In: General, Microsoft 365

Encryption protects sensitive data against any hacking and is a way of scrambling the data. It is important for both individuals and companies to encrypt their sensitive information such as websites, portals and credit cards to prevent identity theft and fraud.

Internet Security (IS) professionals break down encryption into three distinct methods: symmetric, asymmetric, and hashing. Each file on the machine is encrypted, and the encryption keys are stored and protected by the user’s password. If an attacker doesn’t have access to this password, then they can’t read any useful data off the stolen device.

There are multiple methods that Microsoft uses to encrypt data. Microsoft encrypts data at rest and on transit. Encryption at rest prevents the attacker from accessing the unencrypted data by ensuring the data is encrypted when on disk. Microsoft uses several strong encryption protocols, and technologies such as Transport Layer Security/Secure Sockets Layer (TLS/SSL), Internet Protocol Security (IPSec), and Advanced Encryption Standard (AES). Here are some of the Encryption Technologies Microsoft provides:

  • Microsoft Purview Information Protection: Label configuration for sensitivity labels
  • Email encryptions
  • Baseline, volume-level encryption through BitLocker
  • Encryption for Teams: Teams uses TLS and MTLS to encrypt instant messages

In this blog, we will be focusing on email encryption.

Email Encryption

Email encryption is used to protect an email message’s privacy. Encrypting an email message in Outlook means it’s converted from readable plain text into scrambled cipher text. Only the recipient with the private key that matches the public key used to encrypt the message can decipher the message for reading.

There are many benefits to encrypting an email: privacy, security, Avoid Identity Theft, email security for compliance, cost efficiency, and authentication, among others.

There is a difference between encrypted email and secure email.

A secure email solution works only while data is stored in an account, but when an email is sent it is unprotected. While email encryption secures the message and its attachment.

Outlook emails are not encrypted by default, but you can configure the security settings in Outlook to encrypt all outbound emails.

One of the ways to protect sensitive information is Office 365 Message Encryption (OME) that enables you to send and receive encrypted email messages. OME works with Outlook, Outlook Mobile,, Gmail, Yahoo, and other email providers.

How to encrypt an email in Microsoft 365

Method 1:

In Outlook 365, click File \Properties\ Trust Centre. Click Email Security, and then select the Encrypt message contents and attachments check box. Sent emails will be encrypted now.

Method 2:

In composing new message, select Options\ Encrypt\ Set Permissions on this item:

Choose the option you need, compose, and send your email. As you see there are 3 different permission levels.

 1. Unrestricted Access

2. Encrypt-Only (message is encrypted, recipients can read the message and can forward, print, or copy the content)

3. Do Not Forward (message is encrypted, recipients can read the message, but cannot forward, print, or copy the content)

Would you like to learn more about our services? Email [email protected]  or call 289-803-9730. We would be happy to share more details about our self-service or fully managed eDiscovery services!