EHE to Office 365 Message Encryption upgrade FAQ
Applies to: Exchange Online Protection
Topic Last Modified: 2014-06-06
This list gives answers to frequently asked questions about the Exchange Hosted Encryption (EHE) to Office 365 Message Encryption upgrade. If you have questions that aren’t answered below or if you need more information, contact the Office 365 Support team by signing into the Office 365 admin resource center and opening a ticket through the Support option.
If you do not have access to the Office 365 admin center because you are still using FOPE, you can contact support by opening a support ticket and selecting the Get Help Now option in the FOPE Admin Center.
Q. When will my EHE service be upgraded?
A. The upgrade from EHE to Office 365 Message Encryption starts in the first months of 2014. You will receive an email notification approximately four weeks before your scheduled upgrade date.
Q. I am excited about the new features, can I be upgraded early?
A. No, we won’t be able to take any requests to upgrade early.
Q. I can’t wait for the upgrade, is it possible for me to self-migrate?
A. Some administrators have asked whether they can self-migrate to Office 365 Message Encryption ahead of their scheduled upgrade, in order to take advantage of the new capabilities. We strongly recommend that you wait to be upgraded from EHE to Office 365 Message Encryption so you can have the smoothest upgrade experience possible and avoid complications or double-payment.
Q. I am not ready to be upgraded, can I push back my upgrade date?
A. The upgrade to Office 365 Message Encryption brings an enhanced feature set, compared to what EHE offered. And we have simplified the overall process, compared to past upgrades, so that neither you nor your email users need to make changes in order to use the new service. The upgrade takes only a few minutes to finish and we will make sure that message encryption and decryption will continue during the upgrade. Therefore, we are not allowing customers to postpone their upgrade date.
Q. My EHE subscription is about to expire and I haven’t upgraded to the new Office 365 Message Encryption Service. What do I do?
A. If your EHE agreement expires before your upgrade date, work with your partner or licensing specialist to renew your EHE subscription. Do not purchase subscriptions of Windows Azure Rights Management before the upgrade. We will convert your active EHE subscription to Windows Azure Rights Management as part of the upgrade.
Q. Will all my email messages that are currently encrypted with EHE be automatically encrypted with the new Office 365 Message Encryption?
A. All email messages that were encrypted with EHE will remain encrypted, using keys from EHE. The condition of these messages won't be affected by Office 365 Message Encryption rules.
Q. What happens on the day of the upgrade?
A. A detailed description of what happens during the upgrade is available at the EHE Upgrade Center, here: During your upgrade to Office 365 Message Encryption.
Q. Will I be able to access EHE encrypted email messages after the upgrade?
A. Yes. All email messages that were encrypted with EHE will remain encrypted for some time, and you can view and read them as before.
Q. My users send encrypted email messages to recipients outside our organizations. Is there anything that these recipients have to do differently in order to read and reply to email messages that are encrypted with Office 365 Message Encryption?
A. Yes. Recipients outside your organization who receive email messages that are encrypted with Office 365 Message Encryption will sign in to view and reply to encrypted messages in much the same way as before with the EHE process. But instead of entering an EHE-specific user account and password, they will be asked to sign in with a Microsoft Account or an Office 365 organizational account. Recipients who don’t have either of these accounts will be provided with instructions for signing in and viewing the encrypted message.
Q. Do I need to open any URLs, IP addresses, or ports in my organization’s firewall to support Office 365 Message Encryption?
A. Yes. You have to add URLs for Exchange Online to the allow list for your organization to enable authentication for messages encrypted by Office 365 Message Encryption. For a list of Exchange Online URLs, see Office 365 URLs and IP address ranges.