cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Outlook message encryption - avoid delegate access

josecachairo
Copper Contributor

‎Aug 06 2021 10:51 AM - last edited on ‎Feb 01 2023 01:34 PM by

‎Aug 06 2021 10:51 AM - last edited on ‎Feb 01 2023 01:34 PM by

Outlook message encryption - avoid delegate access

Dear community,

 

we have following challenge.

We would like to use the message encryption option (OME)

It´s simple to implement and fits for most of our needs.

 

However we have one scenario where it doesnt fits or at least I couldnt find a solution in this community or in Internet.

 

Our director wants to delegate access to his assistant including inbox but shouldnt be able read encrypted emails 

Is there a solution for this?

 

Thanks for your support...

 

5,212 Views
1 Like
11 Replies
Reply
11 Replies
ChristianJBergstrom

‎Aug 06 2021 11:52 AM

‎Aug 06 2021 11:52 AM

Re: Outlook message encryption - avoid delegate access

Hello, if you can restrict the assistant to use Outlook for Windows only it's possible.

https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-faq?view=o365-worldwide#is-delegated-a...
0 Likes
Reply
josecachairo

‎Aug 06 2021 12:20 PM

‎Aug 06 2021 12:20 PM

Re: Outlook message encryption - avoid delegate access

@ChristianJBergstrom thanks for your quick answer.

If I understand you well, OME don´t have a solution for this use case, right?

To somehow block all except Outlook Windows dont think it is a good idea.

It will be challeging to assure never get access..

Maybe there is a way via Powershell?

Question is if it is possible...

 

Thanks a lot anyway :)

 

 

0 Likes
Reply
ChristianJBergstrom

‎Aug 06 2021 01:11 PM

‎Aug 06 2021 01:11 PM

Re: Outlook message encryption - avoid delegate access

You’re correct. OME cannot accomplish what you’re looking for. There used to be a MIP UserVoice request for this scenario, but as Microsoft has closed down UV for this and other products I don’t know what has happened to it. Sorry..
0 Likes
Reply
BHartNL

‎Oct 15 2021 10:04 AM

‎Oct 15 2021 10:04 AM

Re: Outlook message encryption - avoid delegate access

iOS and Android allow opening an encrypted message of a delegated mailbox. Any way to disable this similar to disabling access to OWA?

0 Likes
Reply
ChristianJBergstrom

‎Oct 16 2021 10:50 AM

‎Oct 16 2021 10:50 AM

Re: Outlook message encryption - avoid delegate access

Don't know really, not within my field so to speak.

"Is delegated access supported with opening encrypted messages? Even if a delegate has full access to another user's mailbox?

- Delegated access of encrypted mail is supported in Outlook on the web, Outlook for Mac, Outlook for iOS, and Outlook for Android. Outlook for Windows does not support delegated access."

https://docs.microsoft.com/en-us/microsoft-365/compliance/ome-faq?view=o365-worldwide#is-delegated-a...

0 Likes
Reply
Tony Redmond

‎Oct 17 2021 10:34 AM

‎Oct 17 2021 10:34 AM

Re: Outlook message encryption - avoid delegate access

OME isn't really designed to handle complex access situations. If I were you. I'd consider using a sensitivity label that restricts access to a limited set of reciipients.
0 Likes
Reply
ChristianJBergstrom

‎Oct 17 2021 11:21 AM

‎Oct 17 2021 11:21 AM

Re: Outlook message encryption - avoid delegate access

Agreed, but if going down that road it needs some structure and planning incl. people from your business (to classify and protect). I.e. the very opposite from the easy to use built-in encryption with OME @josecachairo 

0 Likes
Reply
josecachairo

‎Oct 18 2021 12:31 AM

‎Oct 18 2021 12:31 AM

Re: Outlook message encryption - avoid delegate access

@ChristianJBergstrom 

hi all,

meanwhile we tested and indeed delegates CAN´T read encrypted emails. So it is working as we expected and Microsoft information is confusing (not clear enough) to this matter.

So if you use OME, delegate can´t not read those emails (encrypt only).

I recommend you to test it also in iOS, Android to be sure.

0 Likes
Reply
ChristianJBergstrom

‎Oct 18 2021 12:54 AM - edited ‎Oct 21 2021 11:50 AM

‎Oct 18 2021 12:54 AM - edited ‎Oct 21 2021 11:50 AM

Re: Outlook message encryption - avoid delegate access

See below.

0 Likes
Reply
BHartNL

‎Oct 20 2021 09:59 AM - edited ‎Oct 20 2021 10:19 AM

‎Oct 20 2021 09:59 AM - edited ‎Oct 20 2021 10:19 AM

Re: Outlook message encryption - avoid delegate access

Thanks @ChristianJBergstrom  and @josecachairo. This is helpful.

1 Like
Reply
ChristianJBergstrom

‎Oct 21 2021 11:48 AM

‎Oct 21 2021 11:48 AM

Re: Outlook message encryption - avoid delegate access

@BHartNL @josecachairo Hello again, simply writing to update and correct my previous reply. It didn't seem consistent (logical) so thought it might had to be because all of my cached credentials doing all my testing. So I set it up again, from scratch and this time with a new W10 profile as well.

 

1. The delegate cannot see the encrypted email (just the wrapper). If clicking it will direct to error.

2. The delegate can see it using Outlook on the web.

0 Likes
Reply