As more and more information is exchanged through email, it’s important to think about the security and confidentiality of that information. What are the privacy concerns on the messages you are sending? What information needs to be sent using an encrypted email? How difficult is it to send an encrypted email?
Outlook offers solutions to many of these concerns with their permissions settings. This article will cover the basics of permissions in Outlook as well as how to enable them when sending a new message.
What are Outlook permissions?
Permissions can be applied by the sender when a message warrants it. Applying a specific permission is a 3 step process.
- Open a new email draft (or use one you are currently working on).
- Go to options
- Click on permissions
This will give you a few different options for setting restrictions and/or labels on your message and any attachments. We’ll go over the default options in a little more detail.
The basics: This message is encrypted, recipients cannot remove this encryption.
Use this when: This type of message requires encryption (such as financial information). Encryption will change the message from plain text to a coded message while in transit. When the recipient receives it, they can decrypt it to read the message.
What the recipient will experience: If they use Office 365, they can use the link provided in the email and open your message in webmail. If the don’t they will have to request a one time passcode to decrypt the email. This tends to require some coordination and expectation on the recipient.
Do not forward
The basics: Recipients can read this message but cannot forward, copy, or print the message.
Use when: You have concerns for intellectual property/confidentiality. This makes it difficult for the information to be spread beyond where you send it.
What the recipient will experience: They will see a label that the message has the above restrictions. If they are not an Outlook user, they will have to log into the secure message center much like the encrypted email above. In any case, if they try to forward, print, or download the email, they will receive an error message.
The basics: Marking an email as confidential protects documents so only users with your domain (your company users) can access them.
Use when: You want to send a document that should not be shared externally.
What the recipient will experience: They will see the message marked as confidential but will otherwise have no issues accessing it. If it is sent to someone outside of your company they will be prompted to log into Office 365 and will receive an error message instead of being able to access the email.
The basics: Using the internal permission setting marks documents for internal (your company) use only. However, this policy does not enforce internal only the way do not forward or confidential would. Its just a label.
Use when: You want to urge caution and discretion for internal emails, but don’t want to require anyone to have to be logged into Office 365 to access the information.
What the recipient will experience: For recipients within your company, there will be a label marking the email as internal. If an external recipient is added they will receive the secure message email and and error will occur when they try to open it.
Customizable permissions options
The above are the default options on the latest version of Outlook. However, your administration can set additional custom permissions if desired such as a certain permission set for finance emails. If you have an older version of Outlook installed, you may not see the same options as above. Always get the latest updates to Outlook and other Office 365 applications by getting a subscription model of Office 365.
Using these options, you can better protect the data you transmit and help ensure that information stays where it belongs. We recommend using this tool as a part of your information security policy. Don’t have a defined Infosec policy? Contact us to get in touch with a vCIO.
Subscribe to Valiant's Monthly Email Digest
Valiant's monthly email digest is filled with original content written by our staff, tech news, and business insights.