Forum Discussion
Solved
Encryption confusion
I do light Office 365 admin for a number of clients, always under Office 365 Business Premium subscriptions. I'm confused about encryption, that either does exist, or not, and where it does and does...
Does this help, its the best explanation I have seen:
āExchange Online always attempts to use TLS first to secure your email but cannot always do this if the other party does not offer TLS security.
For Exchange Online, we use TLS to encrypt the connections between our Exchange servers and the connections between our Exchange servers and other servers such as your on-premises Exchange servers or your recipients' mail servers. Once the connection is encrypted, all data sent through that connection is sent through the encrypted channel. However, if you forward a message that was sent through a TLS-encrypted connection, that message isn't necessarily encrypted. This is because, in simple terms, TLS doesn't encrypt the message, just the connection.
If you want to encrypt the message you need to use an encryption technology that encrypts the message contents, for example, something like Office Message Encryption.ā
This provides how various measures help and where they are implemented
This provides info on the broader topics:
The licence requirements for OME are discussed here:
Hope that helps.
I currently have the same question and concern. From what I could understand is that outlook.com can or you have the opportunity to encrypts emails. From what I could have read from the following article: https://support.office.com/en-us/article/learn-about-encrypted-messages-in-outlook-com-3521aa01-77e3-4cfd-8a13-299eb60b1957
But I still don't know for business purposes if this also abides for us. We currently have Business Essential only licenses, but my question still resides: Are emails send using Outlook 2019 Desktop Client encrypted through office365 Exchange?
But when it comes to Office365 Exchange you get a whole different story.
https://docs.microsoft.com/en-us/microsoft-365/compliance/email-encryption?view=o365-worldwide
https://docs.microsoft.com/en-us/microsoft-365/compliance/ome?view=o365-worldwide
I guess we'll count Cian's reply as our answer? I have to do some reading, a lot of links provided by you guys !:) Thank you so much for taking the time. I'll have to actually schedule say an hour to review all this because it's a lot, so if you have thoughts prior, please post. Thanks again!
It's saying encryption is applied during the transfer of information between clients and hosts which secures the connection and everything that travels through it. The messages themselves aren't encrypted but they are protected during transit. When sending emails externally, Exchange Online will always try to use a secure connection, but this won't always be possible depending on how the recipient's email system is configured.
To ensure messages are encrypted and can only be opened by the intended recipient, OME encrypts the contents and applies controls to ensure messages are secure, wherever emails are being sent to.
I see, and thank you for the summary. I remember reading that OME is a feature in the higher levels of licensing, like above Business Premium, which means virtually all small business won't have it. But I will do some reading because right now my knowledge is vague on this.
Would it be safe to say however, that anybody that is using Office 365 at any level, and using Gmail at any level, is using TLS? I don't put much faith in email hosting providers or internal IT teams that are still using for example a standalone linux server or some virtual hosting service, for example GoDaddy free webmail. So I am biased against anything that is not MIcrosoft or Google, and to be clear, Office 365 is my primary choice but I do like Google for many things.
Yes that's right, TLS will be used by Microsoft and Google, many other major providers too will use TLS to secure connections when transferring email and so forth.
