As email cyberattack issues arise, Microsoft Outlook and Microsoft Office or M365 adapt by providing robust ciphertext to protect the platform and its emails.
Microsoft Outlook and M365 offer several email ciphertext options. Built-in features and third-party add-ins support Azure cloud, so users can send and receive secure emails flexibly.
This Microsoft capability is ideal for securely sending emails with ease, lower costs, advanced features, and compatibility.
Trustifi, a global technology partner of Microsoft Azure and M365, offers its version of
encrypt email solutions. Companies considering layering in a mix of Trustifi and Microsoft M365 for messaging protection should leverage Trustifi email ciphertext and data loss prevention protection.
Method 1: Using Windows Certificates to Encrypt Microsoft Emails (S/Mime)
S/MIME encryption, a dated method, isn’t suitable for sending secure emails to free webmail users like Gmail and Yahoo. It requires both the transmit and recipient to install and share secure certificates, which can be costly.
S/Mime lacks widespread support. It’s available to Microsoft Outlook users but requires the recipient to use Outlook or a compatible email service.
This ciphertext method is risky and vulnerable to attacks like message takeovers because users must exchange ciphertext keys. Compromising these keys breaches messaging security.
Initial Setup for Encrypted Email with S/MIME Within Microsoft Outlook
To set up email ciphertext with S/Mime on Microsoft Outlook, individuals should:
Get an email ciphertext certificate, import it into Microsoft Outlook, and share it with recipients. Ensure each recipient has an email ciphertext certificate in Microsoft Outlook or a compatible platform and shares it with you. Understand the steps to send a secure email. Microsoft recommends getting an email ciphertext certificate from CAs like Comodo, GlobalSign, or IdenTrust. Ensure you buy an email secure certificate (S/Mime), not an SSL certificate, which is different.
After purchasing the certificate, you’ll receive it plus a password for Microsoft Outlook importation. Keep a backup of both for future needs, such as device damage or setup on a new device. Without them, you cannot access past secured emails. If replaced, recipients must update your old certificate with the new one.
Once purchased and backed up, the certificate can be imported into Microsoft Outlook by completing the following:
Open File in Microsoft Outlook, then Windows Options; go to Windows Trust Center and click Trust Center Settings. Select Email Security, then Import/Export under Digital IDs. If set up by IT, click Settings instead and pick the certificate per IT guidance. Choose to import the existing ID, then browse for the file. Enter the certificate password, click OK, and close the windows. The certificate is now imported.
Send a digitally signed digital letter to each intended recipient to share one’s certificate.
To complete this task successfully:
Create a new digital letter in Microsoft Outlook. Click Options in the menu bar, then More Options, and select Windows Security Settings. Click Add Digital Signature to this Message. You can change the settings to choose a different certificate. Click OK, then Close, and transmit your digital letter.
Completing these steps transmits your public key, enabling others to encrypt your Microsoft messages. Your private key is accessible only in your Windows Outlook application to decrypt received messages.
How to Transmit Encrypted Emails In Microsoft Outlook Using S/Mime
For ciphertext, obtain the recipient’s public key from their certificate. Add their certificate to your contacts after they transmit a digitally signed email on Microsoft Outlook or S/Mime.
Open the digitally signed email, right-click the username, and select Add to Microsoft Outlook Contacts. If the user is already a contact, choose Edit/Update. Then, click Certificates on the contact card and select the correct certificate from the list.
Once this is completed successfully, the encrypted sender can send messages to their contact by following these steps:
Start a new email and click Options in the top menu. Then, select the icon next to More Options and choose Security Settings in the Properties window. In Security Properties, check encrypted digital letter content and attachments. Click OK and then Close. Note: Email subjects remain unencrypted. Finish your email, attach files if needed, and click transmit. The system will now encipher the email.
How Your Recipient Opens Your Enciphered Email
Recipients may need to use Microsoft Outlook on their Windows desktop to decrypt emails automatically. Automatic encipherment of the reply will occur if they reply and have saved the user’s ciphertext certificate.
Receiving Secure Email from Clients (Replies, New Emails)
Once setup is complete, recipients will have the ciphertext certificates to transmit enciphered replies easily and can transmit new secure messages by following the required steps.
Features and Cost of S/MIME to Encrypt Emails In Microsoft Outlook
Once set up and certificates shared, S/Mime email ciphertext in Microsoft Outlook is user-friendly. However, it’s advisable only if recipients, often large enterprises or the government, request it. Small businesses or individuals typically using free webmail (e.g., Gmail, Yahoo) may lack the resources or know-how for this option.
Microsoft Outlook provides the only access to S/Mime-enciphered emails. Recipients might not forward these emails. Additionally, S/Mime is incompatible with G-Suite accounts using GSSMO; they must use IMAP.
S/Mime costs vary widely. In 2019, certificate prices from Microsoft’s recommended CAs were $39 to $369 per year. If pre-paid, this fee must be renewed annually or every two to three years. Each user needs a unique certificate.
Method 2: M365 Message Encryption (OME)
Microsoft Office 365 Message Encryption (OME) allows M365 users to transmit enciphered emails through Microsoft Outlook without certificates. It’s a costly choice, needing Microsoft Outlook and an M365365 subscription. Recipients must follow extra steps, like requesting and using a code to read the email.
Initial Setup for Microsoft Windows Office 365 Message ciphertext
To use OME, upgrade to a plan that includes it, such as M365 Enterprise E3/E5, M365 Business, Office 365 A1/A3/A5, or Office 365 Government G3/G5. Business Essentials and Premium plans don’t have OME. Alternatively, add Microsoft Azure Information Protection Plan 1, though it’s complicated and costly.
Individuals looking to upgrade their M365 subscriptions should follow these steps:
Visit https://www.office.com/, click Sign In, and log in with an M365 admin account. Click Admin (located in the options titles that appear). Next, click Billing (located in the left pane) and Subscriptions (located beneath that). Finally, click Switch Plans to upgrade the subscription.
After upgrading, OME availability can be verified via one of the following methods:
Sign in at www.outlook.com with your M365 account. Start a new email; ciphertext is active if the encrypt button isn’t grayed out. Open Microsoft Outlook ProPlus, compose a new message, click Options, and ensure Encrypt is enabled.
How to Transmit Secure Messages In Microsoft Outlook Using OME
In M365, transmitting enciphered emails with OME is more straightforward than S/Mime. In Outlook, use the encrypt button under the Options tab when composing a new message to communicate it securely with OME.
To start a new digital letter, click Options in the top menu and then Encrypt. You can stop forwarding by selecting the arrow under encrypt. A prompt will confirm the ciphertext. Finish your email and click transmit.
How Your Recipient Opens Your Enciphered Microsoft Email
When a recipient gets an email enciphered with OME, the initial digital letter has no content or attachments. Instead, recipients verify their identity via M365 by clicking “Read the” and then using a one-time passcode or logging into a school/work account. Free webmail users (Yahoo, Gmail) may need to log in. If there’s no linked M365 account, choose the one-time passcode sent in a separate email. Enter this code on the initial page to decrypt the email. Remember, attachments require manual download to open.
Receiving Secure Email from Clients (Replies, New Emails)
The recipient begins an enciphered response by clicking the secure digital letters Reply All, Reply, or Forward options. However, OME offers no option for recipients to transmit a new secure email to the initial receiver. Secure responses cannot be sent as responses to non-enciphered emails.
Features and Cost
OME is user-friendly and allows enciphered messages outside Microsoft Outlook without certificate backups. Secure messages work on any device with Microsoft Outlook and Office 365. Recipients can forward messages without worrying about certificates. However, OME’s drawbacks include recipient difficulties, a need for Microsoft Outlook ProPlus, and no digital letter expiration.
Upgrading to OME involves additional costs based on your current M365365 subscription. OME is ideal for business emails, especially with vendors or parties needing specific security.
Method 3: Microsoft Outlook Ciphertext Add-ins
For small organizations with limited IT resources, Microsoft Outlook ciphertext Add-ins offer a cost-effective way to transmit secure emails to anyone, even without their ciphertext. Recipients do not need to set up, install, or sign in to receive messages.
Initial Setup
The installation is the first step in setting up an email ciphertext add-in. Visit the add-in’s official website and download the installer. The installation takes about a minute, but the exact time may vary depending on your browser, such as Internet Explorer, Google Chrome, or Firefox.
Open Microsoft Outlook and compose an email. Ensure the Secure transmit button is visible at the top left. You can then transmit enciphered emails to any recipient, regardless of their platform.
How to Transmit Enciphered Messages
To transmit an enciphered email, click the New Email button in Outlook. Compose an email, adding any necessary enciphered attachments. Next, rather than clicking transmit, click the Secure transmit button. This will scramble both the email’s contents and attachments.
How Your Recipient Opens Your Enciphered Email
The subject of the email will not be enciphered, but the body will be. Rather than opening your email and viewing its contents and attachments, the recipient will view a page prompting them to access the enciphered email. An external passcode is not required to sustain the heightened level of security. Instead, the sender may set a time of expiration.
Receiving Secure Email from Clients (Replies, New Emails)
The web page that shows the secure digital letter to the intended recipient may also offer an option for them to transmit a safe reply. Moreover, depending on the ciphertext Add-in, recipients may be able to transmit secure responses to non-enciphered messages.
Features and Cost of Trustifi Microsoft Outlook Email ciphertext Add-in
Trustifi offers customizable, NSA-grade email security, allowing users control over services to suit individual and organizational needs, including tools to
prevent phishing. It provides complete email protection and features like recall, block, modify, and expiration settings for sent emails. Pricing and plans are adaptable to each organization’s requirements.
Conclusion
Organizations can effectively secure Microsoft Outlook emails through digital certificates (S/Mime), M365 Encryption (OME), or ciphertext add-ins. Trustifi ciphertext add-ins combine S/Mime and OME benefits, offering optimal ease and cost-efficiency. Tools like Trustifi work with any account, delivering exceptional
email encryption and protection.
