Forum Discussion

Manuel Lange's avatar
Manuel Lange
Copper Contributor
Feb 20, 2017

time to access Office 365 Message encryption messages

Hello,

 

activating Office 365 Message Encryption and having questions regarding time periods:

 

- How long (/often) is an encrypted sent e-mail accessible?

- Suppose I delete sending office 365 tenant completely, can messages still be opened by receivers?

- Basically: Any control of OME Messages after sending?

  • Mail is not stored in the service, but in your (and the recipient's) mailbox. O365 servers are only used to decrypt/display the message. As long as the message is not deleted and you are still using the service, it can be accessed. If you mean message expiration, I dont think this is officially supported, though we do have a parameter for PowerShell that hints it's possible.

     

    The service does store the encryption keys however, and as OME is using Azure RMS on the backend, decommissioning of the service will be similar to what's detailed here: https://docs.microsoft.com/en-us/information-protection/deploy-use/decommission-deactivate

     

    Not sure what you mean about control? Did you check the FAQ here: https://technet.microsoft.com/en-us/library/dn569285.aspx

    • Manuel Lange's avatar
      Manuel Lange
      Copper Contributor
      Thanks, thats what dawned on me somehow.

      "As long as the message is not deleted and you are still using the service"

      With "you" do you mean the sender implementing ome or the non-ome receiver?
      • VasilMichev's avatar
        VasilMichev
        MVP

        You as the one using/paying for the serice, and he as the one keeping the message.

         

        Looking at the product pages however, it seems that OME is now only offered as part of AIP, and the latter offers you a bit more flexibility compared to OME in terms of revoking access, tracking protected documents, etc.

Resources