Was this page helpful?
Additional feedback?
1500 characters remaining
Export (0) Print
Expand All

After your upgrade to Office 365 Message Encryption


Applies to: Exchange Online Protection

Topic Last Modified: 2014-10-17

After the upgrade from Exchange Hosted Encryption (EHE) to Office 365 Message Encryption is complete, the new service will automatically start encrypting any new messages based on the criteria defined in the Exchange transport rules. Users sending encrypted emails will be able to continue sending encrypted messages as they did prior to the upgrade. As an admin, you’ll be able to customize the encryption user interface with your brand and create rules governing encryption, as described in Customizing the UI and Managing and creating rules for message encryption.

Office 365 Message Encryption delivers encrypted messages to recipient inboxes with an attachment. Recipients open their message and follow embedded instructions to sign in to the message viewing portal. Recipients can sign in by using a Microsoft account or a work or school account associated with Office 365. If they don’t have either account, they can follow instructions for obtaining one. Alternatively, recipients can choose to Use a one-time passcode to view an encrypted message. Once recipients have signed in and identified themselves, they can open and read the message with encryption removed. For instructions, see Send, view, and reply to encrypted messages.

Office 365 Message Encryption works on mobile devices as long as the attachment can be opened in a viewer that supports form posts. This is how messages might look on a Windows Phone platform.

Sample encrypted email pages on mobile device

Office 365 Message Encryption lets administrators customize encryption email messages to present a familiar brand to recipients. Using Windows PowerShell cmdlets, administrators can update the header and disclaimer text in the email message, update the text in the message viewing portal, and add a logo to the message or portal page.

For the latest information on this topic, see Add branding to encrypted messages.

After the upgrade to Office 365 Message Encryption is complete, you can manage transport rules that passed from EHE to Office 365 Message Encryption or you can define new rules to meet your business needs. To encrypt email messages using Office 365 Message Encryption or to remove encryption from email messages, you won’t have to check for headers and add new ones as in the past with EHE. Instead, you can create new rules in the Exchange Admin Center (EAC) or by using Windows PowerShell cmdlets.

For the latest information on this topic, see Define rules to encrypt or decrypt email messages.

Messages that were encrypted by using EHE won’t be converted to the Office 365 Message Encryption format. As of September 30, 2014, recipients cannot reply to or forward EHE encrypted messages from the EHE portal. However, EHE encrypted messages will be viewable until September 30, 2015. Recipients can view their EHE encrypted messages by signing in to the EHE portal.

Office 365 Message Encryption is included with Azure Rights Management (Azure RMS). Therefore, we will be upgrading email user accounts to the new Azure RMS subscription to support the new service. Azure RMS includes Information Rights Management (IRM) technology which provides added protection for email messages sent in your organization. Azure RMS subscriptions give you access to new capabilities. For example, you can use predefined email templates, such as:

  • Company Confidential

  • Do not Forward

  • Company Confidential (Read Only)

Learn more about Information Rights Management in Office 365 at Information Rights Management in Exchange Online.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
© 2015 Microsoft