Exchanging information online via email is one of the most common ways of communication. And when it comes to making those interactions private, one should follow best practices when sharing private & confidential information by encrypting those emails. In this article, we’ll talk more about email encryption, how to encrypt email while sending in Office Outlook, encrypting and why to encrypt, and its pros and cons.
How Does Email Encryption Work?
When an email is encrypted, it converts from plain text into ciphertext, i.e., it won’t be in a readable format, and the recipient for whom this email encrypted after entering private key can convert cipher text to plain text (readable format).
The conversion of cipher to plain text format can only be done by those who have the corresponding private key.
Microsoft Outlook uses two encryption technology to encrypt their email
- S/MIME encryption
- Office 365 Message Encryption
S/MIME encryption will work when sender and recipient are using email application that offers support this encryption. By default, the Outlook version supports S/MIME encryption across all its compatible devices.
Office 365 Message Encryption:
Office 365 message encryption is also known as IRM or Information Rights Management; Microsoft newly launched this encryption with its Office 365 suite. O365 Message encryption to work the sender must have a license for MS Office 365 cloud license.
How to Encrypt Emails in MS Outlook:
Before we begin the process of email encryption, we first need to have an S/MIME certificate on the computer; then, we need to configure Outlook to use the S/MIME certificate to work while encrypting emails.
There are two primary Digital ID or S/MIME certificate provider in the market, GlobalSign and IdenTrust. Users must purchase a license from one of them to add it to Outlook to encrypt emails. Once done with this part, we can go ahead and configure the MS Outlook for encrypting emails.
- Launch Microsoft Outlook
- Go to File -> Options -> Trust Center -> Trust Center Settings
- Select “Email Security” tab from left pane -> Encrypted email -> default settings -> settings
- In “Certificate and Algorithm” section, browse and upload signing and encryption certificate
- Give a name to the new preferences under “security settings name” -> save
How to Send and Receive Encrypted email using MS Outlook:
- To send or receive encrypted emails, sender and recipients must share Digital ID certificates
- Go to any encrypted email which is signed digitally
- Do a right-click in from recipients’ box ->add to Outlook contacts
- By doing the above task, certificate from above recipients in added on the computer
- Now go to compose new email -> options -> encrypt and select the encryption type -> send the email
Why Encrypt Email?
Usually, we encrypt email and its content to secure information attached to it. That means any confidential data transmitted via email will not be accessible by anyone apart from the recipients for whom the email intended.
By encrypting emails, we can make it inaccessible from any phishing attack or data leak as encrypted information is safe and can only be converted into the plain text from cipher format by the individual who owns the key to decrypt.
Pros and Cons of encrypting an email in MS outlook:
- It makes email, attachments or any confidential information secure
- Protects individual email accounts from spam contents
- Prevents eavesdroppers from gaining access to messages or alter their contents
- Need a basic technical understanding to set up the email encryption process
- Even though email encryption protects email contents, attachments from unintended eyes but header information and subject line will still be visible
- Recipients need to have same encryption certificate to decrypt received email
Although Digital ID paid service, which end-user must buy to protect/activate email encryption fully. But there are few free Digital ID services provide that users can try to get familiar with the email encryption process, and later, they can purchase premium email certification and install to make their email communication secure.
Apart from the above-listed method, there is another way to encrypt emails using an email gateway. Encrypting email using this process will base on the settings set for the email gateway, i.e., for an email with the subject line [encrypt] will pass from the sender to recipients mailboxes in an encrypted format or any other command setup. This method is on the little advance side and needs an excellent technical knowledge of server setup, email encryption software, encryption protocols that need to use, and so on.
We’ll talk more about the advance method in our future tutorial and will try to guide step-by-step how-to setup own email gateway for email encryption.
For now, please share your feedback about email encryption, its process in the comment section below.