› Others › Emails encryption in Office 365

Emails encryption in Office 365

 Abhishek Kumar   Leave a comment


Encryption is the process by which information is encoded so that only an authorized recipient can decode and consume the information.


The process to setup and enable Office 365 Message Encryption is easy. There are three main steps that need to be followed:

  1. Activate Azure Rights Management.
  2. Setup Azure Rights Management for Exchange Online.
  3. Setup transport rules to enforce message encryption in Exchange Online.

Step 1: Activate Azure Rights Management for O365 Message Encryption.

  1. Sign in to Office 365.
  2. In O365 Admin Center, go to Settings > Services & Add-ins and select Microsoft Azure Information Protection.
  3. Click on Manage Microsoft Azure Information Protection settings and you will be redirected rights management Activate the Rights Management.

Step 2: Set up Azure Rights Management for O365 Message Encryption.

  1. In this step we will use PowerShell to connect to Exchange Online, Open PowerShell as Administrator and enter the following commands to connect and import the session
    Set-ExecutionPolicy RemoteSigned
    $cred = Get-Credential
    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri
    https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic –AllowRedirection
    Import-PSSession $Session
  2. Verify your IRM is not already configured
  3. Configure RMS with the online key-sharing locationfor Exchange Online with PowerShell (locations below).

    Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc 

    LocationRMS key sharing location
    North Americahttps://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc
    European Unionhttps://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc
    South Americahttps://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc
    Office 365 for Governmenthttps://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc

  4. Import the Trusted Publishing Domain(TPD) from RMS Online

    Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”

  5. Verify successful setup of IRM in Exchange Online.

    Test-IRMConfiguration –sender admin@domain.com

  6. Disable IRM templates in OWA and Outlook.

     Set-IRMConfiguration -ClientAccessServerEnabled $false

  7. Enable IRM for Office 365 Message Encryption.

    Set-IRMConfiguration -InternalLicensingEnabled $true

  8. Viewthe IRM Configuration.


Step 3: Create transport rule to encrypt message.

  1. In Office 365 Admin Center, go to Exchange Online Admin Center.
  2. Go to Mail Flow > Rules.
  3. Click the + and create your transport rule.
  4. This rule will encrypt anything that is sent external.
  5. Make sure the rules are active.
  6. Testing that the transport rule applies Office 365 Message Encryption.


Its easy to encrypt your mail and secure it in Office 365.

Liked it? Share it.

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.