2 Nov’17

Azure and Office 365Emails encryption in Office 365


Encryption is the process by which information is encoded so that only an authorized recipient can decode and consume the information.


The process to setup and enable Office 365 Message Encryption is easy. There are three main steps that need to be followed:

  1. Activate Azure Rights Management.
  2. Setup Azure Rights Management for Exchange Online.
  3. Setup transport rules to enforce message encryption in Exchange Online.

Step 1: Activate Azure Rights Management for O365 Message Encryption.

  1. Sign in to Office 365.
  2. In O365 Admin Center, go to Settings > Services & Add-ins and select Microsoft Azure Information Protection.
  3. Click on Manage Microsoft Azure Information Protection settings and you will be redirected rights management Activate the Rights Management.

Step 2: Set up Azure Rights Management for O365 Message Encryption.

  1. In this step we will use PowerShell to connect to Exchange Online, Open PowerShell as Administrator and enter the following commands to connect and import the session
    Set-ExecutionPolicy RemoteSigned
    $cred = Get-Credential
    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri
    https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic –AllowRedirection
    Import-PSSession $Session
  2. Verify your IRM is not already configured
  3. Configure RMS with the online key-sharing locationfor Exchange Online with PowerShell (locations below).

    Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc 

    Location RMS key sharing location
    North America https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc
    European Union https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc
    Asia https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc
    South America https://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc
    Office 365 for Government https://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc

  4. Import the Trusted Publishing Domain(TPD) from RMS Online

    Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”

  5. Verify successful setup of IRM in Exchange Online.

    Test-IRMConfiguration –sender admin@domain.com

  6. Disable IRM templates in OWA and Outlook.

     Set-IRMConfiguration -ClientAccessServerEnabled $false

  7. Enable IRM for Office 365 Message Encryption.

    Set-IRMConfiguration -InternalLicensingEnabled $true

  8. Viewthe IRM Configuration.


Step 3: Create transport rule to encrypt message.

  1. In Office 365 Admin Center, go to Exchange Online Admin Center.
  2. Go to Mail Flow > Rules.
  3. Click the + and create your transport rule.
  4. This rule will encrypt anything that is sent external.
  5. Make sure the rules are active.
  6. Testing that the transport rule applies Office 365 Message Encryption.


Its easy to encrypt your mail and secure it in Office 365.

Written by

Abhishek Kumar

Support Engineer

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.

Want to streamline your business processes?

  • This field is for validation purposes and should be left unchanged.

Recent Articles

  • Dynamics 365 Client Diagnostics

    15 March’ 2018

    Main cause of Performance Issues: Bandwidth and latency are the primary characteristics which affects the performance o...

    Read more
  • Closing Blind Shift in MPOS and CPOS in Dynamics 365 for Retail

    15 March’ 2018

    Manual For closing Blind shift in POS: Blind shifts terminate the currently ongoing shift and when logged in a new shif...

    Read more
  • Persistent Filters in the Power BI Service

    13 March’ 2018

    Introduction: The feature is finally release, and it is power BI has announced general availability of persistent filt...

    Read more
  • Cause and Solution for Scribe MSMQ not receiving Message from AX

    10 March’ 2018

    Issue: Microsoft Message Queuing (MSMQ) service running on Server might be unable to receive messages. Therefore, messa...

    Read more
  • User Privileges on SharePoint – D365 Document Integration

    10 March’ 2018

    Overview: Often, we wonder what could be wrong where we see a generic error on Documents in Dynamics 365. Something lik...

    Read more