Body
When you need to protect the content of an email message, you should encrypt it. Outlook includes encryption features that let you ensure that your email message stays private between you and the recipient(s). This is useful when you need to send confidential or personal information.
Table of Contents
Encryption options
In all cases, you'll be presented with 4 encryption options to choose from. Each option encrypts the entire message both in transit and at rest in the recipient's mailbox(es), including any attachments.
Message encryption options:
| |
Modify message content |
Forward/copy/print |
Viewable by external recipients |
| Encrypt |
✔️ |
✔️ |
✔️ |
| Do Not Forward |
✔️ |
❌ |
✔️ |
| Stonehill College – Confidential |
✔️ |
✔️ |
❌ |
| Stonehill College – Confidential View Only |
❌ |
❌ |
❌ |
Back to top
Encrypt an email message
Outlook desktop app on Windows
To encrypt a message, find the Options tab in the Ribbon at the top of the window, then click Encrypt.
Outlook desktop app on macOS
In order to easily Encrypt an email, the Encryption button will needed to be added to your toolbar in Outlook. To do this, click the See more items button (…) in the toolbar and click Customize Toolbar.
You’ll see the current icons in the toolbar moving at the top of the screen. To add an item to the toolbar, click and drag the Encryption item up to the toolbar in the position you want it to go. Release the mouse button and it will appear where you dragged it.
To encrypt a message, click the Encryption button at the top of the email window and click Encrypt.
Outlook Web App or the new Outlook Windows client
To encrypt a message, find the Options tab in the Ribbon at the top of the window, then click Encrypt (you may instead see only a lock icon).
Back to top
Opening a protected message from another Stonehill account (internally)
As highlighted in the encryption options above, the recipient's experience will be different depending on the type of encryption you select. Opening a protected message internally is streamlined since the Stonehill email address will be using Microsoft Outlook to open the message. This decryption process occurs behind the scenes and oftentimes isn't even something that the recipient will notice, providing a seamless user experience.
For example, the Encrypt option allows for the email to be forwarded, copied printed, modified and is viewable externally using a Stonehill College-branded portal, whereas the Stonehill College - Confidential or Stonehill College - Confidential View Only have more strict limitations where they can't be viewed by the Stonehill College-branded portal, and screenshots are unavailable with these options. The screen will black out if attempting to capture the screen.
Back to top
Receiving an encrypted email on an external account (such as Gmail or Yahoo)
Upon delivery to an external email address (such as Gmail, Yahoo, etc), the message will present a button link to a Stonehill College-branded portal. Once clicked, the recipient will be able to securely open the email after verifying that they are the intended recipient, either via a sign-in prompt or one-time passcode.
Upon clicking the "Read the message" button and verifying their identity, the recipient will see the following screens depending on the type of encryption:
Encrypted
Do Not Forward
The email will open similar to the Encrypted option, but given the nature of the encryption, forward and printing options are unavailable with this option. The reply option is available, and unlike the internal "Do Not Forward" option, the screen will not black out if attempting to capture the screen.
Stonehill College - Confidential & Confidential View Only
Given the restricted nature of the Confidential and Confidential View encryption level, emails will not be viewable by external email addresses.
Back to top
Retention and revocation of encrypted messages sent externally
Encrypted emails sent to external email addresses remain accessible for 30 days. If you want to revoke access to an encrypted email sooner than the 30-day period, contact the Service Desk and we can revoke the email for you.
After 30 days (or as of revocation), upon viewing the contents of a revoked encrypted email, the recipient will receive this message:
Back to top