How to send a secure encrypted email in Microsoft Outlook

Discover the importance of email encryption and learn how to send secure emails in Outlook.

If you think that sending information in email is secure then you are in for a surprise. It is not! We'll explain this in more detail, but for now, if you need to keep your information secret, you need to use email encryption. This ensures that only the intended recipients, with the has the correct decryption keys, can read the content of the email.

Encryption uses complex algorithms to encode the information. When the recipient receives the email, their email client uses a decryption key to translate the message back into its original form. This process ensures that sensitive information remains confidential and secure from potential threats.

In this blog, we'll teach you how to encrypt your emails using Microsoft Outlook.

• Are all emails sent from Outlook encrypted?
• Why should I encrypt an email?
• Potential drawbacks of email encryption
• Licenses or certificates required to encrypt an email in outlook
• Step-by-step guide to sending an encrypted email in new Microsoft Outlook
• What recipients can expect when receiving an encrypted email?
  
  

Are emails sent from Outlook encrypted?

The answer is no. Well, sort of. But only partly and not always.

When an email is sent, it doesn't necessarily travel directly from Point A to Point B. Sometimes, it can go via points C, D, E, F, and G to get to its destination. While the email is transiting between these points it is usually encrypted but when it reaches the points, it's decrypted so that it can then be passed on to the next point in the chain.

Imagine your email is like a postcard. For some reason, you decide to put the postcard into an unsealed envelope with no address on it. When you put it into the post box it gets picked up by a postie - they take it to the local post office - it then goes to the sorting office - it's transported to the local sorting office of its destination - it then goes to the local post office - then out with the local postie before finally arriving at the recipient. If someone just glances at it while it's moving between the stops, all they'll see is a blank envelope but at each stop, someone has to open it to see where the postcard is going next and can read the message on it.

If you put your postcard in a sealed envelope with an address on it, no one can see the contents other than the recipient. That, in a very simplified way, is the difference between sending normal email and encrypted email.

Incidentally, the same applies to modern messaging applications and is what apps such as WhatsApp are referring to when they talk about end-to-end encryption.

Why should I encrypt an email?

Encrypting emails enhances the security of your communications, especially when dealing with sensitive data such as financial information, personal details, or confidential business discussions. It protects the content from being easily read by unauthorised parties if they're intercepted during transmission.

Encrypting emails also protects them after delivery. Should your email files ever be stolen even after they're in your inbox, they will be unreadable without the appropriate key.

Moreover, email encryption helps maintain privacy and compliance with various data protection regulations such as GDPR. It reassures your clients and partners that their information is handled with the utmost care and security, fostering trust and credibility.

Potential drawbacks of email encryption

While email encryption significantly enhances security, it does come with certain drawbacks. One of the primary challenges is compatibility. Not all email clients support encrypted emails, which can lead to accessibility issues for recipients using different platforms.

Additionally, the process of encrypting and decrypting emails can add extra steps and complexity to your email workflow depending on the email client that you use. It may also require recipients to install specific software or obtain decryption keys, which can be cumbersome and time-consuming.

That said, the process of sending and receiving emails when both sender and recipient are using Microsoft Outlook is very slick. So slick in fact that the recipient probably won't even notice, and all the sender has to do is press a button.

Licence or certificates required to encrypt an email in outlook

Encryption in Outlook is not available without cost. It requires one of two things; either a service called Microsoft Purview which is a premium service included with certain Microsoft licences or by obtaining an S/MIME certificate.

The Microsoft licence route is the simpler way to unlock this feature. We recommend all business use Microsoft Business Premium licences as their starting point anyway, and it includes this feature.

To unlock email encryption via a Microsoft licence you need one of the following licences:

• Microsoft Business Premium
• Microsoft Enterprise E3 or E5
• Educational establishments can use Microsoft Office 365 A1, A3, or A5
• Government bodies can use Office 365 Government G3 or G5

Once applied to your account, the encryption option is automatically enabled.

The alternative method for enabling encryption without using a Microsoft Purview licence, is to obtain an S/MIME certificate which can be procured from a certificate authority. Your IT admin will then need to add the S/MIME certificate to your Outlook Trust Centre, unlocking the 'Encrypt with S/MIME' option. We have not shown it in the steps below but it simply appears in the Option List instead of the simple Encrypt option.

Step-by-step guide to sending an encrypted email in the new Microsoft Outlook

Follow the steps below to send an encrypted email from the new Outlook.

It's as simple as that.

Good to know
One extra thing to think about. If you are unsure whether your recipient is using Outlook you may want to let them know you've sent them an encrypted message. As you'll see below, if they aren't using Outlook they'll receive an email asking them to click a link to view their message; something we've all been trained not to do to avoid falling for phishing scams.

What recipients can expect when receiving an encrypted email?

Your recipient will get a different experience on receipt of your email depending on whether they use Microsoft Outlook themselves or some other mail client.

Recipients using Microsoft Outlook

If the recipient uses Microsoft Outlook, they will simply see a small padlock icon next to the email indicating that it is encrypted. 

The message will be automatically decrypted when they open it using their credentials, acting like any other email.

Once opened, the recipient will be reminded that it is encrypted with a flash at the top of the email. In all other ways, they won't see any difference from a normal email.

Good to know
If the Encrypt option is selected, there is no restriction on forwarding, printing etc of the email. That means that the recipient can do what they want with the email.  If you have selected to block forwarding,  the flash across the top will be slightly different and will let the recipient know of the extra restrictions.

Recipients using other email platforms

Recipients using other email clients will receive an email letting them know they have received a protected message.


When they click the link, they will be shown a screen in their browser asking them to verify their identity like the one below either by logging in with an account such as their Google account or by having a one-time password sent to their email address.

The process ensures that only the intended recipient can access the email content.

Once they have proved their identity, they'll be shown the message in their internet browser.

Next steps...?

If you'd like to find out more about how you can secure your business emails and your data then get in touch with our Edinburgh-based experts today.