Table of contents
Start for free
Office 365 email encryption—is it secure enough to give you peace of mind?Can Microsoft offer enough protection to your email correspondence and files? Learn all about Office 365 email encryption and how to gain control of your data.
Office 365 email encryption—popularly known as Office 365 Message Encryption (OME)—is Microsoft’s legacy encryption method allowing users to send secure internal and external emails. The standard got a revamp when the company released Microsoft Purview Message Encryption (MPME), which is set to replace OME.If you’re subscribed to Office 365, you might be wondering about the level of security you get with OME/MPME. To give you the latest information, this article will cover MPME as the soon-to-be standard encryption method. You’ll learn about its security, availability, and alternatives worth exploring.
Secure your data with the best encryption protocolSkiff Mail provides end-to-end encryption, ensuring the highest protection standard
MPME—email encryption for Office 365 usersMPME lets users encrypt their messages to enjoy greater security when sharing private emails and files. Besides encryption, it includes various authorization policies letting users have more control over their sensitive data.The standard combines OME with Information Rights Management (IRM), a set of tools allowing the sender to restrict access and distribution of emails and their contents. It also protects attachments, so your files will be kept safe.With MPME, you can use rights management templates to encrypt your emails and set specific rules for how they’re handled, or you can choose between two default encryption options:
MPME keeps your emails encrypted even if the recipient uses another email service provider like Gmail or Yahoo. They’ll need a password to open it, which prevents unauthorized access.
|Option||What it does|
|Encrypt Only||Emails are encrypted without restrictions, letting users copy, forward, or print their contents|
|Do Not Forward||Besides being encrypted, the email is protected from further distribution, saving, or edits|
MPME availability—who can use Office 365 encrypted email?The main drawback of MPME is that it’s reserved for the higher-priced Office 365 Enterprise tiers:
It’s also available with the more comprehensive Microsoft 365 Enterprise tiers (E3 and E5), as well as:
|Office 365 Enterprise E3||$23/user per month|
|Office 365 Enterprise E5||$38/user per month|
- Education plans (A1, A3, and A5)
- Government tiers (G3 and G5)
- Microsoft 365 Business Premium
How to secure emails beyond MPMEMicrosoft offers different security options besides MPME. Depending on your needs, you can:
- Use Exchange Online email encryption
- Secure your emails with S/MIME end-to-end encryption
Exchange Online encrypted email—robust security for organizationsExchange Online is Microsoft’s hosted email service. It’s the cloud version of the company’s on-premise Exchange Server that lets users share emails, calendars, contacts, and similar information necessary for collaboration.The platform supports IRM through Active Directory Rights Management Services (AD RMS), an on-premises information security solution.When you configure AD RMS, you can create rights policy templates and apply them to your emails. This way, you can control access and actions the recipient can take inside or outside your organization.Senders can apply templates manually through Outlook on the Web or dedicated Outlook clients for different platforms. All the policies apply to the email’s contents and attachments and stay enforced even during offline use.Setting up AD RMS is complicated and isn’t something an average user can do without the help of an expert. Even Microsoft states it’s uncommon and suggests using MPME unless your organization has a specific need for such complex security.
Access complete data protection effortlesslySkiff's straightforward and easy-to-use UI allows non-tech-savvy users to enjoy end-to-end encryption
Can S/MIME Encryption offer enough protection?By default, Outlook emails are protected by the TLS (Transport Layer Security) protocol. It secures data in transit, meaning your emails are only safe while traveling between servers but not while resting on them.To ensure comprehensive protection and privacy, you need end-to-end encryption (E2EE). It safeguards your emails from the moment they leave your device so that only the designated recipient can access their contents. Your messages are also safe when being idle, which minimizes the risk of data breaches or various cyberattacks.Microsoft offers E2EE using the S/MIME standard. It’s a certificate-based protocol offering decent protection, but it’s not without flaws. It has been tied to significant vulnerabilities and is complex to set up.You must buy the certificate separately and then configure it on your device, which can be time-consuming for users without the necessary technical knowledge. Then, you can set up S/MIME in Outlook by following these steps:
- Go to File > Options
- Select Trust Center > Trust Center Settings
- Click on Settings under Encrypted Email
- Go to Certificates and Algorithms
- Click on Choose > S/MIME Certificate
Skiff Mail—email privacy for everyoneSkiff doesn’t hide advanced security features behind paywalls, so users can enjoy complete privacy and confidentiality for free with Skiff Mail. The platform supports cutting-edge cryptography to let users leverage the full power of E2EE.Unlike most email service providers, Skiff doesn’t store encryption keys on their servers. The public key is shared among users and lets them send secure emails, while a separate private key is created by the user and stored on their device. As only the recipient has the decryption key, nobody—not even Skiff—can access the correspondence.
Standout features of Skiff’s robust free planWhen you sign up for Skiff, you’ll be greeted by a user-friendly interface letting you send and manage secure emails without friction. You don’t need to install any certificates or add-ons—Skiff made sure all security measures work in the back end without the need for extra input.Skiff’s free plan gets you 10 GB of end-to-end encrypted storage, which is enough for an average user to keep their private files safe. You also get features typically reserved for paid plan users, such as thorough and fast email and text search.If you need to manage multiple inboxes without confusion, you can take advantage of four Skiff.com aliases. They let you funnel emails from multiple addresses into your inbox so that you can stay organized and productive.Skiff Mail supports various crypto wallets to let users communicate and complete transactions anonymously. You can log in with:If you want to learn more about Skiff’s security measures or other features, check out the whitepaper. The platform is open source and welcomes all users willing to review the code, so visit Skiff’s GitHub for detailed information.
Drive, Pages, and Calendar—explore Skiff’s privacy-first workspaceIf you need a more secure alternative to Microsoft’s Office suite, Skiff offers three end-to-end encrypted products you can use for free when you create a Skiff Mail account.With Skiff Pages, you can:
- Create unlimited docs
- Use a rich text editor to add tables, code blocks, and other elements
- Collaborate and manage your team without privacy concerns
- Video conferencing
- Shared calendars that other team members can see to stay updated
- Auto syncing—Skiff Calendar automatically pulls events and RSVPs from your inbox
Get started with Skiff in three quick stepsYou can sign up for Skiff without leaving any personal information—all you have to do is:
- Go to the signup page
- Choose your account name and password
- Explore Skiff Mail and other secure products
- Essential (from $3/month)
- Pro (from $8/month)—Best for advanced users or small teams
- Business (from $12/month)—Suitable for companies looking to keep their data and projects secure
Ensure proper system security to avoid breachesWhether you use Office 365 or a privacy-first workspace like Skiff, you must beware of online threats beyond email attacks. If you’re an individual, you can ensure full data ownership through a few simple security practices:
- Use a secure browser—Browser attacks are common and effective, so you need an option with advanced security measures like anti-phishing or anti-malware features
- Enable two-factor authentication (2FA)—Microsoft strongly recommends using their Authenticator app and setting up two-factor authentication to secure your account. This security layer is paramount regardless of your service provider, as it protects you from common password attacks. Skiff supports 2FA to let you fortify your email beyond E2EE, so make sure to enable it when you sign up
- Secure your network—Most wireless routers come with encryption features, so use them to safeguard your connection from Man-in-the-Middle (MitM) attacks. Set a strong password for your network, and use a firewall to shield it against hackers