Decrypted | Insights from Virtru to Unlock New Ideas

How to Add Incremental Data Security to Microsoft 365 E3 - Virtru

Written by Editorial Team | Jul 16, 2021 3:58:23 PM

For organizations using Microsoft 365, there are a range of packages to choose from, each with different features and price points. As you would expect, the more security features you add, the more expensive the package becomes—especially as you move toward the packages for government and highly regulated industries. 

Virtru’s new Microsoft 365 Outlook Add-In gives organizations the ability to layer in sophisticated security controls, DLP management, and data visibility within any Outlook package. To understand the full picture of how Virtru complements Microsoft 365 Outlook, download our guide, Mitigate Risks and Gain Control of Your Data: Why You Should Add Data-Centric Encryption to Microsoft 365

Virtru Data Protection for Microsoft 365 E3

Encryption and Data Governance

There are some key areas where Microsoft 365 E3 does not deliver the same data protection value that Virtru can for your organization—particularly for highly regulated industries. While Microsoft’s high-priced, government-tier plans can meet these rigorous data protection standards, Virtru offers the same level of comprehensive data protection to every customer.

  • Send Encrypted and Rights-Protected Messages: While Microsoft’s E3 plan provides Office message encryption, Virtru adds data-centric, end-to-end encryption across protected messages. 
  • Encrypt/Protect Messages at the Object Level to Control Access at Any Time: Virtru provides this capability. If Azure Information Protection is being used within Microsoft, then E3 provides this capability, but legacy versions of Office Message Encryption do not. 
  • Support a Zero Trust Security Model Across Browser, Desktop, and Mobile Outlook Experiences: Virtru provides this support for every way you use Outlook today. Microsoft 365 E3 does not. 
  • Ensure Plain Text Cannot Be Accessed by Any Third Party: Microsoft 365 E3 does not provide this option. However, with Virtru’s data protection in place, Virtru (and other providers, including Microsoft) cannot access your content under any circumstance—we just manage access policies and broker key exchanges.
  • Detect and Investigate Advanced Threats: Virtru offers the ability to investigate outlier activity and unauthorized access. E3 does not. 
  • View Actionable Data Intelligence: With Microsoft 365 E3, you can only index the sensitive documents that are stored within supported Microsoft 365 workloads. However, with the Virtru Control Center, admins can see what data their organization is protecting, know where it’s going, manage who it’s shared with, and ensure it stays under the appropriate control.
  • Inbound Email Encryption: Virtru provides this option to its users; Microsoft 365 E3 does not offer this as an option. 

Support to Meet Regulatory Compliance

Many of Virtru’s customers use our data protection capabilities to support their compliance with various regulations. Microsoft 365 E3 does provide support for HIPAA compliance, as does Virtru. However, that is the extent of E3’s formal regulatory compliance support. Virtru, on the other hand, provides support for those who need to meet requirements for GDPR, CJIS, CMMC, and ITAR

Interoperability

For those managing hybrid workforces using various platforms, multi-cloud environments, devices, and applications, interoperability is a central concern. It’s important that your data protection capabilities span these hybrid environments. Unlike Microsoft 365 E3, Virtru is able to:

  • Operate with any public cloud provider
  • Support a hybrid use model (both Google and Microsoft) 
  • Securely email recipients with any email client or security setup
  • Ensure plain text cannot be accessed by any third party. 

Virtru works no matter what email client or security setup the recipient has in place, and Virtru can never access your data. With Microsoft 365 E3 alone, if your email travels outside of the Microsoft ecosystem, you might lose data security, residency, and control—and Microsoft can access your data.

Access Control Flexibility and Adaptability

To ensure broad adoption of security best practices, it’s important to provide end users and admins with granular controls that help them manage how their data is shared. 

  • On-Demand Access Controls Available to Both Admins and Users/Senders: Virtru provides out-of-the-box, granular access controls for messages and attachments. Microsoft 365 E3 includes limited access controls—currently, only “do not forward.”
  • Easily Add and Adjust Expiration Dates for Internal or External Recipients: Virtru provides this capability, but Microsoft 365 E3 does not. 
  • Easily Revoke Emails Sent to Internal or External Recipients: Virtru enables this everywhere you use Outlook. This is not offered with Microsoft 365 E3. 
  • Access Controls and Protection Extend to File Attachments: Microsoft Office attachments such as Word remain encrypted, but other formats, such as PDFs, can be downloaded without protection. However, with Virtru, users can apply watermarking and persistent file protection for most file formats to maintain control and revoke access at any time.

When it comes to securing data shared in Microsoft Outlook, Virtru adds an essential and highly valuable layer of protection to the Microsoft 365 E3 plan. With Virtru, you and your individual users can rest assured that your data remains safe everywhere it’s shared, and that it always remains under your control. 

To learn more about how you can add in an immensely valuable layer of security within Microsoft 365 E3 and other plans, contact Virtru to start the conversation.