Long description | Microsoft 365 uses encryption in two ways: in the service, and as a customer control. In the service, encryption is used in Microsoft 365 by default. If you want to increase the security level of messaging and protect extremely sensitive data, we will provide implementation services to email encryption and rights protection capabilities. |
Active | 1 |
Get secure email messaging implemented in your organization. With the new Microsoft 365 Message Encryption (OME) capabilities, which leverage the protection features in Azure Information Protection, your organization can easily share protected email with anyone, on any device. Users can send and receive protected messages with other Microsoft 365 organizations as well as non-Microsoft 365 customers using Outlook.com, Gmail, and other email services.
Our objective is to enable OME -- Microsoft 365 Message Encryption -- in your Microsoft 365 tenant and provide instruments to control sensitive data with flexible policies or ad hoc customer controls that are built into Microsoft 365.
An implementation project will be considered successful when you:
- start to send encrypted email from any device
- easily navigate through encrypted messages
- deliver encrypted email directly to recipients' inboxes
- decrypt and read encrypted email with confidence, without installing client software
- enjoy simplified user management that eliminates the need for certificate maintenance
IT Partner responsibilities #
- Set up Office Message Encryption (OME) in Microsoft 365
- Create mail flow rules that define the conditions for encryption
- Bring your own key (BYOK) settings, if needed
Client responsibilities #
- Provide a dedicated point of contact responsible for working with IT Partner and coordinate any outside vendor resources and schedules, if needed
- Configure all networking equipment, such as load balancers, routers, firewalls, and switches
- If Microsoft Outlook or other desktop email clients are to be used for connectivity to Microsoft 365, tuning email software on client workstations
Outside the scope of this project (additional cost items) #
- Mail migration services to Microsoft 365
- AD & group policy settings
Upon completion of the engagement, we will provide a Project Closeout Report. This document will indicate final project status, including evidence of meeting acceptance criteria, outstanding issues, if any, and final budget. If you want more extensive documentation, this can be provided for an additional fee.
Prerequisites #
- You must have global admin level access to the source Microsoft 365 tenant
- You must have global admin level access to the destination Microsoft 365 tenant, with Exchange Online licenses available
To use the new OME capabilities, you need one of the following plans:
- Microsoft 365 Message Encryption is offered as part of Office 365 E3 and E5, Microsoft E3 and E5, Office 365 A1, A3, and A5, and Office 365 G3 and G5. Customers do not need additional licenses to receive the new protection capabilities powered by Azure Information Protection.
- You can also add Azure Information Protection Plan 1 to the following plans to receive the new Microsoft 365 Message Encryption capabilities: Exchange Online Plan 1, Exchange Online Plan 2, Microsoft 365 F1, Microsoft 365 Business Basic, Microsoft 365 Business Standard, or Office 365 Enterprise E1
- Each user benefiting from Microsoft 365 Message Encryption needs to be licensed to be covered by the feature
- For the full list, see the Exchange Online service descriptions for Microsoft 365 Message Encryption
Plan #
May vary depending on your needs.
- Kickoff meeting
- Pre-implementation system health check
- Configuring OME and additional tools
- Setting up Exchange Online Transport Rules
- Verifying email encryption
- Posting implementation tasks
Results #
You will be able to use Microsoft 365 Message Encryption (OME) capabilities that protect your mails and mail flow rules that define the conditions for encryption. Your email recipients should be able to receive and reply to your secure emails using any device, with any email client.
Relevant articles #
https://support.office.com/en-us/article/office-365-message-encryption-faq-0432dce9-d9b6-4e73-8a13-4a932eb0081e
https://products.office.com/en-us/exchange/office-365-message-encryption
https://support.office.com/en-us/article/email-encryption-in-office-365-c0d87cbe-6d65-4c03-88ad-5216ea5564e8