Encrypt Your Email with Exchange Online Protection and Office 365

April 13, 2015

In an ever changing world where security has become more and more of a consideration in all aspects of technology, one area that we are asked about frequently at BDO Digital is email encryption. For many organizations it is necessary to send information that might be sensitive or contain personal data, but sending that information using standard email protocols can be dangerous. Even more importantly, your end users may not always realize the danger, and even with the best of intentions, some important information might slip into an email.

There is now an easy solution for any organization that is currently on Office 365 for email or who has Exchange Online Protection (EOP) for spam filtering. As an add-on to these services, Microsoft is offering Message Encryption to ensure that all sensitive messages are protected. Since this service integrates with your existing email system, the setup and configuration is extremely easy because all of your email is already flowing through the Microsoft services.

How does it work?

Just like a spam filter, Office 365 Message Encryption scans every message that is sent out from your email system and looks for specific keywords or content. The rules for what content is discovered is fully customizable, and can be matched against specific words and text patterns in both the email body and attachments. Social Security numbers, credit card numbers, or just the word [Secure] in the subject are just a few of the examples of what can be monitored for and automatically encrypted.

Microsoft Office 365

Once the message matches a rule, Office 365 automatically converts the message to an encrypted message and puts it into the secured website. Instead of transmitting the whole message across the Internet, a message asking the recipients to log into to the email site is transmitted. The recipients view and respond to the email using the secure and familiar Outlook Web Access interface. Since this is all based on Office 365, no additional on-premises hardware or software is needed. Once the recipient responds, Office 365 Message Encryption can be configured to automatically decrypt the response and deliver it back to your user’s inbox so that they don’t even notice the encryption.

What if the recipient is not an Office 365 or EOP user?

One of the key benefits of using Microsoft’s encryption service is that it integrates with Microsoft’s Live ID system to allow anyone to login and access their messages. If the recipient doesn’t have a Live ID or doesn’t want to log in, a one-time passcode can also be emailed to them.

How do I enable this feature?

As mentioned earlier, if you are already an Office 365 or Exchange Online Protection customer you are almost there. This feature is part of the Rights Management Suite which is included in many licenses or can be added on for a small fee. To find out if you have the proper licensing and to get help configuring your protection rules, please contact us.

Not currently on Office 365 or EOP? No problem. Transitioning to Exchange Online Protection can help reduce your spam and also provide you the added benefits of email encryption. Contact us and we will be happy to help you determine if EOP and Office 365 Message Encryption are the right solution for your organization!

Leveraging opportunities in the cloud