Microsoft Outlook offers several options for encrypting emails to protect sensitive information. Encryption scrambles the contents of messages so they can only be read by intended recipients. Let’s explore the main encryption methods available in Outlook and how to use them.
S/MIME Encryption
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a widely-used protocol for sending digitally signed and encrypted messages. To use S/MIME in Outlook:
Step 1: Obtain an S/MIME certificate from your organization’s IT department or a certificate authority.
Step 2: Install the S/MIME certificate on your computer.
Step 3: In Outlook, go to File > Options > Trust Center > Trust Center Settings.
Step 4: Click Email Security and check the box for “Add digital signature to outgoing messages”.
Step 5: To encrypt a single message, click Options > Encrypt when composing an email.
S/MIME requires both the sender and recipient to have certificates installed. While very secure, this can limit its practicality for communicating with external contacts.
Microsoft Purview Message Encryption
Microsoft Purview Message Encryption (formerly Office 365 Message Encryption) works with Outlook and other email clients. It’s included with Microsoft 365 Enterprise plans.
To encrypt a message with Purview:
Step 1: Compose a new email in Outlook.
Step 2: Click Options > Encrypt > Encrypt.
Step 3: Choose encryption options like “Do Not Forward”.
Step 4: Send the message.
Recipients can read encrypted messages directly in Outlook or through a web portal. This method is more flexible than S/MIME for sending encrypted emails to external recipients.
Information Rights Management (IRM)
IRM allows you to control how recipients can use your email after they receive it. To use IRM:
Step 1: Enable IRM in your Microsoft 365 admin center.
Step 2: When composing an email, go to Options > Permission.
Step 3: Choose restrictions like “Do Not Forward” or “Confidential”.
Step 4: Send the message.
IRM integrates with Azure Information Protection for advanced controls over how recipients can interact with your emails and attachments.
Transport Layer Security (TLS)
TLS encryption happens automatically between email servers that support it. While not end-to-end encryption, TLS protects emails in transit. Outlook uses TLS by default when available.
To check if TLS was used for a received message:
Step 1: Open the email.
Step 2: Click File > Properties.
Step 3: Look for “TLS” in the Internet Headers section.
When deciding which encryption method to use, consider:
- The sensitivity of your information
- Whether recipients are internal or external
- Your organization’s compliance requirements
- Ease of use for both senders and recipients
For most users, Microsoft Purview Message Encryption offers a good balance of security and usability. However, highly regulated industries may require the stronger protections of S/MIME or IRM.
Remember that encryption protects the contents of your emails, but not metadata like subject lines or recipient addresses. Always use caution when sending sensitive information via email, even with encryption enabled.
Encrypting your Outlook emails adds an essential layer of protection for confidential communications. By understanding the available options, you can choose the right method to keep your messages secure while maintaining efficient workflows.