Microsoft 365 Message Encryption
Share protected emails with anybody—inside or outside your organization—easily with the rich email encryption and rights-protection capabilities in Microsoft 365 Message Encryption that are built on top of Azure Information Protection.
Protect sensitive emails
Help reduce the risk of unintended disclosure by encrypting and rights-protecting email messages sent both inside and outside your organization.
- Send encrypted and rights-protected messages to people inside and outside your organization (including users of Microsoft 365, non-Microsoft 365 email applications, and web-based email services such as Gmail.com and Outlook.com) with Do Not Forward or custom Rights Management Services templates to enable B2B and B2C scenarios.
- Send encrypted email messages to anyone, regardless of their email address.
- Provide strong, automated encryption with a cost-effective infrastructure.
- Eliminate the need for certificates and use a recipient’s email address as the public key.
- Communicate through a Transport Layer Security-enabled network to further enhance message security.
- Enhance the security of email responses by encrypting each message in the thread.
Stay in control
Control sensitive data with flexible policies or ad hoc customer controls that are built into Microsoft 365.
- End-user controls that enable users to easily encrypt and apply rights management templates.
- Provide and manage your own encryption keys with Bring Your Own Key for Azure Information Protection.
- Easily manage sensitive data using single-action Exchange transport rules.
- Protect sensitive information and data consistently and automatically from leaving your gateway.
- Use policy-based encryption to encrypt messages at your gateway based on policy rules.
Meet compliance needs more easily
If you’re a Microsoft 365 user, send encrypted email from any device using Outlook for Windows, Outlook for Mac, or Outlook.com.
Help manage compliance through strong integration with data-loss prevention capabilities.
Native in-line reading experience for mails encrypted with Do Not Forward policy or custom Rights Management Services templates using Outlook clients for Microsoft 365 users.
Non-Microsoft 365 message recipients can authenticate and read protected messages using their consumer Google or Yahoo accounts, in addition to a one-time passcode and a Microsoft account.
Easily navigate through encrypted messages with the clean Microsoft 365 interface.
Deliver encrypted email directly to recipients' inboxes and not to a web service.
Decrypt and read encrypted email with confidence, without installing client software.
Enjoy simplified user management that eliminates the need for certificate maintenance.
How to buy Microsoft 365 Message Encryption
To use Microsoft 365 Message Encryption, purchase Microsoft 365 E3.
Follow the blogs
Keep up with the latest news.
Find out how other organizations are using Exchange.