Encrypted email with Office365

Posted by

For a small fee you can add Exchange Hosted Encryption to your Office365 tenancy providing you with a secure end to end encryption. This would allow you to communicate with customers and people outside your business securely.

 

The first step is purchasing the Exchange Hosted Encryption add on – it’s a per user licence (you don’t need to licence all your users if you don’t want to) and can be bought in the usual way through your LAR. Once you have purchased the licences you need to get them added to your Office365 tenancy. This is as simple as sending an email with the following information to mehsact@microsoft.com

 

· Domain:

· O365 Tenant Domain:

· Company Name:

· Agreement Number:   

 

They will come back to you fairly quickly telling you that the licences have been associated with your Office365 subscription.

 

You can now go ahead and configure the rules to enforce encryption on some or all messages.

 

1. Log into the Office365 Exchange Admin Portal

2. From Mail flow menu option create a new rule

image

3. Give the rule a name and the click More Options, then you can select when the rule should apply – in this example we are going to look for the word ENCRYPT in the subject line of the email.

image

 

4. In the Do the following combo box select

Set message header ‘x-voltage-encrypt’ with the value ‘encrypt’

 

image

image

 

5. In the add exception select 

A message header…includes any of these words

‘x-voltage-message-encrypted’ header includes ‘Encrypted’

 

image

 

image

That’s the rule created, this will force encryption on all emails where the word ‘Encrypt’ is in the subject line of the message. You can be quite creative with the rules using different values. (Be aware that the rules can take a few hours to replicate around the servers so they might not take impact right away.

Lets test this rule by sending an email out.

1. Create a new message in outlook or webmail (or which ever email client you use for Office365) and make sure the word Encrypt is in the subject line somewhere.

image

 

2. We should receive the email which has been encrypted and replaced with an attachment

image

 

3. Clicking the read me link in the email attachment should take you to the Exchange Hosted Encryption webpage. If you have previously received an encrypted email you are simply prompted for your password. If this is the first time you received the email you need to create a password and verify your email.

image

image

image

 

Overall a fairly straight forward system to implement with some potential big wins.