Microsoft Outlook - Email Encryption


People often use email to exchange sensitive information, such as financial data, legal contracts, confidential product information, sales reports and projections, patient health information, or customer and employee information. As a result, mailboxes can become repositories for large amounts of potentially sensitive information and information leakage can become a serious threat to your organization.

With Office 365 Message Encryption, your organization can send and receive encrypted email messages between people inside and outside your organization. Office 365 Message Encryption works with, Yahoo!, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content.


  • Send encrypted email messages to anyone, regardless of their email address
  • Provide strong, automated encryption
  • Eliminate the need for certificates and use a recipient’s email address as the public key
  • Communicate through a Transport Layer Security-enabled network to further enhance message security
  • Enhance the security of email responses by encrypting each message in the thread
  • Office 365 recipients get to use an inline experience in supported Outlook clients.

When to Use 

Use encryption to protect sensitive emails that should have extra precautions taken:

  • Payment Card Industry Data Security Standard (PCI DSS)
    • Credit Card Numbers
    • Account Numbers
  • Personally Identifiable Information (PII)
    • Social Security Numbers
    • Tax Returns
    • Computerized Criminal History

How to Use

For any email that has the word “Encrypt” in the subject, message encryption is applied before it leaves the City.



Alternatively, while composing your message, you can select to Encrypt under the Options tab> Encrypt > Encrypt-Only. 


This will not deliver the cleartext message to the recipient. They will receive an email that informs the recipient that they have received an encrypted message. Once they save and open the attachment, it will allow them to authenticate with a Microsoft account or use a one time password (OTP).




They will receive a second email with a generated number to view the message in a browser. Any replies or forwards from the browser will also be encrypted.



2 out of 2 found this helpful


1 comment

Please sign in to leave a comment.