Feb 20 2017
- last edited on
Feb 19 2021
activating Office 365 Message Encryption and having questions regarding time periods:
- How long (/often) is an encrypted sent e-mail accessible?
- Suppose I delete sending office 365 tenant completely, can messages still be opened by receivers?
- Basically: Any control of OME Messages after sending?
Feb 20 2017 11:26 AM
Mail is not stored in the service, but in your (and the recipient's) mailbox. O365 servers are only used to decrypt/display the message. As long as the message is not deleted and you are still using the service, it can be accessed. If you mean message expiration, I dont think this is officially supported, though we do have a parameter for PowerShell that hints it's possible.
The service does store the encryption keys however, and as OME is using Azure RMS on the backend, decommissioning of the service will be similar to what's detailed here: https://docs.microsoft.com/en-us/information-protection/deploy-use/decommission-deactivate
Not sure what you mean about control? Did you check the FAQ here: https://technet.microsoft.com/en-us/library/dn569285.aspx
Feb 20 2017 12:08 PM
Feb 20 2017 11:55 PM
You as the one using/paying for the serice, and he as the one keeping the message.
Looking at the product pages however, it seems that OME is now only offered as part of AIP, and the latter offers you a bit more flexibility compared to OME in terms of revoking access, tracking protected documents, etc.
Jan 27 2021 06:13 AM
Thanks for your insight, as Microsoft is currently pushing the hole topic under the name MIP, let me warm up this old thread.
I don't use Microsoft 365 or Microsoft outlook.
I receive an OME encrypted E-Mail, which I open via "the link", which redirects to an Outlook Webaccess light. I sign in with one time password. --> The mail is basically stored in the Microsoft cloud.
How long, or which are the conditions under which I can access this E-Mail?
As a background:
In Germany it is mandatory to archive business communication in readable format (including E-Mail for 10 years).
When I can't guarantee access to that mails for this time frame, I would need to refuse OME Mails?
Or is there a known legal backup?
Is there any Information from Microsoft side? Unfortunatly I haven't found any.