Business colleagues discussing secure email deployment
3 min

Exploring Email Security: Sending Confidential Data Over Outlook?

Email is a primary source of communication for businesses, with the average office worker receiving 121 emails a day and an estimated 85% of UK adults using their private email at least once a week. For businesses, email is a quick and simple way to send documents that contain confidential information, but is it safe?

How Safe are Email Communications?

Email was created to be a simple file-sharing system between local computers at MIT, but quickly developed into an instant form of communication for people worldwide. These humble beginnings mean that email was never designed with security in mind. Messages are left open to risk at several points in the journey from sender to recipient.

An email travels through multiple servers to arrive at your recipient’s inbox. If someone manages to intercept your message at one of these points, they could read any private information it contains.

Email is also unprotected from human error, with a survey revealing that 52% of respondents have unintentionally sent an email containing sensitive information. Misfired emails can result in data breaches, which have cost businesses worldwide an average of $4.24 million (roughly £3.06m) in 2021 alone. What are email providers doing to counteract this?

Email Spotlight: Outlook

Microsoft Outlook is a popular email provider used by 400 million people worldwide, renowned for its excellent organisation and communication capabilities. However, in recent months it has suffered multiple attacks on its Exchange server software, with the intent to steal data from its networks. This had led businesses to question Outlook’s security.

Outlook Email Encryption

Outlook offers two different types of email encryption to users: Transport Layer Security (TLS) and Microsoft Purview Message Encryption (MPME).

TLS is available across all large email platforms and is free to use. However, TLS only encrypts the connection with your recipient, not the contents of your email. This leaves your messages vulnerable to anyone who manages to access the channel.

MPME, on the other hand, encrypts the text and attachments within your emails, and prevents your emails from being forwarded by recipients, offering you that extra level of protection. The downside is that it lacks more advanced capabilities like full revoke and multi-factor authentication needed by businesses in regulated sectors.

Outlook Email Recall

Where Outlook offers encryption to protect against email interception, email recall protects against inadvertent email misfires. Outlook email recall gives you the capability to retrieve a message from your recipient’s inbox after you have sent it. This sounds great in theory, but in practice it doesn’t always work, due to several limiting factors:

  • If the message has already been opened
  • If the message is redirected to another folder
  • Which email client you are both using
  • How you’re accessing Outlook

This is a significant list of criteria for email recall to work, and as such, many recalls fail, increasing the chance for any sensitive email within misfired emails to fall into the wrong hands.

Find out more about Outlook recall.

Should I be Sending Sensitive Emails Over Outlook?

When looking at Outlook’s email encryption and recall capabilities as they currently stand, the risk of email interception and mis-sending has still not been fully counteracted, leaving data at risk. Luckily, there is something you can do to improve the overall security of your Outlook email.

Download Secure Outlook Add-ins

To boost the security of outbound messages, secure email solutions are now available, many of which are downloadable add-ins that integrate directly with Outlook. Mailock is the most robust example of this, filling the gaps that Outlook’s inbuilt security measures leave.

Mailock offers end-to-end encryption, protecting both the message contents and any attachments, whether your email is on the move or within an inbox. Mailock also allows you to revoke emails completely, whether recipients have previously read the message or not.

Learn more about the Mailock for Outlook.

Return to listing