With this release, customers will have S/MIME support across Outlook, Outlook Web App (OWA), and Exchange ActiveSync clients. S/MIME for Outlook and EAS is already available on Exchange Online and S/MIME on OWA is being rolled out and is expected to be completed by early April.
Office 365 Message Encryption provides advanced security and reliability to help protect your information.
- Send encrypted email messages to anyone, regardless of the recipient’s email address.
- Provide strong, automated encryption with a cost-effective infrastructure.
- Eliminate the need for certificates and use a recipient’s email address as the public key.
- Communication through a TLS-enabled network further enhances message security.
- Enhance the security of subsequent email responses by encrypting each message in the thread.
Active Directory Rights Management Services (ADRMS) has been available for many years as an on-premises solution for customers to protect Office documents. Windows Azure Rights Management is a new cloud-based solution designed to deliver the same level of protection to customers using Office 365.
Windows Azure Rights Management provides a comprehensive policy-based enterprise solution to help protect your valuable information, no matter whom you share it with. For $2 per user per month, you get Information Rights Management capabilities such as Do Not Forward and Company Confidential, as well as Office 365 Message Encryption, which allows you send encrypted emails to anyone!
Information Rights Management is built to work across multiple workloads such as Exchange, SharePoint, and Office documents, and it makes it easier to set restrictions and provide permissions. Office 365 Message Encryption comes with a modern user interface that makes it easy to use.
Windows Azure Rights Management is included in the Office 365 Enterprise E3 and E4 plans. It can also be purchased as a standalone with these plans: Office 365 Enterprise E1, Office 365 Enterprise K1, Exchange Online Plan 1, Exchange Online Plan 2, and Exchange Online Kiosk.
The requirements for using Office Message Encryption are as follows:
- If you’re using Office 365, you must be on the newest (Wave 15) version of Exchange Online.
- If you’re using on-premises mailboxes, you must be using Exchange Online Protection or hybrid mail-flow.
Note: Forefront Online Protection for Exchange (FOPE) customers cannot use the new encryption service until they are transitioned to Exchange Online Protection.
Q. What are the technical requirements for using S/MIME?
A: In order to use S/MIME, you must meet following technical requirements:
- Set up a Certificate Authority (CA) to issue certificates for users on-premises for S/MIME purposes.
- Publish the user certificate in an on-premises Active Directory account in theUserSMIMECertificate and/or UserCertificate attributes.
- Use an appropriate version of DirSync to synchronize certificates from on-premises Active Directory to Azure Active Directory. These certificates will then get synchronized from Azure Active Directory to Exchange Online directory and will be used when encrypting a message to a recipient.
- IT administrators need to configure their tenant in Exchange Online with certificate information, including information about about the CA who issues their signed certificates and any intermediate certificates. This information is used by OWA when validating the signature of an email and ensuring that it was signed by a trusted certificate.