Aug 06 2021
10:51 AM
- last edited on
Feb 01 2023
01:34 PM
by
TechCommunityAP
Aug 06 2021
10:51 AM
- last edited on
Feb 01 2023
01:34 PM
by
TechCommunityAP
Dear community,
we have following challenge.
We would like to use the message encryption option (OME)
It´s simple to implement and fits for most of our needs.
However we have one scenario where it doesnt fits or at least I couldnt find a solution in this community or in Internet.
Our director wants to delegate access to his assistant including inbox but shouldnt be able read encrypted emails
Is there a solution for this?
Thanks for your support...
Aug 06 2021 11:52 AM
Aug 06 2021 12:20 PM
@ChristianJBergstrom thanks for your quick answer.
If I understand you well, OME don´t have a solution for this use case, right?
To somehow block all except Outlook Windows dont think it is a good idea.
It will be challeging to assure never get access..
Maybe there is a way via Powershell?
Question is if it is possible...
Thanks a lot anyway :)
Aug 06 2021 01:11 PM
Oct 15 2021 10:04 AM
iOS and Android allow opening an encrypted message of a delegated mailbox. Any way to disable this similar to disabling access to OWA?
Oct 16 2021 10:50 AM
Oct 17 2021 10:34 AM
Oct 17 2021 11:21 AM
Agreed, but if going down that road it needs some structure and planning incl. people from your business (to classify and protect). I.e. the very opposite from the easy to use built-in encryption with OME @josecachairo
Oct 18 2021 12:31 AM
hi all,
meanwhile we tested and indeed delegates CAN´T read encrypted emails. So it is working as we expected and Microsoft information is confusing (not clear enough) to this matter.
So if you use OME, delegate can´t not read those emails (encrypt only).
I recommend you to test it also in iOS, Android to be sure.
Oct 18 2021 12:54 AM - edited Oct 21 2021 11:50 AM
See below.
Oct 20 2021 09:59 AM - edited Oct 20 2021 10:19 AM
Thanks @ChristianJBergstrom and @josecachairo. This is helpful.
Oct 21 2021 11:48 AM
@BHartNL @josecachairo Hello again, simply writing to update and correct my previous reply. It didn't seem consistent (logical) so thought it might had to be because all of my cached credentials doing all my testing. So I set it up again, from scratch and this time with a new W10 profile as well.
1. The delegate cannot see the encrypted email (just the wrapper). If clicking it will direct to error.
2. The delegate can see it using Outlook on the web.