Setup Message Encryption Office 365

Today we will learn how to setup message encryption in office 365, this comes with office 365 E3 + plans.

Many organizations use Ironport , proofpoint or thirdparty tools for achieving this function, if they have o365 E3 plan & still using thirdparty tools for this, than they can switch to office 365 message encryption and reduce their cost as they have already paid for o365 licenses.

First we need to activate the Rights management features.

Go to Admin Portal –> Settings –> Services & add-ins

Click on Microsoft Azure information Protection:

Click on Activate to activate Rights management

Now you need to configure IRM on exchange online so launch Exchange online shell.

SET RMS with key sharing location as per your Tenant Location

Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc

Check by running Get-IRMConfiguration to verify the config:

Import the trusted Publishing domain

Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”

Disable the IRM templates in outlook & OWA as we just want to configure message encryption.

Set-IRMConfiguration -ClientAccessServerEnabled $false

Last step is to enable the message encryption.

Set-IRMConfiguration -InternalLicensingEnabled $true

Now you need to create a transport rule for  encrypting the message that are sent outside your organization.

Lets test the configuration now as a end user.

Now when the recipient receives the message it will be like below:

I will definitely get our organization third-party encryption feature removed and configure this, there are some features like message revoke, message read are not available but still it is a good replacement.

refer message encryption faq to know more:

https://technet.microsoft.com/en-us/library/dn569285.aspx

 

Thanks for reading

Sukhija Vikas

http://SysCloudPro.com

 

 

 

 

Advertisements

4 thoughts on “Setup Message Encryption Office 365

    • Yes, it still has some things to be worked upon.
      For example: send email to some oultook.com or other o365 user , it is expecting you to have outlook for opening the message(see below message), I am testing other things as well & working with MS to get all our requirements fulfilled.

      The message you tried to open is protected with Information Rights Management and can only be opened using Outlook. Download a free trial of Microsoft Outlook.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s