Sending Encrypted Email

The Microsoft Office 365 email system can be used to send encrypted emails.  These messages are both encrypted in transit, and encrypted at rest.  They are suitable for sending sensitive information but still cannot be used to send credit card information (which cannot be transmitted via email in any way).

Before sending encrypted emails - you should not be under a false impression that encrypting an email makes it 100% protected.  It is more protected than other emails and helps better protect emails containing sensitive data, but no system is perfect.  For this reason - once you receive emails back with sensitive info, and have processed that information (either passed it along to another department, or appropriately entered it into another system) you may want to delete the email.  At the very least, you should file such emails into a separate folder and on a periodic (once a month, once a semester, etc.) basis delete these messages.

The process of sending an encrypted email is simple - but depends on whether you are using Outlook's web version or the desktop version.

 

Outlook Web Access

Note: This is the method you use if you access your mail via your web browser.

These instructions are for the newer version of Outlook Web Access.  You are using the "Old" Outlook if instead it says "Try the new Outlook" at the top right (If it says this - click "Try the new Outlook" to move to the new version).

 

  1. Create your email as you normally would, filling in the message body, subject, any attachments, and adding recipients (as to/cc/bcc).
  2. Click the Encrypt button (See screenshot below)
  3. Send your message as normal.
    Note: If you are sending to students - there is a special consideration.  Student email accounts on Office 365 (their @newpaltz.edu account) is forwarded to their Hawkmail account.  That works fine for normal emails but makes the encrypted emails inaccessible for them.  Make sure to send students encrypted email to their @hawkmail.newpaltz.edu accounts.

    Alternatively, if you are dealing with students who you will be sending a lot of encrypted email to (such as student employees or those doing clinical work with HIPAA protected data),it's best to have them set their Office 365 account to leave a copy of mail before forwarding.

Screenshot of email compose - with "Encrypt" button

 

Outlook Desktop

There are two ways to send encrypted emails via Outlook's desktop version.  The better way is below - but it won't work on some older versions of Outlook.

  1. Create your email as you normally would.  
  2. Before sending the message click on the Options tab.
  3. Click on Permission and choose "Encrypt-Only"
    Screenshot showing the Options, Permission, and "Encrypt-Only" option in Outlook

 

The alternate way is:

  1. Create your email as you normally would.  
  2. Before sending the message, place the following in the beginning of the subject line:
      [Encrypted]
  3. Send your message as normal.
    Note: If you are sending to students - there is a special consideration.  Student email accounts on Office 365 (their @newpaltz.edu account) is forwarded to their Hawkmail account.  That works fine for normal emails but makes the encrypted emails inaccessible for them.  Make sure to send students encrypted email to their @hawkmail.newpaltz.edu accounts.

 

For information on opening encrypted emails, see the Related Articles section of this page.


Best practices for sending encrypted email

Unless you are sending an encrypted email to a recipient that you have frequently sent such messages to, it is strongly recommended that you send them a separate, unencrypted email at the same time.  The purpose of this is to both let them know what you are sending them, and to send them instructions on opening the message.  We recommend something similar to the following:

Hello,

Following this email, you will receive a second email from me.  This second email contains sensitive data, so it is encrypted.  The message contents are regarding <briefly mention what the encrypted message is about, and why the recipient would want or need to open it>.

If you have any issues opening it, please see the following articles on the SUNY New Paltz IT site:

Opening Encrypted Emails - Non-Office 365 users
Opening Encrypted Emails - Office 365 users
 

 

Details

Article ID: 19073
Created
Tue 11/29/16 9:48 AM
Modified
Tue 7/28/20 4:00 PM