How does Microsoft Purview Message Encryption work?
Microsoft Purview Message Encryption (MPE, formerly Office 365 Message Encryption, OME) combines email encryption with rights management functions. The rights management functions are provided by Purview Information Protection (formerly Azure Information Protection, AIP), which in turn is based on Azure Rights Management (Azure RMS), which is used by Purview Information Protection. Azure RMS enables the protection of emails and documents through encryption and access control.
Users can encrypt emails and various attachments, with encryption applied to individual documents. For example, administrators can define message flow rules to encrypt all messages to a specific recipient so that the recipient cannot copy or print the content of the message.
Outlook and Outlook on the Web users can send encrypted emails directly from the client or interface. Administrators can set up message flow rules to automatically encrypt emails based on keywords, matches or other conditions.
Recipients who also use an Entra ID account (formerly Azure AD) can then easily decrypt the emails. All other recipients can authenticate themselves to Entra ID using a one-time passcode, for example, in order to access the encrypted emails.
NoSpamProxy offers standards-based encryption with S/MIME 4.0 and PGP
In contrast to the proprietary encryption solution MPE, NoSpamProxy Encryption is a gateway solution that uses the recognized S/MIME standard for encrypting emails. This also includes the central management of certificates and keys. In addition to S/MIME, you can also use PGP encryption. With the NoSpamProxy add-in for Microsoft Outlook, you can control the encryption of your emails directly and thus specify whether NoSpamProxy should encrypt the email directly in Outlook.
S/MIME 4.0 is the latest version of the recommended and internationally agreed standard for the electronic signing and encryption of emails. NoSpamProxy offers full support for the S/MIME 4.0 standard and is therefore the only product in its class to fully comply with the currently updated specifications and recommendations of the German Federal Office for Information Security (BSI) for federal projects. In this way, you create legal security and confidentiality through reliable email encryption and at the same time ensure full compliance with the General Data Protection Regulation (GDPR).
The PDF mail function offers an additional way of sending emails and documents securely without making any demands on the recipient. When encrypting emails with NoSpamProxy Encryption, our encryption solution automatically converts the email and all attachments into a password-protected PDF document. Alternatively, the recipient can assign their own password by logging into the NoSpamProxy Web Portal and only need a PDF reader to open the document.
S/MIME and Microsoft Purview message encryption also work in combination
The use of S/MIME encryption and MPE is also possible without any problems. This means that an email already encrypted with MPE can also be encrypted on the basis of S/MIME with the help of NoSpamProxy. In such cases, NoSpamProxy leaves the structure of the MPE-encrypted content untouched and applies the desired S/MIME encryption. The recipient must then first perform the S/MIME decryption (assuming appropriate certificates) in order to be able to fully decrypt the email.
No yet using NoSpamProxy Encryption?
Request your free trial version now!