As technology progresses, security challenges arise. More and more hackers are trying to gain access to our confidential data. Compromised sensitive data can carry a lot of risks, especially for large companies where leaked data means financial losses and destroyed reputations.
Most email providers provide some sort of encryption method to protect the platform and its users. Microsoft Office and Office 365 offer built-in email encryption, and there are third-party platforms that you can use with Outlook for encryption.
This article discusses how encryption works, how to encrypt email in Outlook, and how it can benefit you and your business.
What Does Encrypting an Email Do?
In email encryption, your email and its contents are secured from unwanted people who might try to gain access to them. The email contents are converted and concealed behind code to be accessible only to the intended recipient. Even if an outside party gains access to the content, it will be useless to them as it will only be scrambled code.
A user has a public and a private key. As the name suggests, the public key can be made public, so anyone who wants to send you an email can use your public key to do so. Only using the private key by the recipient makes the content of the email readable again, which means that the email is kept secure during transportation.
Public and private keys are usually in the form of digital code. The public key is used to encrypt the email and can be accessed by anyone. However, the user keeps the private key only as it’s the one used to decrypt the message.
How Can Outlook Message Encryption Benefit You?
Here are a few ways in which Outlook encryption can be beneficial to you:
1. Prevents Risks
If you don’t encrypt your emails, hackers can access them more easily. This can include legal and business documents or even private information. This is particularly harmfulness if you send a lot of compromisable data over email.
There are always external and internal threats to your data, and leaked information can harm your business finances or reputation. Encrypting emails can help avoid a lot of these risks.
You could also save yourself from unwanted guests, like if you were to share your calendar with others across an unencrypted work channel.
2. Provides Authenticity
Spam email and phishing can cause a lot of frustration, this is one reason you may want to encrypt messages in Outlook. Encrypted emails ensure the emails you send are authentic when received.
This can provide instant verification through digitally signed emails, so you know the contents of the email are untampered.
3. Improved Efficiency
It is easier to communicate when all the emails you send use a unified encryption method. It eases a lot of the responsibility as team members can quickly type and send their emails without too much thought.
A unified encryption system ensures your team members won’t have to go through the multi-step process of attaching then encrypting their files before sending them. This also makes the system much more cost-efficient.
How to Encrypt Email in Outlook
There are multiple ways in which you can encrypt an email in Outlook. Some options are built-in to Outlook, while others are third-party options. Here are the most common types of encryption for Outlook:
Certificate-based encryption (S/MIME) – This method requires the recipient and the sender to install certificates to encrypt and decrypt the emails. These can be harder to set up but provide more secure encryption if you send many encrypted emails.
- Microsoft Office 356 Encryption – office 365 email encryption is part of the larger subscription and the easiest to set up among the encryption methods. This method allows you to send encrypted emails to most email services.
- Outlook Add-ons – If you don’t want the Office 365 subscription, you can use third-party paid or free add ons to send an encrypted email.
Adding a Digital Certificate to Encrypt Email in Outlook
Before you can start using S/MIME encryption in Outlook, you need to have a certificate on your PC. You will need to generate a Digital ID on your Outlook client. To do this, follow these steps:
Step 1: In your main screen in Outlook, click on File at the top bar of the screen. This will open the main screen in your Outlook client.
Step 2: Click on Options at the bottom left of the screen. This will open the Outlook Options window.
Step 3: In the Outlook Options window:
- Click on Trust Center in the left sidebar
- Click on Trust Center Settings under the Microsoft Outlook Trust Center tab.
- Click on Email Security and head to the Encrypted email section.
- Click on Settings. This will open another window.
Step 5: In the window that opens, click on Get Digital ID. This will allow you to set up your Digital ID. You just have to follow the steps on Microsoft’s official website.
Step 6: Once you have your digital Signature, you can import it into Microsoft Outlook. Follow the steps mentioned above and head over to the Outlook Trust Center. There, under Digital IDs (Certificates), click on the Import/Export button.
Step 7: This will open a new window that will allow you to export or import a Digital ID. In this case, we need to import one. Load up your Digital ID file by clicking on Browse and selecting it on your computer. Enter the password in the text box below and click on OK.
Sending an Encrypted Message in Outlook Using S/MIME
Now that you have a Digital certificate on your computer, you can encrypt your email by following these steps:
Step 1: First, you need to compose an email. To do this, click on New Email. This will open a new window that will allow you to write your email.
Step 2: In this window:
- Click on Options in the top bar
- Click on Encrypt.
You will get 4 options to set permission to this item: encrypt only, Do not forward, Confidential and privacy. If you don’t want the receiver to be able to forward the email then select Do not forward.
The confidential option is more of a suggestion to the receiver than an encryption. It places a banner that states “Please treat as confidential”
Step 3: Write your email like you usually would. Once you’ve written it, click Send.
If the recipient uses Outlook, they will receive the email with the subject alongside a lock icon. Once they double click on the email, Outlook will verify the recipient, and it will open just like a normal email.
If the email comes with an encrypted Microsoft file, for example, a word file, and opens it in Microsoft word, you will get a prompt requesting you to sign in to access the file or request permission. This makes it so that the recipient can’t forward the file.
If the user uses another email service, the recipient will only see the subject with a button to read the message when they receive an email. When the user clicks on the Read the message button on the email screen, the link will take them to the Outlook online client, where they will need to verify the account.
Depending on the recipient’s service, a one-time code can be sent to them. You can do this on most major email service providers like Gmail and Yahoo ID. After verifying the account, they will read the email and view its attachments using the Outlook environment. They can then reply back or forward the encrypted email depending on the options chosen by the sender.
How to Remove Encryption from Send Emails
To remove the encryption, go back to Trust Center, Encrypt email and uncheck Encrypt contents and attachments for outgoing messages check box then click OK.
However, it is not possible to remove encryption from an email that has already been sent, unless you try to recall the email on Outlook. You can also use email revocation with Microsoft Purview Advanced Message Encryption which is part of the Microsoft 365 plans. Then the sender or administrator can revoke encrypted emails that are link-based rather than native ones.
How to Send Secure Email in Outlook With Office 365 Encrypted Email
Although the process to encrypt an email is similar to the one in other Office versions, Office 365 streamlines a lot of this. Office Message Encryption or OME enables you to send encrypted emails to recipients.
The benefit here is that you won’t have to go through the arduous process of installing a certificate to open or encrypt an email. Similar to other Office versions, when an email is encrypted in Office 365, the recipient receives the email with only the subject shown.
Depending on the client the recipient uses, either they can open the email, or they have to verify their account and use Outlook’s online web client to view the email. The recipient doesn’t need an Outlook or Outlook 365 account to view the email.
To use Office Message Encryption in your Outlook client, you will need to have one of these Office 365 plans:
- Microsoft 365 Personal
- Microsoft 365 Family
- Office 365 Enterprise (E3 or E5)
- Microsoft 365 Enterprise (E3 or E5)
- Microsfot 365 Business Premium
- Office 365 (A1, A3, or A5)
Encrypting Email in Outlook 365
For the most part, the process required to send an encrypted email in Outlook is similar to the one used in other Outlook clients, albeit there are a few visual changes. Here are the steps you need to follow to send an email in Outlook 365:
Step 1: Click on the New message button in the top left part of the screen. This will open a compose new email screen.
Step 2: Here, click on Encrypt in the toolbar. Here you can change the settings. If you don’t want your email to be forwarded, click on Change Permissions.
Step 3: Click on Send when you finish writing your email.
If you’re unable to see the Encrypt button in the toolbar, then it’s most likely because you haven’t added it into the toolbar yet. To do this:
- Click on the gear icon in the top right and click on All Outlook Settings. This will open a smaller window containing all the settings.
- Click on Mail in the sidebar and Customise actions in the smaller sidebar.
- Click and enable Encrypt in the Toolbar section.
Related Reading: How to Change Signature in Outlook [Desktop and Mobile]
How to Send Encrypted Email in Outlook Using Using Paid Certificates
You can also choose to encrypt an email using certificates. They have the advantage of allowing recipients to open the email normally without going through the Outlook web client. However, there is a considerable downside to this as well. It requires the recipient to have their own certificate too.
The initial setup process can be challenging as both the sender and the recipient need to buy their certificate. Certificates can cost anywhere between $20 to $250 per year. It depends on the requirements and the features you wish to have.
Then you will need to add the certificate in your Outlook and send and receive a signed email from your recipient.
When you send the signed email, you receive their public key, and they receive yours when they send you the email. These keys are then decrypted and verified on your computer, allowing you to send encrypted emails to each other.
If you wish to read and send an encrypted email through your phone, you will need to install the certificates on your mobile device too.
Certificates are extremely secure, but they aren’t the most user-friendly option out there. In a nutshell, they allow you to receive and send encrypted emails but require your recipient to have the certificate installed as well.
Email Encryption Using a Third-Party Addon
If you don’t have an Office 365 subscription, you can also use a third-party add-on in Outlook. These add-ons work essentially the same way as the Office Message Encryption (OME) service, the only difference being that the email is always sent directly to their online mailbox.
There are add-ons like Encryo that you can install for free and allow you to send encrypted messages to any emails. You can use their website portal or the Outlook add-on to write and send encrypted emails.
The installation is extremely straightforward as the sender only needs to have an account on Encryo for them to be able to send an encrypted email. The recipient receives the mail with a link to the secure message.
The link to open the mail is only valid for a few days, enhancing security. However, you can set up your email so that the recipient can create an account on the website before accessing the email. An advantage this has over Outlook built-in encryption is that the recipient won’t have to go through long annoying steps to access the email.
Related Reading: How to Add a Signature in Outlook
How to Create Mail Flow Rules to Encrypt Email Messages.
Mail flow rules allow an administrator to manage how to protect the emails they send and receive. They usually have four components: conditions, actions, exceptions, and properties. Conditions set criteria that the emails need to meet. They filter emails on different bases such as to, from, subject, email size, email signature, and many more. You can set multiple conditions.
Actions define what will be done to the emails that meet the conditions like redirecting, deleting, forwarding, and more.
Exceptions are similar to conditions, except it sets criteria for which emails to not be included for action. The filters are also the same as those for conditions
Properties define added rules to be applied to the emails that have made the for example priority, activation date, Enabled, and more
Using the mail flow rules, an administrator can encrypt email messages using Exchange admin center (EAC) or Exchange Online PowerShell:
- Sign in as an administrator into Microsoft 365 admin center
- Select Admin centers
- Select Exchange.
- In the EAC, go to Mail flow
- Select Rules then New New icon.
- Choose Create a new rule.
- Use the name tab to label your rules
- Go to apply this rule and select a condition. Enter a value if it is required
- In Apply this rule if, choose “the recipient is” choose the recipients name either form existing contacts or by creating a new contact. You can add more conditions in more options.
- Go to Do the following, select Modify the message security
- choose Apply Office 365 Message Encryption and rights protection.
- Pick the RMS template of your choice from the list
- Save, and then click OK.
The emails that meet the specified conditions will then be sent to the chosen recipients as encrypted emails. You can manage the emails by creating a distribution list.
Opening a Secure Email in other Mail Clients.
If you have a Microsoft account all you need to do to read an encrypted email is to sign in.
However, most email clients other than Google and Yahoo can’t open encrypted emails automatically. To open a secure or encrypted email in other mail clients like hotmail you’ll need a one-use password.
- Once you click Read the message you will be redirected to a sign-in page. If you use a mobile app, you will get a prompt to sign in with a single-use code.
- When you sign in, a code will be sent to your email from 365@messaging.Microsoft.com
- Enter the code in the encrypted email and continue to read your email.
How to Move the Encrypt Button from the Options tab to the Message tab
Sometimes it’s easier to have the encrypt button in the quick access message bar than in the options tab. To do so follow the following steps:
- Go to more commands
- Scroll and find Encrypt
- Click Add, then OK
- The button will appear at the top of the message window in the quick access bar.
Frequently Asked Questions
What Does Encrypt Only Mean in Outlook?
Encrypt only in Outlook means that the message is encrypted. The receiver can read and forward the message as well as any attachments, but they cannot remove the encryption. If you want to change the encryption type of an email you can always try to recall the email in Outlook.
How Do I View an Encrypted Email in Outlook?
Usually an encrypted email will come with instructions on how to view it. All you’ll need to do is authenticate using a temporary passcode that will be sent to your email account. Attachments in the email can be downloaded without encryption in most cases unless the email email was encrypted with the encrypt and prevent forwarding option. In this case the files from Microsoft office such as word files will be encrypted.
How Do I Encrypt an Email in Outlook for Free?
You can encrypt an Outlook email by obtaining a free or paid digital certificate or using a third-party add-on that can allow a much more seamless experience.
Does Outlook Automatically Encrypt Emails?
Outlook does not encrypt all emails by default. However, you can encrypt all outgoing messages by default in Outlook by going to the Trust Center Settings. If you have the encryption set up in your Outlook client, you will need to press the Encrypt button for your current email to be encrypted.
How Do I Encrypt an Email in Outlook With the Subject Line?
You can encrypt the subject in your email by typing Encrypt in square brackets in the subject text box. The Outlook encrypt email shortcut should look something like this:
[Encrypt]: (insert subject)
How Do I Add a Secure Button in Outlook?
You can add the Encrypt button in the toolbar by clicking on the gear icon in the top right and clicking on All Outlook Settings. This opens a smaller window containing all the settings. There, click on Mail in the sidebar and then Customize actions in the smaller sidebar. Click and enable Encrypt in the Toolbar section.
What Do I Write to Encrypt an Email?
If you have encrypted email enabled in your Outlook settings, all you have to do to encrypt the email is click on the Encrypt button by going to Options in the top bar in Outlook.
Email Encryption in Outlook
Now you should know how to send an encrypted email in Outlook. Outlook 365 offers a fantastic encryption option for people looking for a painless way to encrypt their emails. Not only that, you can send Outlook encrypted emails to most email providers meaning encrypted emails aren’t locked behind the Outlook email ecosystem.
However, if you don’t want to use Outlook’s built-in encryption option, you can opt for encryption using certificates or look at add-ons that allow you to encrypt your emails in Outlook hassle-free. Whichever method you choose, you can keep your data safe now that you know how to encrypt email in Outlook.
Chris is a spreadsheet expert and content writer for Productivity Spot and Spreadsheet Point. He has a double Bachelor's Degree in Teaching and has been working in the education industry for over 11 years. His experience makes him adept at breaking down complex topics so that everyone is able to understand.