Add encryption to your Office 365 emails

Asset 10

How to encrypt email in Office 365

Posted on 29 January 2018 by Beaming Support

Why would anyone want to read my emails?

Businesses send all kinds of important information via email. Be it throwing ideas back and forth for a new creative project, confidential recruitment details or a conversation about budgets, we all share information we would prefer not to be made public. Facts gleaned from emails could be used to gain access to accounts, target the business (and/or others that you work with) in engineering a spoof attack, or could be used by competitors to gain an advantage over you.

This is where encryption comes in. Put simply, an encrypted email is scrambled before it travels across the internet, with only the intended recipient having the key to unscramble the information.

Office 365 offers the ability to encrypt emails before they are sent, matching a number of different criteria. We’ve put together a step-by-step guide to encrypting email using Office 365.

Before you start

You’ll need to have the ‘Azure Information Protection Plan’ to be able to encrypt emails. Once you have purchased this you can use the guide below to assist you in setting the encryption up.

How to encrypt email

1. To get to the encryption rules, you need to log in to Office 365, choose Admin Centres at the bottom of the left column and then select mail flow.

2. From the rules tab, click the + to create a new rule.

3. Click the More options button at the bottom of the page so we can see all available options.

4.Give the rule a name, ‘Encryption’ for example.

Now we will set the rules as to which emails will be encrypted.

5. Choose the Apply this rule if drop down. You will have many rules to choose from and we will give some examples below.

The recipient is located: Inside / Outside the organisation is one of the most used options.  Most companies don’t encrypt internal emails, so ‘Outside the organisation’ is the common choice.

The sender / recipient is a member of: Here you can set specific groups to send or receive encrypted emails. For example, you could include the financial department, whilst leaving the marketing team.

Apply to all messages: This one is self explanatory and is one of the more commonly used options.

6. After choosing your rules, you then need to specify that email should be encrypted. To do this, select the ‘Do the following’ drop down. Go to Modify the message security, then Apply Office 365 Message Encryption.

You can set up some exceptions to the above rules by doing the following.

7. Select Add exception under ‘Except if’.  Again, here are some examples of exceptions you may want to make:

 The subject or body : includes / matches either words or patterns. If you often send a blank document to clients called ‘Application template’, for example, you could add The subject or body -> subject includes any of these words, then add template and click the +. Emails including the word ‘template’ would not then be encrypted.

Any attachment : This has a number of options, so for example you could not encrypt an attachment if the file is an mp3 or jpg image using this method. Any attachment -> file extension included these words and then add the attachment types .mp3 / .jpg.

There are other options for setting dates when the rule should apply, to defer the message if it doesn’t complete the rule or to add comments. You will need to decide if any of these options need changing.

8.Once you are happy with the rule, send a few test emails to make sure your rules are being adhered to and make changes as necessary. Also ask your users to run through the process to make sure that they are familiar with the process of sending and receiving encrypted emails.

A cyber attack could cost you your business

A cyber attack is a business owner’s worst nightmare

We track emerging cyber security threats and publish our findings in our quarterly cyber threat report, along with expert advice on protecting your business.
  • This field is for validation purposes and should be left unchanged.

Clients we’ve supported

Customers share the results they’ve achieved with the help of Beaming’s ultra secure connectivity and data security advice.

50% of British businesses have no documented cyber security policy.

Our Business Guide to Cyber Security will help you get started on yours by identifying the threats you’re most likely to face and the best ways to mitigate them.

  • This field is for validation purposes and should be left unchanged.