1. Key Components
Licensing
- Azure Information Protection Add-On
- E3 or greater
- EMS+E3 or greater
- Office 365 G3 and G5
- Microsoft E3 and E5
- Office 365 A1, A3, and A5
- Yahoo
- AOL
- Hosted Exchange
Admin Rights
- Set up transport rules that define the conditions for encryption
- When a user sends a message that matches a rule, encryption is applied automatically.
- One-time passcode
- Sign in with a Microsoft/Google/Yahoo account
- Sign in with a work or school account associated with Office 365
Recipients can also send encrypted replies without an Office 365 Subscription
Data At Rest
- Refers to data that isn’t actively in transit
- In Office 365, email data at rest is encrypted using BitLocker Drive Encryption
- BitLocker encrypts the hard drives in Office 365 datacenters to provide enhanced protection against unauthorized access
2. Activation
Admin Center
- After you have the proper licensing, Login to Office.com
- Click on the Admin Tile
Settings
Go to Settings>Services & Add-Ons
Find Azure Information Protection
Manage Settings
- Click Manage Microsoft Azure Information Protection Settings
Activate
- Click Activate
3. Set Up Transport Rules
Admin Center
- After you have the proper licensing, Login to Office.com
- Click on the Admin Tile
Go to the Exchange Admin Center
Go to Admin Centers>Exchange
Add A New Mail Flow Rule
- Click MailFlow>Rules
- Click on the + Icon
- Click Apply Office 365 Message Encryption
Create a New Policy to Auto-Apply Encryption
- The fields get very granular for your if then statements
- Apply polices based on senders, recipients, sensitive information, subject line, etc
4. Send and View Encrypted Messages Office 365
Outlook on the Web
- After you draft a new message in OWA you can click on the protect button at the top of the page
- You will then be able to select “Change Permissions”
Outlook on the Web
- After you draft a new message in OWA you can click on the protect button at the top of the page
- You will then be able to select “Change Permissions”
Go to the Exchange Admin Center
From there you can choose to encrpt the message
Viewing Messages
- Encrypted Messages can only be viewed in OWA, Outlook for iOS, and Outlook for Android unless you are a member of the Office Insider program
- The message will contain a lock icon and not have any preview funcitonality
- Once the message is opened, it can be read just like any other message
Create a New Policy to Auto-Apply Encryption
- The fields get very granular for your if then statements
- Apply polices based on senders, recipients, sensitive information, subject line, etc
4. Send and View Encrypted Messages Office 365
Outlook on the Web
- After you draft a new message in OWA you can click on the protect button at the top of the page
- You will then be able to select “Change Permissions”
Outlook on the Web
- After you draft a new message in OWA you can click on the protect button at the top of the page
- You will then be able to select “Change Permissions”
Go to the Exchange Admin Center
From there you can choose to encrpt the message
Viewing Messages
- Encrypted Messages can only be viewed in OWA, Outlook for iOS, and Outlook for Android unless you are a member of the Office Insider program
- The message will contain a lock icon and not have any preview funcitonality
- Once the message is opened, it can be read just like any other message
5. View Encrpted Message from outside 365
Non-365 Accont
- You will receive a message in your inbox like the following if you are on Google, Yahoo, etc
Select your Option
- Sign in to view the message
- Get One Time Passcode
Get One Time Code
- Check your email for the single-use code and copy it.
- Enter the code in your browser, then select Continue to read your message.
- Code Expires in 15 Min
