Email encryption RRS feed

All replies

  • I would say most organizations do not encrypt email because of the added complexity.

    But on second thought... that depends on what type of encryption we are talking about.

    Encryption can protect email in various ways.

    Webmail (OWA in the Exchange world) is almost always encrypted: https versus simple http (CAS role).

    Messages sent between mail servers can be encrypted with TLS if both servers agree to do so (opportunistic TLS). That's for the HT role.

    Encryption of email stored on mail servers (MB role) is less common but possible. There are two major options here:

    -S/MIME (for signing and encryption)

    - IRM  (Information Rights Management) using AD RMS.

    In the later case, email can be encrypted so that the intended recipient cannot print or forward it (accidently or intentionally).

    This is probably the most complex option to implement, requiring both certificate services and RMS.

    Of course, beyond the native Outlook/Exchange options, there are also 3rd party options.

    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

    Friday, November 15, 2013 11:54 AM