Microsoft Office Message Encryption & GDPR

In order to comply with the new GDPR regulations then organisations need to look at how they will secure information that is sent externally via email.

One solution is to use an Add-In for the outlook software so that when a user sends a sensitive email then they click a button to encrypt it. However, this requires that all emails are sent via the outlook client and does not support mobile phones / tablets. A better approach is a solution that encrypts your email as it passes through your email sever. With Microsoft Office Message Encryption (OME) then organisations can define rules as to when messages are encrypted, for example all emails sent to/from a specific email address or domain. Alternatively, you can enter a specific phrase such as the text Encrypt: in the subject line of your message then the server will automatically encrypt it.

What is it?

Office 365 Message Encryption is a service built on Azure Rights Management (Azure RMS) that lets you send encrypted email to people inside or outside your organization, regardless of the destination email address (Gmail, Yahoo! Mail,, etc.). As an admin, you can set up transport rules that define the conditions for encryption. When a user sends a message that matches a rule, encryption is applied automatically.

To view encrypted messages, recipients can either get a one-time passcode, sign in with a Microsoft account, or sign in with a work or school account associated with Office 365. Recipients can also send encrypted replies. They don’t need an Office 365 subscription to view encrypted messages or send encrypted replies.

What does it do?

Office Message Encryption performs the following functions:

  • Encrypts messages sent to internal or external recipients.
  • Allows users to send encrypted messages to any email address, including, Yahoo! Mail, and Gmail.
  • Allows you, as an admin, to customize the email viewing portal to reflect your organization’s brand.
  • Microsoft securely manages and stores the keys, so you don’t have to.
  • No special client side software is needed as long as the encrypted message (sent as an HTML attachment) can be opened in a browser.

Recommendations and example scenarios

We recommend using OME when you want to send sensitive business information to people outside your organization, whether they’re consumers or other businesses. For example:

  • A bank employee sending credit card statements to customers
  • A doctor’s office sending medical records to a patient
  • An attorney sending confidential legal information to another attorney

How it works

How much does it cost?

The subscription for the Azure Information Protection service which includes Office Message Encryption is £2+vat per user/per month.

For existing Office 365 Email users then Office Message Encryption can be enabled for just £199+vat*.

For existing On-Premise Exchange Email users then Office Message Encryption can be enabled for £800+vat* ** .

Further Information

If you would like further information on Office Message Encryption or the benefits of moving to the cloud please contact us on 01639 326001 or email on

* Standard setup based on a non-complex configuration. Advanced setup available and priced depending on requirements.
** Requires Exchange Online Protection chargeable at £1+vat per user/per month