Trinity Email Encryption

You can send encrypted mail directly from your Trinity account when you need to protect sensitive details. Encryption limits who can read the message and helps prevent unauthorized access.

When you should use it

Use encryption when you share anything that contains personal data, financial details, student records, or information you don’t want forwarded. Encryption in Microsoft 365 is a security feature that protects emails, files, and data (not subject lines) by converting information into an unreadable format. Only authorized users with the correct decryption key can access the content, ensuring confidentiality and compliance.

Why send an encrypted email?

People sometimes use email to exchange sensitive information, such as financial data, legal contracts, confidential product information, sales reports and projections, or customer and employee information. With Microsoft 365 Message Encryption, encrypted email messages can be sent between people inside and outside of the college. Microsoft 365 Message Encryption works with Outlook.com, Yahoo!, Gmail, and other email services. Email message encryption helps ensure that only intended recipients can view message content.

What is the tradeoff when sending an encrypted email?

Encrypted email adds an extra layer of security to the message, but may also require additional steps for the recipient to view it. Encrypted email messages can be read directly in Outlook on the web (OWA), in Outlook for iOS and Android, and in Outlook for Windows versions 2019 and Microsoft 365. Other email clients will see a message with a link. That link will take Microsoft 365 users to OWA to read the message. Users with other email accounts will be prompted to obtain a one-time passcode and read the message in a browser window.

For more information on message encryption, see:  Send, view, and reply to encrypted messages in Outlook for the PC

Encryption Options

Outlook for Windows, Outlook for Mac, and Outlook on the web provide several encryption options:

1. Encrypt-Only – The message is encrypted in transit and at rest in the recipient’s mailbox, including any attachments. Recipients cannot remove the encryption, so forwards and replies to the message remain encrypted.
2. Do Not Forward – The message is encrypted in transit and at rest in the recipient’s mailbox, including any attachments. Recipients can read this message but cannot forward, print, or copy content. The conversation owner retains full access to their messages and all replies.
3. Confidential – The message is encrypted in transit and at rest in the recipient’s mailbox, including any attachments. This content is proprietary information intended for internal (Trinity) recipients only. External recipients will not be able to open the message.
4. Confidential View Only – The message is encrypted in transit and at rest in the recipient’s mailbox, including any attachments. This content is proprietary information intended for internal (Trinity) recipients only. External recipients will not be able to open the message. Additionally, this content cannot be modified, copied, or printed.

Additional Notes:

• Avoid putting sensitive information in the subject line. Subject lines are never encrypted.
• Recipients outside Trinity may need to verify their identity or register before they can open an encrypted message. Let them know ahead of time so they know what to expect.
• Attachments up to 150 MB can be sent, depending on the recipient’s mailbox limits.
• Office documents can be restricted from being copied, printed, or forwarded when using Do Not Forward.
• Encrypted messages and attachments do not expire for the recipient.