2 Nov’17

Azure and Office 365Emails encryption in Office 365


Encryption is the process by which information is encoded so that only an authorized recipient can decode and consume the information.


The process to setup and enable Office 365 Message Encryption is easy. There are three main steps that need to be followed:

  1. Activate Azure Rights Management.
  2. Setup Azure Rights Management for Exchange Online.
  3. Setup transport rules to enforce message encryption in Exchange Online.

Step 1: Activate Azure Rights Management for O365 Message Encryption.

  1. Sign in to Office 365.
  2. In O365 Admin Center, go to Settings > Services & Add-ins and select Microsoft Azure Information Protection.
  3. Click on Manage Microsoft Azure Information Protection settings and you will be redirected rights management Activate the Rights Management.

Step 2: Set up Azure Rights Management for O365 Message Encryption.

  1. In this step we will use PowerShell to connect to Exchange Online, Open PowerShell as Administrator and enter the following commands to connect and import the session
    Set-ExecutionPolicy RemoteSigned
    $cred = Get-Credential
    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri
    https://outlook.office365.com/powershell-liveid/ -Credential $cred -Authentication Basic –AllowRedirection
    Import-PSSession $Session
  2. Verify your IRM is not already configured
  3. Configure RMS with the online key-sharing locationfor Exchange Online with PowerShell (locations below).

    Set-IRMConfiguration -RMSOnlineKeySharingLocation https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc 

    Location RMS key sharing location
    North America https://sp-rms.na.aadrm.com/TenantManagement/ServicePartner.svc
    European Union https://sp-rms.eu.aadrm.com/TenantManagement/ServicePartner.svc
    Asia https://sp-rms.ap.aadrm.com/TenantManagement/ServicePartner.svc
    South America https://sp-rms.sa.aadrm.com/TenantManagement/ServicePartner.svc
    Office 365 for Government https://sp-rms.govus.aadrm.com/TenantManagement/ServicePartner.svc

  4. Import the Trusted Publishing Domain(TPD) from RMS Online

    Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online”

  5. Verify successful setup of IRM in Exchange Online.

    Test-IRMConfiguration –sender admin@domain.com

  6. Disable IRM templates in OWA and Outlook.

     Set-IRMConfiguration -ClientAccessServerEnabled $false

  7. Enable IRM for Office 365 Message Encryption.

    Set-IRMConfiguration -InternalLicensingEnabled $true

  8. Viewthe IRM Configuration.


Step 3: Create transport rule to encrypt message.

  1. In Office 365 Admin Center, go to Exchange Online Admin Center.
  2. Go to Mail Flow > Rules.
  3. Click the + and create your transport rule.
  4. This rule will encrypt anything that is sent external.
  5. Make sure the rules are active.
  6. Testing that the transport rule applies Office 365 Message Encryption.


Its easy to encrypt your mail and secure it in Office 365.

Written by

Abhishek Kumar

Office365 Administrator

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.

Want to streamline your business processes?

  • This field is for validation purposes and should be left unchanged.

Recent Articles

  • Reading more then 10K records in D3FOE OData API

    11 July’ 2018

    Introduction: We all know Dynamics 365 Finance and Operations has limitation of 10K records to be fetched at a time usi...

    Read more
  • Paging in D365 Customer Engagement v9.0

    10 July’ 2018

    Introduction: The Xrm.retrieveMultipleRecords method is used to retrieve a collection of records in Dynamics 365 Custom...

    Read more
  • Set up Dynamics 365 connection in Microsoft Social Engagement

    10 July’ 2018

    Introduction: This blog explains how to Set up Dynamics 365 connection in Microsoft Social Engagement. Steps to be follo...

    Read more
  • Voice of the Customer failed to install

    10 July’ 2018

    Introduction: Many people face issues in installing Voice of Customer solution on v9 environment and trying repeatedly ...

    Read more
  • Scribe Insight AX as a Web Service Find Block issue

    10 July’ 2018

    Introduction: If we need to look up for any value from AX then we do it by using a Find Block in Scribe Insight Eg: Basi...

    Read more