The encryption button fiascoAlex Fields
I have done quite a few posts recently on the new Office Message Encryption (OME) features in Office 365 Exchange Online.
This past winter, Microsoft released version 2 of OME, which had some improvements over version 1, but came with some downsides/trade-offs also. Oftentimes, the downsides were so annoying, that many customers just ended up downgrading back to OME v1.
Even more recently, however, Microsoft released some updates to v2, including a new “Encrypt” template which was long overdue. And I think it is safe to say now that we should be embracing version 2–I have been working with it, and find that it is much improved, and basically what we’ve been asking for since, I don’t know, ever.
Now, the new version also introduced something else which probably should have been included all along: a button that allows you to easily encrypt your email messages, right in the UI:
The only problem is that this button is ONLY available in the Microsoft Outlook Web Access client (OWA)–e.g. the online portal for Microsoft Outlook in Office 365. An equivalent is not yet available in the normal Outlook client for Windows (and a majority of small and large enterprises alike still prefer the Outlook client over OWA).
So what this usually means is: organizations adopt a rule or series of rules which triggers encryption based on certain conditions. The most popular is to configure an encrypt rule based on a subject or body tag (matching some text pattern such as “Encrypt” or “SecureMail”).
As you can probably guess, I see this complaint probably more than any other: Why in the actual eff are we HERE?! Why not just have a simple button for triggering the encryption on demand? It’s a valid question. It is easy enough to misspell or mistype your subject line or body tag, right? SecreMail anyone? No? Compliance violation? Ooops.
So to be fair, in the new version of OME, Microsoft provides a (not easy to find) button which will allow you to apply the Rights Management templates–and these have the effect of encryption–if you don’t also mind the annoying permissions that they apply along with it. Confidential permissions mean that the message can only be sent within an organization, while the Do Not Forward permissions will prevent anyone from forwarding, copying or even printing the content.
But all we really want is to have an experience roughly equivalent to what is available in OWA. Is it so hard, Microsoft? Now I don’t write software code, so maybe it is. I dunno. But, as a workaround, here is what I am going to start recommending we do instead (and no coding required).
How to create your own encryption button
Simply create a “Quick Step” that automatically starts a new message with your subject line tag pre-inserted. Admittedly, it is a very low-tech solution, but it works. AND it works regardless of whether you’re using OME v1 or v2.
From the Home tab, click Create New under Quick Steps as shown below.
Then, simply fill in the details to create your rule.
2. Give it Name
3. Choose New Message for the Action.
4. Expand the options so you can fill in the Subject with your tag (e.g. Encrypt, SecureMail, or whatever)
5. Click Finish
(Note: the above rule could also be modified to use a body tag instead)
The result is, you now have a button in Outlook under your Quick Steps that will open a new message with the subject line tag already present.
Like I said, low tech. But it works. Note that there is no way to control this via Group Policy that I am aware of, so each user would need to set it up for themselves. For a higher-tech solution, something may exist, but it probably involves macros or some other light coding, maybe VBS scripts or something. Nothing I really want to spend time on. Of course what we really want, is for Microsoft to give us the same button’/options that we have in OWA already. Fingers crossed–other wishes of mine have come true lately…