Overview – Email Encryption

The new Microsoft 365 Message Encryption capabilities make it easier to share protected emails with anyone inside or outside your organisation.


Features & Benefits

This feature allows you to protect sensitive email and attachments sent via the Microsoft 365 email platform.

  • Help reduce the risk of unintended disclosure by encrypting and rights-protecting email messages sent both inside and outside your organization.
  • New! Send encrypted and rights protected messages to people inside and outside your organization (including users of Office 365, non-Office 365 email applications, and web-based email services such as Gmail.com and Outlook.com) with Do Not Forward or custom Rights Management Services templates to enable B2B and B2C scenarios.
  • Send encrypted email messages to anyone, regardless of their email address.
  • Provide strong, automated encryption with a cost-effective infrastructure.
  • Eliminate the need for certificates and use a recipient’s email address as the public key.
  • Communicate through a Transport Layer Security-enabled network to further enhance message security.
  • Enhance the security of email responses by encrypting each message in the thread.

Minimum Requirements

  • Active Microsoft 365 E3 / E5 User Licence
  • Outlook Web / Outlook Desktop

Please Note: If you are an email services customer of Hixon Group you may already meet these requirements)


Send an encrypted email

Using Microsoft 365 you can send encrypted email messages to anyone, regardless of their email address. This guide will show you how to send an encrypted email using both the Outlook desktop application and Outlook web access.

Please Note: Email encryption is not yet available for Outlook Mobile on iOS or Android using this method.


Outlook Desktop Client

How to send an encrypted email using the Outlook desktop application:

  1. Click “New Message
  2. Select “Options
  3. Click the arrow below “Encrypt” and select the encryption type that meets your requirements.
  4. Add a recipient and email content including attachments.
  5. Press “Send
Outlook - Encrypt Email
Image: Outlook Desktop – How to select the encryption type based on your requirements.

Outlook Web Access

How to send an encrypted email using the Outlook web application:

The Microsoft 365, Outlook app now includes encryption features that let you share your confidential and personal information while ensuring that your email message stays encrypted and doesn’t leave Microsoft 365. This is useful when you don’t trust the recipient’s email provider to be secure.

Image: Outlook Web – How to select the encryption type based on your requirements.

The encryption options are available in the ribbon when you’re composing a message.


View an Encrypted Email

Using Microsoft 365 you can view encrypted email messages from anyone, regardless of their email address. This guide will show you how to view an encrypted email sent via Microsoft 365 using the Outlook desktop application, Outlook web access and 3rd party email software.


Outlook Web Access

If you’re a Microsoft 365 user and using the Outlook web app, the Outlook mobile app, or the Mail app in Windows 10, you can read and reply to encrypted messages the same way you do with unencrypted messages.


Outlook Desktop Client

If you’re using Outlook for Windows, Outlook for Mac, or a third-party email app, you’ll receive an email message with instructions for how to read the encrypted message. You can gain access using your Microsoft 365 work account.


Third Party Applications

Users of other email providers (Gmail, Yahoo, POP / SMTP) will receive an email message with instructions for how to read the encrypted message. If the encrypted message was sent to a Google or Yahoo Mail account, you can authenticate using your Google or Yahoo account or by using a temporary passcode. If the message was sent to a different account (Comcast or AOL, for example) you can use a temporary passcode. The temporary passcode will be sent to you in email.

Image: Encrypted email notification, Email sent from Microsoft 365 in encrypted format.

Additional Notes


Email Attachments

All attachments are encrypted when sending messages via this method. Recipients who access the encrypted email via the Office Message Encryption portal can view attachments in the browser.

Attachments behave differently after they’re downloaded depending on the encryption option used:

If you choose the Encrypt option, recipients with Outlook.com and Microsoft 365 accounts can download attachments without encryption from Outlook.com, the Outlook mobile app, or the Mail app in Windows 10. Other email accounts using a different email client can use a temporary passcode to download the attachments from the Microsoft 365 Message Encryption portal.

If you choose the Encrypt and Prevent Forwarding option, there are two possibilities:

  • Microsoft Office attachments such as Word, Excel or PowerPoint files remain encrypted even after they’re downloaded. This means that if the recipient downloads the attachment and sends it to someone else, the person they forwarded it to won’t be able to open the attachment because they don’t have permission to open it.

    Note that if the recipient of the file is using an Outlook.com account, they can open encrypted Office attachments on the Office apps for Windows. If the recipient of the file is using an Microsoft 365 account, they can open the file in Office apps across platforms.
  • All other attachments, such as PDF files or image files, can be downloaded without encryption.

Outlook Mobile (Android / iOS)

Currently (June 2020) you are unable to send an encrypted email using either the iOS or Android mobile application, However users of the outlook mobile applications can receive encrypted emails sent via the Microsoft 365 platform.

We hope the send encrypted email feature is added to the mobile application soon and look forward to an announcement from Microsoft development team in the future.