Email Encryption

What is email encryption?

Email Encryption is a security measure that encrypts the content of email messages, ensuring that only authorized recipients can access and read the information.

When should I use email encryption?

Use email encryption when sending sensitive or confidential information. Some examples of sensitive information could be financial details, personal identification information, legal documents, or intellectual property.

Who should receive encrypted emails?

Encrypted emails should be used when sending sensitive information outside of the College when the message contains Personally Identifiable Information, Personal Health Information, or other sensitive details that anyone except the intended recipient should not see. Please see the Information Governance and Security Policy (PDF) for details on sensitive information.

If encryption is safer, should I encrypt every email I send?

While encrypting every single email may seem like an ideal approach to maximum security, there are practical considerations and extra steps that may be avoided for the recipients when receiving your emails.

Sending Encrypted Email

Follow the instructions below or watch this short video to learn how to encrypt your messages.

Encrypt messages in Outlook on your workstation

  1. In your Outlook message, click Option at the top of the window.
    Screenshot of Outlook with Options and Encryption menu highlighted
  2. A pop-up menu will appear with the email addresses you are associated with. Choose one of the options.Screenshot of Outlook with Encrypt menu options named Encrypt-Only, Do Not Forward, Confidential, Confidential View Only
    • Encrypt - Encrypts email messages to ensure confidentiality during transit. It does not restrict forwarding, copying, or printing the message. Encryption primarily focuses on protecting the content from unauthorized access.
    • Do Not Forward - Prevents the recipient from forwarding the email message to others. Recipients can still copy the content, print the message, and perform other actions. The purpose is to control the distribution of the message beyond the intended recipient.
    • Mohawk College of Applied Arts and Technology – Confidential - Encrypts the email during transit and prevents recipients from forwarding it to others. They can still copy the content, print the message, and perform other actions.
    • Mohawk College of Applied Arts and Technology – Confidential View Only - Highest level of control. The recipient can only view the message inside Microsoft 365. The email is encrypted during transit; recipients cannot forward, copy, or print it. This setting requires the recipient to use the appropriate Microsoft app to view the message.
  3. A message will appear at the top of your email confirming the level of encryption you selected.
    Screenshot of the encrypted message informational warning
  4. Finish writing your email and click Send.

Encrypt messages in Outlook on the Web

Encryption options are available online when you use Microsoft 365.

  1. Open your message in a new window to make the encryption options visible.
    Screenshot of Outlook Web with the Open New Window icon highlighted
  2. Click Options at the top of the message. Click the Lock icon for encryption options.
    Screenshot of Outlook Web with the Options and Encrypt menu highlighted
  3. Choose Encrypt or Do Not Forward.
    Screenshot of Outlook Web with encryption options showing Encrypt and Do Not Forward
  4. Finish writing your email and click Send.

Receiving Encrypted Emails

Receiving encrypted email through Outlook within Mohawk

Encrypted emails from Mohawk College addresses are automatically decrypted for you to read.

The email will have a Lock icon and a message at the top of the window.
Screenshot of Outlook with lock icon indicating the message is encrypted
Screenshot of Outlook with notification indicating the message is encrypted

Receiving encrypted emails outside of Outlook and Mohawk

Recipients outside of Mohawk must take extra steps to open encrypted emails. They will look different in different email apps.

  1. A symbol will show the email is encrypted.
    Screenshot of Outlook Web with warning icon indicating the email is encrypted
  2. The encrypted email will be an attachment to the message.
    Screenshot of an encrypted email showing instructions on how to open it.
  3. Click Read the message.
    Screenshot highlighting the button that says Read The Message
  4. Click Sign in with a One-time Passcode.
    Screenshot of Microsoft page with Sign In with One-Time Password option highlighted
  5. You will receive a one-time passcode in your email. The code will expire in 15 minutes.
    Screenshot of Microsoft page showing an example one-time password to be used to decrypt a message
  6. Enter the one-time passcode and click Continue.
    Screenshot of Microsoft page showing where to enter the one-time password with the Continue button highlighted
  7. The encrypted email will open.
    Screenshot of showing an encrypted email opened after entering the one-time password

How are attachments encrypted?

All attachments are encrypted. Recipients who access the encrypted email via the Office Message Encryption portal can view attachments in the browser.

Attachments behave differently after they are downloaded depending on the encryption option used:

  • Word, Excel, or PowerPoint files remain encrypted after downloading. If the recipient downloads the attachment and sends it to someone else, the person they forwarded it to cannot open it.
  • If the file recipient uses a Microsoft 365 account, they can open encrypted Office attachments on the Office apps for Windows and in Office apps across platforms.
  • All other attachments, such as PDF or image files, can be downloaded without encryption.