Skip to main content

Secure email in Outlook

Outlook is one of the most popular email clients in the world. But is it a good choice if you want a secure e-mail? And what does it really mean to have a secure email? How can you ensure that you send and receive e-mails in a secure way? In this blog we will look at the problem with secure mail and Outlook and how I can receive and send secure mail in Outlook.


What does it mean to have a secure email?

A secure email means that the email you send or receive is protected against unauthorized access and hacking. A secure e-mail also ensures that only the intended recipient can read the content of the e-mail, and that data or content cannot be changed along the way. Secure mail includes authentication of sender and recipient as well as protection against spam, phishing and other forms of malicious content. Having a secure email is fundamental if you are to transfer personal data.


The problem with secure mail and Outlook

Outlook is a secure email client, but that does not mean that emails sent or received in Outlook are automatically secure. Outlook is simply an e-mail client. When you send an e-mail, it travels through many different servers and networks before it finally reaches its destination. It is still possible for unauthorized persons to gain access to the contents of the email. This applies both when the email is en route or when it is in sent mail afterwards. This happens because Outlook send emails unencrypted by default. If you want Outlook to send data securely, you must acquire a license for Office 365 E3.

Want to clean up your emails for sensitive information?

With an analysis scan by DataMapper, you can have all Outlook accounts in your company scanned. You will receive key statistics on all (current and former) employees' emails - including information on which emails, employees and processes generate GDPR risk.

How to send secure mail in Outlook?

If you do not want to buy an E3 license in Outlook, you should actually not send data in emails at all if you want to transfer content in emails securely. Instead, you should send the content via another service. Here you have three options:

1. Certificate-based solution
A certificate-based email solution uses digital certificates to authenticate the sender and encrypt the content of the email. Certificates act as digital identities and can be issued by a certification authority. When an email is sent from a certificate-based email account, the email includes a digital certificate that can be verified by the recipient to ensure that the email was sent by the correct sender and has not been altered along the way. This solution requires a local installation at both sender and receiver.

2. Tunnel mail
This is a Danish invention that uses encryption and tunneling to protect emails during transmission. It works by creating an encrypted tunnel between the sender’s and recipient’s mail servers. The mail is sent through this tunnel, from which it is protected.

3. An upload portal
This solution works by attaching the file to an email, but instead of the file being in the email, it is uploaded to a secure location. The recipient receives a link in the email from which the file can be accessed. An upload portal does not require certificates or special installation.


Choose the right encryption method

You must be sure that the service you use to send and receive content in emails uses a proper encryption method. As a starting point, there are four different encryption methods, namely S/MIME, PGP, DKIM or TLS.

S/MIME is an encryption and digital signature method for e-mails that requires a valid certificate from both the sender and recipient. The configuration can be difficult and can lead to incompatibility issues, making the solution problematic for individuals and organizations.

PGP (Pretty Good Privacy) is an encryption method for e-mails that requires third-party software on both the sender and receiver side. It is often used by individuals and organizations that want high security and confidentiality, but can be complex to use and incur additional costs and incompatibility issues. PSG also has known security holes.

DKIM (DomainKeys Identified Mail) combats spam and forgery of sender addresses in e-mails by signing e-mails with a digital signature that is verified by the recipient’s e-mail server. It can lead to false positives and block legitimate emails, and it focuses primarily on protecting against spoofing sender addresses and not on encrypting the content of emails.

TLS is an encryption protocol used to secure network communications, including email communications. TLS encrypts emails as they are sent and retrieved and is based on public-key encryption. It requires certificates and digital signatures for authentication. Mail servers exchange security certificates with public keys and use them to encrypt and decrypt emails. TLS requires support from both the sender’s and recipient’s mail servers.

Get our Newsletter!

In our newsletter you get tips and tricks for dealing with privacy management from our founder Sebastian Allerelli.

When you sign up for our newsletter you get a license for one user to ShareSimple, which will give you a secure email in Outlook. This special offer is for new customers only, with a limit of one freebie per company.

How to receive secure mail in Outlook?

The same principles and encryption methods apply here as when you send emails. When you need to receive files or data by mail in Outlook, you must have an E3 license. If you do not have this, you should avoid sending it in the mail in Outlook. You should use a service instead. Here you can either use a certificate-based solution, tunnel post or an upload portal.


The easy way to secure mail in Outlook

Having a secure email is essential for handling personal data responsibly. The emails you send and receive in Outlook are not necessarily secure. Here you have to either acquire an E3 license for Outlook or use a service that encrypts the data that is transferred.

At Safe Onlines, we have developed ShareSimple for Outlook. ShareSimple is an upload portal that completely removes sensitive content from emails. ShareSimple uses the TLS 1.2 encryption method during transmission and RSA encryption when the email is sent or received. In this way, you can be sure that you can both send and receive data in Outlook. Furthermore, ShareSimple also ensures that data is deleted after a given period, which is a requirement in the GDPR.

Sebastian Allerelli

Founder & COO at Safe Online
Governance, Risk & Compliance Specialist
Follow me on LinkedIn to get tips on GDPR →