Apr 19 2018 01:40 AM
When two users inside same Office 365 tenant send email to each other and the message contains some sensitive information (eg. social security numbers). Is this message encypted inside Office 365 without any extra configuration? Just thinking this from GDPR perspective.
Apr 19 2018 02:10 AM - edited Apr 19 2018 02:12 AM
Yes, it is, this is called encryption at rest and in transit, this means without having to do anything data in Office 365 is protected.
See plenty of details here - Encryption in Office 365. However, for different reasons you still might want to employ additional measures to protect confidential data, especially when it's being sent externally. Here are some ways of doing that:
Office 365 Message Encryption (OME)
"With Office 365 Message Encryption, your organization can send and receive encrypted email messages between people inside and outside your organization. Office 365 Message Encryption works with Outlook.com, Yahoo!, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content."
"Information Rights Management (IRM) allows you to specify access permissions to email messages. IRM helps prevent sensitive information from being read, printed, forwarded, or copied by unauthorized people. IRM also helps organizations enforce corporate policy governing the control and dissemination of confidential or proprietary information, both within the organization and with customers and partners."
Apr 20 2018 01:44 AM
See https://www.petri.com/office-365-encrypted-email for details about the new Encrypt feature. This is available for OWA now and will soon be in Outlook desktop. Outlook mobile clients can read encrypted messages.
The Encrypt feature is based on top of rights management (IRM) and the same feature is due to appear in Outlook consumer. If you really want to protect data, apply a protection template to restrict what users can do when they receive messages.