Overview
When emailing recipients outside the University from your staff or generic@qmul.ac.uk email account, ensuring secure access to this email is crucial, especially when it contains personal or sensitive information. Email encryption effectively addresses these security concerns.
Sending an Encrypted Email Using Office 365
Encrypting an email is a secure method for sending messages that contain confidential information. Emails with sensitive data, such as passwords, personally identifiable, health, or financial information, should always be encrypted before being sent. To encrypt your emails from the Outlook web portal, follow these steps:
In addition to encrypting an email, you can prevent your email and any attachments from being forwarded by the recipient by selecting the ‘Do Not Forward’ option. When you choose ‘Do Not Forward,’ your message will be encrypted, and recipients will be unable to forward it, though they can still reply.
If your email includes an attachment, it will also be encrypted. Microsoft file formats like Word and Excel will remain encrypted even after being downloaded. However, non-Microsoft file formats such as PDFs and image files will not retain encryption once downloaded and can be shared by the recipient.
Email Encryption: Method 1
Composing and Sending an Encrypted Email.
1. Log into Outlook on Office 365.
2. Click on New Email to compose a new message.
3. Write your email as you normally would - enter the recipient’s email address, subject, and your message.
4. Before sending the email, click on the Options tab in the top menu.
In the Options tab, find the Encrypt button either written or a padlock. Click on it to see the encryption options.
Choose the encryption option that suits your needs. The options include:
The Set the permission on this Item includes a list of standard encryption permissions allowed on the email sent in the environment and externally.
5. After selecting the encryption option, finish composing your email and click Send. Recipients will receive an email with the permission you have selected. Encrypted emails that internal receivers using outlook receive, will have an icon of padlock in the side view to indicate it has been encrypted.
For Recipients Using Non-Microsoft Email Services
6. Recipients will receive an email with a link to view the encrypted message.
7. You will need to click on the link to be redirected to a webpage where you can read the message. The One-time passcode is sent to the same mail address. This allows the user to enter in their passcode.
8. They may need to sign in with a Google account or a one-time passcode to verify their identity before they can read the email.
Access will be granted to view the email once you add your unique passcode into the authenticator. The access is subject to a 15 minute timeout. If the computer is private, you can use a checkbox to extend the machine's authentication for 12 hours if further encrypted communication is to continue.
Email Encryption: Method 2
To encrypt individual emails, simply include the phrase Encrypt in the subject line of the email. This can be done using any email client, such as the Outlook Web App, the Outlook desktop client, or a mobile device. Encrypted emails ensure that any replies remain encrypted, maintaining the original email's security level.
Important: Always consult with your university’s IT department for specific guidelines and policies related to email encryption in the institution. Some additional specific protocols or systems may be in place for this purpose.
These instructions should help users in the environment to use Microsoft encryption for email effectively and securely. Email encryption is a crucial step in protecting sensitive information from unauthorised access.
Email Attachment Encryption Summary
Encryption Option
Attachment Type
Recipient’s Email Service and Client
Queen Mary University of London
Outlook.com and Microsoft 365 Accounts
Non- Queen Mary University of London
Mail Services Other Than
Encrypt-Only
Microsoft Office attachments (e.g., Word, Excel, PowerPoint files)
Attachments can be downloaded without encryption.
A Microsoft encryption compliant client or temporary passcode is required to access the email and download attachments from the Microsoft 365 Message Encryption portal.
Other attachment types
Do Not Forward
Encrypted Office attachments can be opened in Microsoft Office across platforms.
If the attachments are downloaded and sent to another recipient, the recipient cannot open them but can request access.
Queen Mary, University of London - Confidential
Attachments can be downloaded but cannot be opened unless the recipient is signed into Office 365 with a QMUL account.
The recipient cannot access the email.
Any user can open attachments without restriction.
Queen Mary, University of London - Confidential View Only
Attachments cannot be opened unless the recipient is signed into Office 365 with a QMUL account.
The recipient cannot edit or save the document with Microsoft Office.