Contact us

Send Encrypted Office365 Emails Based on Email Data

In this blog post, we will talk about enabling conditional encryption on Office365 Email flowing inside and going outside your organization.

Office 365 Message Encryption is an online service which is built on Microsoft Azure Rights Management (Azure RMS) offering. That being said, you will need to have an Azure Rights Management Subscription (now called Azure Information Protection) to use this service.

Enabling encryption on emails requires the receiver to do a couple of extra tasks to view the message, so it becomes very crucial that the message containing confidential information only should get encrypted, or send should have the ability to define whether the email they’re sending needs to be encrypted or not. While Office365 includes advanced DLP Policies for protecting sensitive information, we can also have simple transport rules in exchange online to look for specific keywords in email subject or body and perform encryption accordingly.

For example, sender’s can be trained to include some specific word like “encrypt” in email subject/body if they want to send this email as encrypted. Other scenarios could be to look for keywords like SSN Number, DOB, Credit Card Number etc. which can be configured to enable conditional email encryption.

So here is what happens when a user sends email: –

  • User sends email
  • Exchange Online (Office365) filters the e-mails and look for admin defined rules to decide whether this rule needs to be enabled or not.
  • If rule matches with email, Office365 encrypts the message and send out for delivery
  • Recipient receives the message with an HTML attachment, message body including that this message is encrypted.
  • Recipient will need open the attachment in a browser, which opens up the message viewing portal.
  • Now, they’ll need to verify their authenticity by signing in using Microsoft account(created with the same email), or using a One-time passcode. If the user does not have a Microsoft account, they can create one during this time. In case of one-time passcode method, the recipient would receive another email with OTP which can be entered to view the message.
  • Once recipient verifies authenticity using any of this method, e-mail gets decrypted and becomes visible. Users can reply to the email with encryption using this portal reply button.

How to configure?

  • Ensure that you have required Azure Information Protection Subscription and users are assigned and enabled with the Azure Information Protection. Azure IPM is also included in EMS and Secure Productive Enterprise licenses.
  • Activate Azure Rights Management in Office365. Check this for step by step instructions.
  • Setup Azure Rights Management for Office365 Message Encryption. Check this for step by step instructions. This requires use of MS Online PowerShell.
  • Finally, create Exchange Online Transport Rule for enabling the conditional encryption. Detailed Options and Step by step instructions are available here. Following Screenshot includes a transport rule configuration which enables encryption for emails going outside the organization and includes any of pre-defined keywords (encrypt, SSN, DOB, Credit Card) in email subject or mail body.

 

  • You can also have more intelligent rule using “The message contains any of these type of sensitive information type” condition and add sensitive information types you want to protect such as US Driver License Number, US SSN No, Passport No etc.

That’s all it takes to enable conditional encryption on Office365 Emails. Feel free to reach us at info@spektrasystems.com in case of questions, or support related to Office365.

More To Explore








    "CloudLabs has been our go to platform for any hand-on lab experiences when it comes to customer and partner technical trainings and workshops. It eliminates the time and complexity involved in setting up labs and enables smooth experience for our all participants and trainers. The support from the CloudLabs team has been great with rapid response and support which has led to many successful workshops and trainings."

    Håkan Forsberg

    Cloud Solution Architect, Microsoft

    "We are incredibly pleased with our experience using CloudLabs by Spektra Systems. Their responsiveness and support have been nothing short of outstanding. They have demonstrated remarkable flexibility in accommodating our unique processes and challenges, resulting in a seamless and highly productive collaboration. Thanks to CloudLabs, we have successfully delivered Azure-related courses to a substantial number of students in various programs. Our collective satisfaction with their services has been beyond measure, and we look forward to continuing this fruitful partnership to further grow in the cloud industry in the future."

    David Trinh

    Academic Program Manager, Seneca Polytechnic

    "Our company is working with CloudLabs for three years. The service allowed us to train our teams and partners over different products and cloud platforms, by provisioning timely based labs with the smoothed student experience."

    Tal Ein-Habar

    Cloud Security Expert, Check Point

    "SaaSify supported Willow in making our WillowTwin solution commercially transactable in Azure Marketplace. We found the team extremely responsive and supportive, ensuring actions were followed up and commitments were met on time."

    Scott Smith

    Global Head of Microsoft Partnerships, Willow

    "Seamless Microsoft Cloud experience: We evaluated four other CSP portals before we found Spektra Systems. Working with their team we were able to be up and running in days, not months. They are always fast to respond to our queries and help us offer a seamless Microsoft Cloud experience to our clients."

    Charlie Ramirez

    Managing Partner, Team Venti

    "I am writing to thank SaaSify team the quality of service provided by your company. We sincerely appreciate your efficient, gracious customer service, the level of detail and accountability you have demonstrated on each project, and the way you conduct business as a whole. We have and will continue to, recommend your services to other companies and contacts."

    Tiwari

    Global Strategic Alliances & Partnerships, Squadcast Inc.