Virtru Blog

Email Encryption

How to Encrypt Email in Outlook: The Hard Way and the Easy Way

October 7, 2016

Like any tool, email encryption only works when you use it. Microsoft Outlook has a native encryption feature, which is fairly secure when used properly, however it has some serious drawbacks. Setup is complicated and time confusing, and Outlook email encryption can’t be used to communicate with most recipients.

Fortunately, Virtru offers a secure, client-side Outlook encryption application that lets users send encrypted messages and attachments to any recipient. It takes only a couple minutes to setup, encrypts with a single click, and adds extra features that give you more control of your email account. Below, you will learn how to encrypt email in Outlook with and without Virtru, allowing you to decide which is the best secure email service for your needs.

How to Encrypt Email in Outlook: The Basics

Before you can use stock Microsoft Outlook email encryption, you need to configure it manually. First, you’ll need to acquire a digital certificate AKA, a Digital ID — basically, an electronic seal that confirms your identity. To do that, go to the file tab and select Options > Trust Center > Trust Center Settings > Email Security > Get a Digital ID.

You’ll have to choose a third-party certification authority from the list. These organizations issue certificates to help prevent bad actors from impersonating other users’ identities. Each certification authority has its own terms and registration procedures, so you’ll have to do some research to choose the right one for you. You may use a single ID, or separate certificates to confirm your identity (a digital ID) and encrypt your data.

Once you’ve chosen and activated your certification, choose your encryption method. Under the Email Security submenu, select Encrypted e-mail > Settings.

Go to Security Setting Preferences, select New and create a name for your settings. Then, select a cryptographic format (e.g. S/MIME) and choose your certificate under Signing Certificate. Select Send these certificates with signed messages so that your recipients will receive confirmation of your identity.

So now you’re ready to encrypt Outlook email, right? Well, not quite. You’ll have to exchange signatures with your recipient before you can start exchanging messages.

To do that, open a digitally signed message from your recipient, right-click on the sender’s name and select Add to Outlook Contacts (or Edit Contact if they’re already a contact) to store the contact’s certificate. This allows you to send encrypted email to that recipient. Because your messages are automatically signed, the recipient will be able to send an encrypted reply — assuming they use the same type of email encryption.

How to Encrypt Email in Outlook: Issues With Outlook’s Built-in Encyption

Because it uses older public-key encryption standards like S/MIME, Outlook’s email encryption has limits that may make it unsuitable for many users. It only works if your recipient is using the same encryption standard, and has already sent you their key.

That’s fine if you’re only sending mail internally, but it will protect little to nothing you send outside of your organization. Very few recipients are using encrypted email, and those who do may use a different encryption standard. S/MIME is not widely supported by browser-based email systems, so it may not even be an option for your recipients.

Additionally, S/MIME is vulnerable to certain kinds of attacks including a message takeover attack — a type of man-in-the-middle attack. A third party can intercept your message, change it, and add their own signature, impersonating you. Depending on their client, the recipient may have no way to verify if the message comes from you. Other common encryption standards like PGP have their own weaknesses, and can be tricky to implement.

Additionally, S/MIME doesn’t use Perfect Forward Secrecy (PFS) — i.e., it uses the same encryption key each time. If a hacker cracks or steals that one key, they’ll be able to open everything you’ve encrypted.

How to Encrypt Email Easily in Outlook: Virtru Installation & Activation

Virtru overcomes all the limits of S/MIME. Users can send emails to anyone without exchanging certificates first — even if the recipient doesn’t use Virtru. PFS provides an extra measure of protection, and automatic encryption key management stores keys securely, preventing hackers from intercepting them.

To get started:

1. Download the Virtru Secure Email plugin for Outlook.

2. Once the download is complete, close Outlook, click the file and select Run (if you don’t close Outlook first, you’ll be prompted to during installation). An install window will open. Click Install and follow the instructions.

3. Now, open Outlook. You’ll see a Virtru Welcome screen.

4. Click AUTHORIZE ME, select the addresses you want to authorize.

5. Click ACTIVATE THESE EMAILS. A dialog box should pop up with the message SUCCESS! along with some basic Virtru tips. A Virtru tab will also show up at the top of the screen, with options and controls.

See just how easy it is, in this very quick demo video:

That’s it — you’re ready to encrypt Outlook email with Virtru.

How to Encrypt Email in Outlook with Virtru

To send an encrypted message in Outlook with Virtru:

1. Click New Email.  You’ll see a Virtru Off button at the top of your message. When you click it, it will turn blue and say Virtru ON, indicating that your message will be encrypted.

2. Write your message, add attachments, and click Send as usual.

And that’s it!

Virtru Encryption in Outlook

If your recipient has Virtru, your message will immediately decrypt when they open it. If they don’t have Virtru, they’ll be given a couple quick prompts (to verify their identity), and once this is done, your message will decrypt within Virtru’s Secure Reader. Your recipient will be able to send a secure reply and add attachments to the message through the reader. Watch this quick demo to see what your recipients (who don’t have Virtru) will see and experience when opening your Virtru secured message:

How to Encrypt Outlook Email with Virtru — Personalized Introductions

Each Virtru encrypted email has an unencrypted introduction, explaining that the message is encrypted with Virtru. If you’re sending a Virtru email to a recipient for the first time, you may want to explain why the message looks different so they won’t mistake it for spam. Click Personalize Introduction, and write your own introduction.

How to Encrypt Email in Outlook: Virtru Pro Features

Virtru Pro adds extra features to give you more control of your emails and support data security. Virtru Pro users can:

Set Expiration Dates on Messages

To set message expiration, just click Set Expiration and input the date and time when the message should expire, in the MESSAGE window before you hit Send.

Virtru Message Expiration in Outlook

Disable Message Forwarding

To disable forwarding, click Disable Forward in the MESSAGE window before you send the message.

Virtru Disable Forwarding in Outlook

Recall an Email in Outlook — Even After it’s Been Read

To revoke access, open the message in your Sent Mail folder. You’ll see a red hand icon with “Revoke” printed under it. When you click it, the icon will turn to a blue eye that says “Enable,” and the recipient will lose access the email and attachments. To re-enable message access, just click the eye. Sent message encrypted with Virtru also have icons for disabling forwarding and setting an expiration date.

Virtru Revoke in Outlook

Track, Control Forward and Read Receipts: All From Your Virtru Dashboard

Virtru Pro users can also track who has read a message, (as well as who your message was forwarded to if you didn’t disable forwarding). In Your Virtru Dashboard (which can be accessed anytime at: secure.virtru.com/dashboard), you will be able to view a list of all  of your encrypted emails, along with basic information like subject line, sender, recipients and date under the ALL EMAILS menu. Near the right side of the screen, you’ll see an envelope indicating whether the message has been opened (green) or not (grey). On mouseover, it will give you information on how many of the recipients have read the message (e.g. “1 of 2.”)

Virtru Dashboard

Click a message to see more detailed information and to change security settings. When a message is encrypted with Virtru, you can change the settings even after your message has been sent and read. You can choose to disable/enable forwarding, add/change/remove expiration settings, as well as revoke or restore access to a message. The Revoke bar near the top will remove all recipients’ access.

Virtru Dashboard Revoke

If you wish to only revoke access to one user, find their address under Allowed Users and click the Revoke icon next to it.

Virtru Forwarding Control Settings

Learn More About Outlook Email Encryption With Virtru

Virtru isn’t just a tool to encrypt emails — it’s a way to take control of your online security without complicating your workflow. Use these resources to learn more about what Virtru can do for you.

Author Virtru

More posts by Virtru

BEFORE YOU LEAVE

Stay Up to Date With the Latest in Digital Privacy

Subscribed! 

REQUEST A DEMO

How many people are in your organization?

Which product are you interested in?

REQUEST A DEMO

REQUEST A DEMO

We'll reach out to schedule a time.