or printed.

If you click Change Permissions in the banner that appears once you click Encrypt, you can select from multiple protection options:

  • When Do Not Forward is selected, the recipient is restricted from forwarding the message, printing the message, as well as copying the message's contents.
  • When Northeast Ohio Medical University Internal - Confidential is selected, the recipient can forward the message, but cannot print or copy its contents.
  • When Northeast Ohio Medical University Internal - Confidential View Only is selected, the recipient cannot do anything with the message except read and delete it.

Note: Both Northeast Ohio Medical University Internal protection options can only be used for internal (NEOMED) recipients.

Outlook on Desktop (Windows)

When composing a new email, you can choose to protect your message by clicking Options, and then clicking the Lock Icon above Encrypt.

By clicking the Lock Icon, this will apply the Encrypt policy to the email when it is sent. The Encrypt policy encrypts the message and the message’s attachment(s); however, the message can be forwarded, copied, or printed.

Alternatively, if you click the Encrypt Down-Arrow (under the lock icon), you can access other message protection options:

  • When Do Not Forward is selected, the recipient is restricted from forwarding the message, printing the message, as well as copying the message's contents
  • When Northeast Ohio Medical University Internal - Confidential is selected, the recipient can forward the message, but cannot print or copy its contents.
  • When Northeast Ohio Medical University Internal - Confidential View Only is selected, the recipient cannot do anything with the message except read and delete it.

Note: Both Northeast Ohio Medical University Internal protection options can only be used for internal (NEOMED) recipients.

Outlook on Desktop (Mac)

When composing a new email, you can choose to protect your message by clicking Options, and then clicking Encrypt. You can then pick the protection option that has the restrictions you would like to enforce, such as Do Not Forward.

 

What does the recipient receive?

Internal recipients (those with NEOMED Office 365 accounts) that utilize Outlook (i.e. on the web, on the desktop, mobile app) will receive the protected message like any other unprotected email, although the message will be marked with a lock icon in your inbox and upon opening your message, you will see verbiage that indicates the protection that was applied to the message you received.

External recipients will receive a message from you stating that they were sent a protected message and a prompt to open it.

Upon selecting to read the message, a new window (or new tab) will open, enabling the external recipient to open the message by using a one-time passcode or using their third-party email account (e.g. Gmail, Yahoo) to sign in and view the message.

Upon authenticating (either with a one-time passcode or logging into their third-party email account), the protected message will then open.

Additional Resources

For more details on the Microsoft Office 365 message protection function, please refer to the following Microsoft articles:

Related Policies and Procedures

While using NEOEMD email, your device is connecting to NEOMED systems and utilizing University Data. As such, you must observe all University Information Technology Policies.

 

Was this helpful?
0 reviews