Man sending secure email at office using Outlook
3 min

Does Microsoft Outlook Use Email Encryption? (FAQ Answered)

Microsoft Outlook is an organisation tool utilised by over 400 million users, with its email and calendar capabilities making it an ideal productivity tool for business use.

However, with 20,000 US organisations facing compromised Outlook accounts in March 2021, and an overall 83% of businesses suffering email data breaches within the last 12 months, companies are beginning to question how to amp up security measures for their email.

Why Do We Need To Send Emails Securely?

Email, although a quick and convenient method of communication, was created to be a simple file sharing service between students at the Massachusetts Institute of Technology (MIT).

Now that email is used by businesses and consumers to transfer often confidential information, the level of inbuilt security is insufficient, leaving messages and attachments open to cyber threats such as interception. One key way to mitigate email interception is encryption.

What Is Email Encryption?

Encryption is the process of disguising the contents of your email, translating messages and attachments into a code that is unable to be translated by human eyes alone. It achieves this through the use of ‘keys’; strings of randomly generated numbers that are used to encode data.

Email encryption is now seen as a vital tool for businesses to utilise, with the Information Conduct Authority advising that customer data should be encrypted to ensure secure processing.

Does Microsoft Outlook Use Email Encryption?

Microsoft Outlook offers different levels of email encryption, depending on your preference and budget:

Transport Layer Security (TLS)- As one of the most basic encryption methods on the market, TLS is offered natively with the basic Outlook package. It works by encrypting the connection between you and your recipients' email providers, preventing unwanted access to a message on its journey. However, emails using TLS level encryption may not remain encrypted once they have reached the recipient’s inbox, leaving them vulnerable to third-party access.

Microsoft Purview Message Encryption (MPME)- Available to Office 365 customers, MPME allows your message and attachments to remain encrypted for the entire journey, otherwise known as end-to-end encryption. However, there are a few reasons why this type of encryption may not be suitable for businesses, including:

  • No multi-factor verification (if the recipient inbox is hacked, data is vulnerable)
  • Only supports authentication for Microsoft attachments (e.g., docx, xls)
  • No revoke functionality (you can ‘request’ a recall for unopened messages)

Of course, Microsoft also allows for the use of third-party add-ins, including more advanced encryption solutions.

What is Encryption Add-in Software?

Outlook add-ins are useful integrations created specifically by third parties for use within the Outlook application. A popular type of Outlook add-in focuses on introducing additional security features to your email, seamlessly working alongside Microsoft’s existing features.

Encryption is just one aspect of these add-ins, offering simple, end-to-end message securing at the click of a button. This way, only the sender and receiver receive the decryption keys needed to read email messages and attachments.

Other capabilities found within security-based Outlook add-ins include:

  • Authentication: Although Outlook natively offers two-factor authentication when logging in to your personal account, add-ins enable you to verify the identity of the individual opening your email. By using the two in tandem, businesses can ensure that sensitive information remains in the right hands.
  • Revoke: Microsoft Outlook offers users a basic level of message recall. However, it only works based on a list of strict factors, such as whether the message has already been opened and how the recipient is accessing Outlook. An Outlook add-in removes these criteria, enabling you to recall any message that has been sent securely, protecting you from the threat of misdirected emails.
  • Audit trails: Auditing is extremely useful for company compliance, with Outlook add-ins enabling you to set up notifications to alert you when your messages have been opened, and by who.

Introducing Mailock

When considering an Outlook add-in to boost your email security, Mailock offers all the above features and more.

As a dedicated outbound email protection software, we deliver frictionless, end-to-end encryption directly to your Outlook, protecting your email whether it is on the move or within an inbox.

Mailock also allows you to authenticate, revoke messages and audit your emails, empowering both staff and consumers to communicate simply and securely. Discover more about the Mailock Outlook Add-in.

Return to listing