Sending encrypted email


Office 365's Office Message Encryption (OME) provides you the ability to customize the level of protection for any specific email you choose to encrypt. You can choose to just encrypt the email, which ensures it is received by your intended recipient exclusively or to limit their ability to forward the email to others. For messages that require the greatest amount of security, you can choose to allow the email to only be viewed by or forwarded to other Rutgers Connect users, or even limit the Rutgers Connect recipient to view the email and be unable to copy, print, forward or otherwise interact with the message. These different options will be described in some detail later on.

You can utilize these functions by clicking on the Options tab on the ribbon followed by clicking the Encrypt button at the top of your email in the Outlook Web App – found at connect.rutgers.edu.

The Encrypt message option highlighted in the Rutgers Connect email client.

In the Outlook 2019 application, which can be installed locally on your computer for more robust email management, you can find the option with the Encrypt button when you select Options.

The Encrypt message option highlighted within Outlook 2019.

In the Outlook Web App, once you click Protect you will notice a banner on the top of your email, which says "Do Not Forward: Recipients can read this message, but they can’t forward, print, or copy content." It will also include options to change the permission level or remove the protection altogether.

The Do Not Forward notice found in Outlook 2019.

From Outlook 2019, once you click Encrypt you will see a message stating "Encrypt Only – This message is encrypted." You can change the permission level by clicking the small arrow to the right of the Encrypt button.

The Encryption notice found in Outlook 2019.

If you select the option to change the permission level, you will be presented with four different options.

The menu to change permissions levels in Outlook 2019.

The drop-down Encryption options found in Outlook 2019.

Here is what they are and how they function:

Encrypt

If you choose Encrypt, the contents of the message will be encrypted. You can learn more about encryption here, but at a very basic level, you can imagine this as your message being converted into a secret code, with only authorized users (your intended message recipient) having the key to decrypt that encoded text back into your original message.

When you choose Encrypt, once the recipient gets the message they are free to do what they want with it. They can copy text from the message, print it, save it to their computer, reply to it or forward it to other users. Encryption adds a layer of security that ensures your intended recipient is the only one who can receive your message – but it does not control what they can do with it once they have.

Do Not Forward

If you want a little bit more control over the message you are sending, you can choose the Do Not Forward option. This option encrypts the message as described above, but also prevents the user from copying, printing or forwarding the message contents.

Rutgers Connect – Confidential

Choosing this option will only allow the message to be sent to other Rutgers Connect users. It is similar to Encrypt in that, while the message is protected, the recipient can still save, reply, and forward the message. It may only be forwarded to other Rutgers Connect users.

Rutgers Connect – Confidential View Only

This is the most restrictive option. If you choose this option, the recipient – who must be a Rutgers Connect user – will only be allowed to view the message. They will not be able to reply, forward, copy or edit the message.

Keyword Triggered:

For backward compatibility with our previous encryption service, Zix Corporation, any message containing the keyword "ZIXSECURE" in the subject or body and leaving Rutgers Connect will have OME encryption applied to it. OIT does not recommend using keywords to force encryption. The keyword feature has been retained for specialized cases and may go away completely in the future as it is being replaced by the encryption features provided by OME.