We would like to show you a description here but the site won’t allow us. Office for business. If your Office for business subscription plan includes the desktop version of the Office apps you won't see an option to install it unless someone in your organization assigned a license to you. Learn how to check this in What Microsoft 365 business product or license do I have? Or if you're an Microsoft 365 admin responsible for assigning licenses to people in your. This web site tests your network connectivity to Microsoft 365 and shares a test report with your administrator.
-->This article compares encryption options in Microsoft 365 including Office 365 Message Encryption (OME), S/MIME, Information Rights Management (IRM), and introduces Transport Layer Security (TLS).
Get the best deals for microsoft office 365 at eBay.com. We have a great online selection at the lowest prices with Fast & Free shipping on many items! Share your videos with friends, family, and the world.
Microsoft 365 delivers multiple encryption options to help you meet your business needs for email security. This article presents three ways to encrypt email in Office 365. If you want to learn more about all security features in Office 365, visit the Office 365 Trust Center. This article introduces the three types of encryption available for Microsoft 365 administrators to help secure email in Office 365:
Office Message Encryption (OME).
Secure/Multipurpose Internet Mail Extensions (S/MIME).
Information Rights Management (IRM).
How Microsoft 365 uses email encryption
Encryption is the process by which information is encoded so that only an authorized recipient can decode and consume the information. Microsoft 365 uses encryption in two ways: in the service, and as a customer control. In the service, encryption is used in Microsoft 365 by default; you don't have to configure anything. For example, Microsoft 365 uses Transport Layer Security (TLS) to encrypt the connection, or session, between two servers.
Here's how email encryption typically works:
A message is encrypted, or transformed from plain text into unreadable ciphertext, either on the sender's machine, or by a central server while the message is in transit.
The message remains in ciphertext while it's in transit in order to protect it from being read in case the message is intercepted.
Once the message is received by the recipient, the message is transformed back into readable plain text in one of two ways:
The recipient's machine uses a key to decrypt the message, or
A central server decrypts the message on behalf of the recipient, after validating the recipient's identity.
For more information on how Microsoft 365 secures communication between servers, such as between organizations within Microsoft 365 or between Microsoft 365 and a trusted business partner outside of Microsoft 365, see How Exchange Online uses TLS to secure email connections in Office 365.
Watch this video for an introduction to Encryption in Office 365.
Comparing email encryption options available in Office 365
| Email encryption technology | |||
|---|---|---|---|
| What is it? | Office 365 Message Encryption (OME) is a service built on Azure Rights Management (Azure RMS) that lets you send encrypted email to people inside or outside your organization, regardless of the destination email address (Gmail, Yahoo! Mail, Outlook.com, etc.). As an admin, you can set up transport rules that define the conditions for encryption. When a user sends a message that matches a rule, encryption is applied automatically. To view encrypted messages, recipients can either get a one-time passcode, sign in with a Microsoft account, or sign in with a work or school account associated with Office 365. Recipients can also send encrypted replies. They don't need a Microsoft 365 subscription to view encrypted messages or send encrypted replies. | IRM is an encryption solution that also applies usage restrictions to email messages. It helps prevent sensitive information from being printed, forwarded, or copied by unauthorized people. IRM capabilities in Microsoft 365 use Azure Rights Management (Azure RMS). | S/MIME is a certificate-based encryption solution that allows you to both encrypt and digitally sign a message. The message encryption helps ensure that only the intended recipient can open and read the message. A digital signature helps the recipient validate the identity of the sender. Both digital signatures and message encryption are made possible through the use of unique digital certificates that contain the keys for verifying digital signatures and encrypting or decrypting messages. To use S/MIME, you must have public keys on file for each recipient. Recipients have to maintain their own private keys, which must remain secure. If a recipient's private keys are compromised, the recipient needs to get a new private key and redistribute public keys to all potential senders. |
| What does it do? | OME: Encrypts messages sent to internal or external recipients. Allows users to send encrypted messages to any email address, including Outlook.com, Yahoo! Mail, and Gmail. Allows you, as an admin, to customize the email viewing portal to reflect your organization's brand. Microsoft securely manages and stores the keys, so you don't have to. No special client side software is needed as long as the encrypted message (sent as an HTML attachment) can be opened in a browser. | IRM: Uses encryption and usage restrictions to provide online and offline protection for email messages and attachments. Gives you, as an admin, the ability to set up transport rules or Outlook protection rules to automatically apply IRM to select messages. Lets users manually apply templates in Outlook or Outlook on the web (formerly known as Outlook Web App). | S/MIME addresses sender authentication with digital signatures, and message confidentiality with encryption. |
| What does it not do? | OME doesn't let you apply usage restrictions to messages. For example, you can't use it to stop a recipient from forwarding or printing an encrypted message. | Some applications may not support IRM emails on all devices. For more information about these and other products that support IRM email, see Client device capabilities. | S/MIME doesn't allow encrypted messages to be scanned for malware, spam, or policies. |
| Recommendations and example scenarios | We recommend using OME when you want to send sensitive business information to people outside your organization, whether they're consumers or other businesses. For example: A bank employee sending credit card statements to customers A doctor's office sending medical records to a patient An attorney sending confidential legal information to another attorney | We recommend using IRM when you want to apply usage restrictions as well as encryption. For example: A manager sending confidential details to her team about a new product applies the 'Do Not Forward' option. An executive needs to share a bid proposal with another company, which includes an attachment from a partner who is using Office 365, and require both the email and the attachment to be protected. | We recommend using S/MIME when either your organization or the recipient's organization requires true peer-to-peer encryption. S/MIME is most commonly used in the following scenarios: Government agencies communicating with other government agencies A business communicating with a government agency |
What encryption options are available for my Microsoft 365 subscription?
For information about email encryption options for your Microsoft 365 subscription see the Exchange Online service description. Here, you can find information about the following encryption features:
Azure RMS, including both IRM capabilities and OME
S/MIME
TLS
Encryption of data at rest (through BitLocker)
You can also use third-party encryption tools with Microsoft 365, for example, PGP (Pretty Good Privacy). Microsoft 365 does not support PGP/MIME and you can only use PGP/Inline to send and receive PGP-encrypted emails.
What about encryption for data at rest?
Ms365.com
'Data at rest' refers to data that isn't actively in transit. In Microsoft 365, email data at rest is encrypted using BitLocker Drive Encryption. BitLocker encrypts the hard drives in Microsoft datacenters to provide enhanced protection against unauthorized access. To learn more, see BitLocker Overview.
More information about email encryption options
For more information about the email encryption options in this article as well as TLS, see these articles:
OME
IRM
S/MIME
TLS
-->Microsoft 365 for enterprise is a complete, intelligent solution that empowers everyone to be creative and work together securely.
Microsoft 365 for enterprise is designed for large organizations, but it can also be used for medium-sized and small businesses that need the most advanced security and productivity capabilities.
Components
Microsoft 365 for enterprise consists of:
| Services | Description |
|---|---|
| Local apps and cloud-based apps and productivity services | Includes both Microsoft 365 Apps for enterprise, the latest Office apps for your PC and Mac (such as Word, Excel, PowerPoint, Outlook, and others), and a full suite of online services for email, file storage and collaboration, meetings, and more. |
| Windows 10 Enterprise | Meets the needs of both large and midsize organizations. It's the most productive and secure version of Windows for users. For IT professionals, it also provides comprehensive deployment, device, and app management. |
| Device management and advanced security services | Includes Microsoft Intune, which is a cloud-based enterprise mobility management service that helps enable your workforce to be productive while protecting your organization data. |
Plans
Microsoft 365 for enterprise is available in three plans.
| Plan name | Capabilities |
|---|---|
| E3 | Access the Microsoft 365 core products and features to securely enhance workplace productivity and drive innovation. |
| E5 | Access the Microsoft 365 latest products and features. These include Defender for Office 365, security tools, and collaboration tools. This plan includes all E3 capabilities, plus advanced security, voice, and data analysis tools. |
| F3 | Connect with your first-line workers through purpose-built tools and resources that they can use to help them do their best work. |
If you have Microsoft 365 E3, you can also get these add-ons:
- Identity & Threat Protection
- Information Protection & Compliance
- Microsoft 365 E5 Insider Risk
Microsoft 365 E3 users can use these add-ons to take advantage of some of the additional features Microsoft 365 E5 includes.
For more information, see Features and capabilities for each plan.
Get the big picture
The Microsoft 365 for enterprise poster is a central location for you to view:
- The benefits of Microsoft 365 for enterprise, and how apps and services map to its value pillars.
- Microsoft 365 for enterprise plans and which components they contain.
- The key components of the Microsoft modern workplace, which Microsoft 365 for enterprise enables.
- The Microsoft 365 Productivity Library and representative scenarios for some common organization departments.
You can also download a copy of the poster.
Transition your entire organization
To get a better picture about how to move your entire organization to the products and services in Microsoft 365 for enterprise, see the transition poster.
This two-page poster is a quick way to inventory your existing infrastructure. It helps you to find guidance and move to the corresponding product or service in Microsoft 365 for enterprise. It includes Windows and Office products and other infrastructure and security elements, such as device management, identity, and information and threat protection.
End of support for Windows 7 and Office 2010 clients and servers
Windows 7 reached end of support on January 14, 2020.
These products reached end of support on October 13, 2020:
SharePoint Server 2010 will reach end of support on April 13, 2021.
For a visual summary of the upgrade, migrate, and move-to-the-cloud options for these products, see the end of support poster.
This one-page poster is a quick way to understand the various paths you can take to prevent Windows 7 and Office 2010 client and server products from reaching end of support, with preferred paths and support in Microsoft 365 for enterprise highlighted.
Ms 365 Sign In
You can also download this poster and print it in letter, legal, or tabloid (11 x 17) formats.
Plan for and deploy
There are three ways to plan for and deploy the products, features, and components of Microsoft 365 for enterprise:
In partnership with FastTrack
With FastTrack, Microsoft engineers help you move to the cloud at your own pace. See FastTrack for Microsoft 365.
With the help of Microsoft Consulting Services or a Microsoft partner
Consultants can analyze your current infrastructure and help you develop a plan to incorporate all the software and services of Microsoft 365 for enterprise.
Do it yourself
Start with the Networking roadmap to build out or verify your existing infrastructure and productivity workloads.
For an example of how a fictional but representative multinational organization has deployed Microsoft 365 for enterprise, see the Contoso Corporation case study.
Additional Microsoft 365 products
Bring together the best-in-class productivity and collaboration capabilities with device management and security solutions to safeguard business data for small and midsize businesses.
Empower educators to unlock creativity, promote teamwork, and provide a simple and safe experience in a single, affordable solution built for education.
Empower United States public sector employees to work together, securely.
Best together with Surface and the Edge browser
Optimize your user’s integrated and secure productivity with the best-together combination of Microsoft 365 for enterprise, Microsoft Surface devices, and the Microsoft Edge browser. This cross-product integration provides:
- A common identity and sign-in security infrastructure.
- Integrated local and cloud apps for search, collaboration, productivity, and compliance.
- Comprehensive and integrated security for hardware, browser, local app, and cloud apps.
- A common infrastructure for IT management of installs and updates.
Here is an example for an enterprise organization.
For more information and configuration examples for a small and medium business and an educational institution, download the Best together poster.
Microsoft 365 training
To learn more about Microsoft 365 and work toward a Microsoft 365 certification, you can start with Microsoft 365 Certified: Fundamentals.
Ms365 Pricing
See also