shutterstock_1775908778 (1)

November 12, 2021

Are Microsoft 365 Emails Encrypted?

By Eva Goodinson

Want to keep your sensitive data out of the hands of hackers? Use Microsoft 365’s email encryption service.  

When it comes to sending emails with sensitive information, you can never be too safe. If your send emails for business purposes, it’s likely you regularly transfer messages with material that would be a data breach if it fell into the wrong hands. Even relatively straightforward information can be a breach if it gets to someone it wasn’t intended for.  

It’s always better to be safe than sorry when it comes to cybersecurity, and luckily, Microsoft 365 offers an email encryption service that you can choose to implement. 

 This encryption means the contents of your emails will be disguised, so people cannot decipher their contents unless they are the authorised recipient. It acts as a level of defence against would-be hackers attempting to steal your information. With cyber-crime on the rise since the pandemic, it’s more important than ever to protect your information.  

franck-DoWZMPZ-M9s-unsplash (1)


Microsoft's built-in solution for encrypting Outlook email came into effect with the release of Microsoft 356 (at the time, named Office 365). In addition to encryption, Microsoft can ensure that your messages aren’t being forwarded, and guarantees your email is delivered to the intended recipient.  

 You have the option to encrypt both your messages and the files attached to them for added assurance. 

If you’re a Microsoft 365 user, keep reading to find out how you can implement encryption to protect your emails. 

Why Should I Encrypt? 

 Encrypting can help by protecting your identity and privacy when sending sensitive emails. Having a more secure mail system will also save you time and money when it comes to cybersafety programs.  

It will also provide you protection against cybercriminals who may try to extort you or your systems. Hackers will often try to access your IT base through email, and encryption makes this harder to do. It acts as a second wall of defence for your valuable information. 

 You don’t have to encrypt every email, but when you’re sharing confidential or sensitive information, you should implement encryption to keep your business and data safe.  

What are the drawbacks of encryption?  

While Microsoft 365 email encryption is an important feature, it might not be the right fit for every user or organisation. Encryption makes encrypted messaging safer for senders, but it can be more challenging for recipients to decipher and read these messages.  

Companies may need to pay for TLS connections for their business partners to ensure that encrypted messages are able to be opened, or risk not being able to use Microsoft 365 email encryption at all without an LS connection. 

 However, considering the high risks of cybercrime, it’s definitely a good option to consider. It’s also worth talking to the people you email regularly about cybersecurity, and explaining why you’re choosing to encrypt your emails. The more people who follow encryption protocols, the fewer opportunities for leaks and breaches.  

How Does Microsoft 365 Email Encryption Work?  

shutterstock_1775908778 (1)

Encryption involves displaying your information in the form of a code, so that it can only be decoded and accessed by recipients who you’ve given permission to.  

Microsoft 365 uses a TLS ( transport layer security) service as a cryptographic protocol that conceals email content. This is done by encrypting the server-to-server communication between two parties. TLS is used when emails are sent in a web browser, rather than in-app.  

 Encryption is enabled as standard in Microsoft 365, so there's no need to change anything.  

This is how email encryption usually works: 

During transmission, a message is encrypted, or changed from plain text to unreadable ciphertext, either on the sender's workstation or via a central server. 

In order to prevent the message from being read if intercepted by an unauthorised third party, it’s kept in ciphertext while being transmitted. 

After the recipient receives the message, it’s converted back into readable plain text. This is done by either the recipient system using a decryption key, or a central server will decrypt it after the receiver’s identity is authenticated. 

How Do I Encrypt Emails on Microsoft 365? 

If you’re looking to encrypt your Outlook email, there are three possible ways of doing this. Each has its own set of benefits, but some are more difficult to set up than others.  

The options are: 

  • Microsoft 365 Message Encryption.

    This comes as part of Microsoft 365. It’s easy to use, and you don’t need to install certificates. You can send emails to any email client, but if the recipient doesn’t use Outlook, they may have to go through additional steps to open it. 

  • Certificate-based Encryption 

    Both sender and recipient need to have certificates to encrypt and decrypt emails with this option. It’s more complicated to install, but it’s more effective if you’re sending mass encrypted mail.  

  • Outlook Add-ins 

    If you don’t have Microsoft 365, you can easily send encrypted emails using a third-party add-in, although this may have an additional charge and set-up requirements. 

Encrypting Your Messages in Microsoft 365 

By using Office 365 Message Encryption, you send an email with only the subject to the recipient. Depending on the mail client of the recipient, they can either open the email to verify the message, or they can go through additional verification. This will allow the recipient to read the email and its attachments online. 

How to set up encryption: 

 1. Create a new email on Outlook 

Choose the option to compose a new email. First, add the subject, recipient, attachments, and body as normal. 


 2. Encrypt Email 

Now you add the encryption. To do this, select the ‘Options’ button and click on ‘Encrypt’. This will encode your information.


3. Send to Recipient

After you’ve encrypted, a note will become visible to you above the address field, informing you that the email is encrypted. You can now click ‘Send’ to deliver the mail to the recipient. 


  4. Opening the Encrypted Email in Outlook 

If Outlook is used by the receiving party, they’ll securely receive your message with the subject line and a lock icon displayed next to it.

The recipient will be verified by Outlook automatically once the email is double-clicked. Now the email will open and be readable as normal.  

christina-wocintechchat-com-F75IfIWSqRY-unsplash (1)

When Should You Encrypt Emails? 

It’s not necessary to encrypt every email you send. However, if your emails contain sensitive business information involving clients or people outside your group, it’s not worth the risk to lose it. Encryption is also a good way of ensuring you comply with GDPR regulations. 

You should always encrypt if you’re sharing bank details, identification information, or legal documents. Plus, if you’re sharing anything sensitive or confidential.  

It can't be overemphasised that secure email communication is essential when cybersecurity is a big issue. This goes for both businesses and for individuals. Don’t leave it until it’s too late to protect your sensitive information - the consequences can be more than just financial if your business has a security breach.  

 Can I Remove the Email Encryption? 

You can remove encryption from an email even after sending it in Outlook. When you unencrypt, your recipients can read the email without having to verify their identity. This can be done by following these steps: 

  • In Outlook, go to your sent emails folder 
  • Select the encrypted mail that you want unencrypted 
  • Select ‘File’ and then ‘Unrestricted Access’ under ‘Encrypt’. This will revert the email to a regular version. 

It’s as simple as that! 

Want to know more about Microsoft 365? 

Get in touch with SpiderGroup to talk about implementing Microsoft 365 in your company.  We're a Microsoft Gold Partner and can assist you with getting started today! You can contact us by calling 0117 933 0570 or filling out our contact form.  


Learn more about cyber essentials

More Thoughts

April 12, 2024

Microsoft 365 Licensing Changes: No April Fools’ Joke

On April 1, 2024, Microsoft made an announcement that might have easily been dismissed as an April Fools’ Day prank. However, the update on Microsoft...

Read more >

February 08, 2024

Microsoft CoPilot and 365: Balancing Innovation with Robust Security

The introduction of Microsoft CoPilot is set to revolutionise how we interact with technology, promising to make our work more efficient, intuitive,...

Read more >

October 18, 2023

What are the Benefits of Working with a Microsoft Partner?

Microsoft is one of the most well-known technology platforms in business today. From Windows and Office to Teams, SharePoint, Dynamics 365 and Azure,...

Read more >