Skip to main content

Office 365 Message Encryption

By March 1, 2016September 11th, 2020Blog, Microsoft

Office 365 Message Encryption is an easy-to-use service that lets email users send encrypted messages to people inside or outside their organization. Recipients can easily view their encrypted messages and return encrypted replies. Regardless of the destination email service—whether it’s, Yahoo, Gmail, or another service—email users can send confidential business communications with an added level of protection against unauthorized access. You can also customize the email viewing portal to include your organization’s brand. Email can be encrypted without additional hardware or software to purchase which helps to minimize capital investment, free up IT resources, and mitigate messaging risks.

There are many scenarios in which email message encryption might be required, including the following:

  • A bank employee sending credit card statements to customers
  • An insurance company representative providing policy details to customers
  • A mortgage broker requesting financial information from a customer for a loan application

Office 365 Message Encryption is an online service that’s built on Microsoft Azure Rights Management (Azure RMS). With Azure RMS set up for an organization, administrators can enable message encryption by defining transport rules that determine the conditions for encryption. A rule can require the encryption of all messages addressed to a specific recipient, for example.

When a user sends an email message that matches an encryption rule, the message is sent out with an HTML attachment. The recipient opens the HTML attachment in the email message, recognizes a familiar brand if that’s present, and follows the embedded instructions to view the encrypted message on the Office 365 Message Encryption portal. The recipient can choose to view the message by signing in with a Microsoft account or a work account associated with Office 365, or by using a one-time passcode. All options help ensure that only the intended recipient can view the encrypted message.

Office 365 Message Encryption requires that you have an Exchange Online or Exchange Online Protection (EOP) subscription and that you’ve set up Azure Rights Management. Azure Rights Management is included with Office 365 Enterprise E3 and E4.  If you are licensed for one of these plans, you have access to Office 365 Message Encryption.

Jacob Eker, PEI

Leave a Reply