Thursday, April 18, 2024
Home » Technology » Encrypting Office 365 Email Messages Get Easy
Technology

Encrypting Office 365 Email Messages Get Easy

  author
Written By Nimisha Ramesh
Mack John
Approved By Mack John  
Published On February 17th, 2018
Reading Time 4 Minutes Reading

Message Encryption comes up with Office 365 Enterprise E3 and E4 plans. This feature is available in the Windows Azure Rights Management subscription that can be added to other packages for an extra payment. Email encryption Office 365 e3 e4 plan help the user to configure email encryption in Office 365. Encrypting Outlook email

What is it?

Office 365 Message Encryption is a service offered by Microsoft Azure Rights Management (Azure RMS). This Message Encryption defends and administers user’s sensitive emails. The message encryption service of Office 365 works with MS Outlook, Yahoo, Lotus Notes, Gmail, Exchange Server and other email services. Email message encryption encodes the information so that only intended recipients can decode and consume it.

How does it work?

The administrator can enable Office 365 Message Encryption via creating Exchange Transport Rules from Admin Centre. It determines all conditions under, which email messages were encrypted. Here is how email encryption secures messages:

  • While user sends any email via Exchange Online that matches an encryption mail flow rule and it becomes encrypted. This message transformed from a plain text to unreadable ciphertext by central server and enable email encryption Office 365
  • The email message stays in cipher code while transferring and it protects message from any unauthorized accessing
  • While end-users gets the encrypted or rights-protected mail before that Office 365 decodes the text again into a plain text format. It removes the encryption via two different ways:
    1. Recipient client use a key to decrypt message
    2. Central server decrypts the message after validating the identity of recipient

How it help users?

  • Protect Sensitive Emails: It reduces the risk of unintended disclosure by encrypting and rights-protecting emails that are sent both inside and outside of the organization.
  • Stay in control: Administers the sensitive information by flexible policies or ad hoc customer controls, which are built into Office 365.
  • Meet compliance needs: It manages the compliance via strong integration through data-loss prevention ability. Effortlessly navigate the encrypted messages with clean Office 365 interface to enable email encryption Office 365.

How to enable encryption in Office 365 messages?

The process of enabling Office 365 Message Encryption goes through three main steps:

  1. Activating Azure Rights Management
  2. Enabling Azure Rights Management for OWA
  3. Set transport rules to encrypt message in Office 365

Step 1: Activate Azure Rights Management to OWA Message Encryption

First, we will activate the Azure Rights Management for enabling message encryption in Office 365. Now, follow the mentioned steps carefully:

  1. Log in to your Microsoft Online Portal via a Global Admin Account
  2. Unlock the App Launcher (waffle)
  3. Opt for Admin
  4. Click on SERVICE SETTINGS >> Rights Management
  5. From RIGHTS MANAGEMENT wizard click on Manage
  6. Now, click on Activate from management page
  7. A new pop up will arise that asking to verify to active Rights Management. So, click on Activate button

Step 2: Setup Azure Rights Management for Exchange Online
Now, the next steps will be executed only after connecting with Exchange Online via PowerShell. Here are steps for the same:

  1. Unlock PowerShell as Administrator window
  2. Then, enter the subsequent commands for connecting and importing the session
  3. Confirm the configuration of IRM by the following command:
    Get-IRM Configuration
  4. Configure RMS by the online key-sharing location for Office 365 with PowerShell. The location is mentioned below:
    Set-IRM Configuration-RMSOnlinekeySharingLocation
  5. Import the Trusted Publishing Domain (TPD) by RMS Online
  6. Authenticate successful configuration of IRM in Exchange Online by executing following command:
    Test-IRMTrustedPublishingDomain -RMSOnline -name “RMS Online”
  7. Disable IRM templates from Exchange Online and Outlook
    set-IRMConfiguration-ClientAccessServerEnable $false
  8. Enable IRM for OWA Message Encryption
    set-IRMConfiguration -InternalLicensingEnable $true
  9. View the Configuration of IRM
    Get-IRMConfiguration

NOTE: You probably will not see that warning, but if it occurs then, it is safe to ignore it.

Step 3: Create Transport Rules for Encrypting Messages

  1. Open the Office 365 Admin Portal
  2. Then, open the Exchange Admin Center
  3. Click on Mail Flow
  4. Now, click on + icon and generate your transport rule to enable email encryption office 365
  5. This rule will encrypt anything that is sent externally via an attachment that is larger than 1MB

NOTE: This transport rule will encrypt the email if the ‘Encrypt’ word is in the subject line of email. From this, users can identify the sensitive emails and easily enable email encryption Office 365
Verify the rules are active and test them. For testing that the transport rule apply the Office 365 Message Encryption
Now, Testing Transport Rule 1

Testing Transport Rule 2

Finally, when the receiver gets the email, this is how it will display:

Conclusion

Office 365 has many options for protecting user’s information. Secure messaging is just a part of it. After configuring this feature user can open new data securing opportunities. Microsoft has encumbered Office 365 with various security features and this is the main differentiation point. Users can have safe data transferring after Encrypting Office 365 email messages.