Outlook email encryption ensures that any email you send with Microsoft’s email client is encrypted before it leaves your computer. In this guide, we’re going to detail how to encrypt email in Outlook, as well as why you may want to start using this feature whether it’s for business communications or personal use.
What is Outlook Email Encryption?
Encryption is the securing of information when either at rest or in transit to a destination. When you use Outlook to encrypt an email, you are instructing the app to encode the email contents (body, attachments) and only allow the recipient(s) of the email to view it if they have the correct decoding mechanism (authentication).
Email encryption ensures that only the intended audience (recipients) reads the message content of an email (from the sender). Think of it as using certified mail with snail mail. With encrypted email, we’re utilizing a sort of digital ID on both ends.
When you encrypt message contents, you essentially scramble the ‘plain text’ of what you type into indecipherable zeros and ones. When you send emails in clear text (not encrypted) and they are intercepted, a malicious individual can gain access to all the information in that email. However, if the email is encrypted, only those with the decryption key can access it.
Does Outlook Automatically Encrypt Emails?
No, Outlook does not automatically encrypt emails out of the box. You can configure the security settings in Outlook to encrypt all outbound emails, but this is not the default option in Microsoft’s email client.
How Do I Send an Encrypted Email?
There are several encryption options and methods you can use to encrypt an email in Microsoft Outlook. For a quick and easy method, if you’re using Outlook on the Web with a Microsoft 365 subscription, you can simply click the Encrypt button in the new email window to send an encrypted email.
Encryption button: Click the ‘Encrypt’ button to send an encrypted email in Outlook on the Web
Benefits of Encrypting Emails
Let’s highlight here the most beneficial reasons to encrypt emails: privacy, security, and compliance in a corporate environment. There are also some more benefits related to cost efficiency, and authentication, among others.
Privacy and security: Obviously, when you send an email, you’re intending for only the recipients to see it. Each day, companies worldwide use email to communicate both internally and externally, often sending valuable and sensitive data, so there are many advantages to having email security. Cybersecurity is a top priority for all businesses in today’s world where email systems are among the most common attack vectors that cybercriminals take advantage of.
Compliance in a corporate environment: Businesses that handle sensitive information or are required to meet regulatory requirements can keep emails secure by encrypting them, ensuring they’re only read by the intended recipients. Organizations must abide by certain guidelines to stay compliant and to pass security audits, like HIPAA, CJIS, and CFPB, which require encryption. Others, like GDPR, strongly encourage it.
3 Ways to Encrypt Emails in Outlook
There are three main methods you can use in Outlook to encrypt the email you send. I will go through all the how-to steps here. Please note that some of the steps/verbiage will vary depending on the version of Outlook you’re running and the type of email account you’re using (Microsoft Exchange account, Office 365 account, Outlook.com, or other consumer email services).
S/MIME Encryption
S/MIME (Secure/Multipurpose Internet Mail Extensions) is an email encryption and signing industry standard supported by Outlook and other email clients. The encryption part is done by the sender using the public keys, and the decryption part is done by the recipient using his/her private key to read the email in plain text.
Setup
Before you start this procedure, you need to add a certificate to the keychain on your computer that you will obtain from your IT administrator or helpdesk. Once you have your signing certificate set up on your computer, you’ll need to configure it in Outlook.
Sending an Encrypted Email Message
- On the File menu, select Options -> Trust Center -> Trust Center Settings.
- On the left side, select Email Security.
- Under Encrypted email, choose Settings.
- Under Certificates and Algorithms, click Choose and select the S/MIME certificate.
- Choose OK.
- Finish writing your email and click the Send button.
Receiving/Reading an Encrypted Email
When you receive an encrypted email, the experience will vary. When using S/MIME, you must make sure you have installed a copy of your digital encryption keys on the machine you will be using.
Microsoft 365 Message Encryption
Microsoft 365 Message Encryption utilizes Microsoft’s Rights Management System for the encryption engine and processes. This feature is part of the Office 365 Enterprise E3 license, so make sure you check with your Microsoft Licensing status to determine if your users have access to this and it is enabled for the users looking to benefit from this feature.
Setup
Microsoft 365 Message Encryption is part of the Office 365 Enterprise E3 license. Additionally, the Encrypt-Only feature (the option under the Encrypt button) is only enabled for subscribers (Microsoft 365 Apps for enterprise users) that also use Exchange Online. Don’t worry, details are coming… 🙂
Sending an Encrypted Email
- In the Outlook desktop app, start a new email message, choose Options, select Encrypt, and pick the encryption that has the restrictions you want to enforce, such as Encrypt-Only or Do Not Forward.
- In Outlook on the Web, start a new email message, click the Encrypt button, and optionally click Change permissions to choose another method of restrictions for the email.
Receiving/Reading an Encrypted Email
Depending on what mail application you’re using, a message that is encrypted by Microsoft 365 Message Encryption is delivered to a recipient’s inbox just like any other email message. If the recipient has Outlook 2013, 2016, or 2019 and a Microsoft 365 email account, they’ll see an alert about the item’s restricted permissions in the Reading pane. This also works with Outlook for iOS, Outlook for Android, and Outlook on the Web. After opening the message, the recipient can view the message just like any other.
Free Email Encryption Add-ins
There are free email encryption add-ins available for Outlook. However, you must read the license terms. Many, if not all of them, will state that the usage of the said add-in is “free for non-profit and personal use.” Here are a few examples of add-ins available:
- Encryptomatic OpenPGP
- Trend Micro Email Encryption
- Encyro Addin
The steps of course vary using these different plug-ins, but here are the basic steps you go through.
Initial Setup
First, download and install the plug-in while Outlook is closed. After the setup is complete, open Outlook.
Sending an Encrypted Email
Click New Email in Outlook to send a new email. You will likely see a new toolbar button to Encrypt the email. Be sure to visit the documentation from the vendor to get more details. You may need to click a ‘Secure Send’ button rather than ‘Send.’
Receiving an Encrypted Email
This, again, will vary based on what plug-in was used. Recipients will receive the email and the subject line should be visible. If they click on it, they won’t see the ‘body’ of the email. They will be instructed to click on a link to successfully access the body and any attachments in the email. More sophisticated plug-ins might take you to a secure website, but, that may be asking a lot from a ‘free service.’
Outlook Email Encryption Costs
The costs associated with being able to send email encrypted using Outlook varies. If your organization has enough licenses, you can assign them to the users that would benefit most from this feature. Obviously, if it is within your budget, every user who sends emails (especially externally) should at least have this feature available. Of course, you can also set all your users in your organization to automatically send all outgoing messages in encrypted form.
How to Encrypt an Email in Outlook for Free
There are free email encryption add-ins available for Outlook. However, you must read the license terms. Many, if not all of them, will state that the usage of the said add-in is “free for non-profit and personal use.” Here are a few examples of add-ins available:
- Encryptomatic OpenPGP
- Trend Micro Email Encryption
- Encyro Addin
The steps of course vary using these different plug-ins, but here are the basic steps you go through.
Initial Setup
First, download and install the plug-in while Outlook is closed. After the setup is complete, open Outlook.
Sending an Encrypted Email
Click New Email in Outlook to send a new email. You will likely see a new toolbar button to Encrypt the email. Be sure to visit the documentation from the vendor to get more details. You may need to click a ‘Secure Send’ button rather than ‘Send.’
Receiving an Encrypted Email
This, again, will vary based on what plug-in was used. Recipients will receive the email and the subject line should be visible. If they click on it, they won’t see the ‘body’ of the email. They will be instructed to click on a link to successfully access the body and any attachments in the email. More sophisticated plug-ins might take you to a secure website, but, that may be asking a lot from a ‘free service.’