But you may have some others you’d like to include.īefore proceeding, notice the link that says Select one… next to Apply rights protection to the message with… If you click on that, you will see a list of your default Azure RMS templates. I usually include “ encrypt” and/or “ encrypted” in the words list. I named mine: “ Allow users to encrypt email with subject line keyword.” In the drop-down for Apply this rule if… find the selection for The subject or body… > subject includes any of these words. In the dialogue that comes up, give the rule a name. Choose Apply rights protection to messages. Now navigate to mail flow > rules > new (+). Alternatively, we can make up a rule that allows users to decide when they want to encrypt messages, for example, by adding a keyword to the subject line such as “encrypt.”įrom the Office 365 Admin portal, switch over to the Exchange Admin Center by going to Admin Centers > Exchange. Now you can define rules that automatically encrypt messages when they meet certain criteria. Set-IRMConfiguration – ClientAccessServerEnabled $false How-to Define Email Encryption & IRM Rules Microsoft’s instructions suggest that you could also disable IRM templates from being visible to users in OWA and Outlook, which is optional. You should get an overall result of PASS. Test-IRMConfiguration -Sender with a sender in your own organization. To test the configuration, run the following:
Set-IRMConfiguration -InternalLicensingEnabled $true You will want to enable it for Internal as well as External, so run this command: You will notice that we have the value False for InternaLicensingEnabled, but True for ExternalLicensingEnabled. If you want to see where we are at so far, run Get-IRMConfiguration: Import-RMSTrustedPublishingDomain -RMSOnline -name “RMS Online” If you have created additional templates in the Azure Management portal, it would import those also. What does this do? It connects Exchange Online to your Azure tenancy and imports the Rights Management templates that are associated with your domain (remember: you should only have two by default). Next, we have to “import the Trusted Publishing Domain (TPD)” from the online RMS service. See this link for more details.įor North America, where I live, I must set the URL to the following: There is a different “RMS key sharing location” depending on which region of the world you are based in. Now, the first command you need to run to configure RMS will change slightly depending on your geography. You can verify successful connection to your Exchange server by running the command “ Get-Mailbox” and pressing Enter. $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection That variable is called in the following PS line. The Get-Credential command will bring up a dialogue box for you to enter your Office 365 administrator credentials, which are then stored in the variable $UserCredential. In order to enable Email encryption for Exchange Online, we will need to connect to your Exchange Online tenancy using PowerShell following these instructions, which are also summarized here: How-to Enable Email Encryption in Exchange Online Later, we will compare encryption to information rights management rules in a follow-up post. With the service enabled, users will be given a variety of options to help protect their data.īefore you proceed to enabling the Email encryption and defining your transport rules (below), you will want to be sure and Activate Azure Information Protection: Settings > Services & add-ins > Microsoft Azure Information Protection. The encryption feature relies on Azure Information Protection / Rights Management, and we will need to activate this service to get started. Enable Rights Management for SharePoint Online & OneDrive for BusinessĮmail encryption is a fantastic security feature included with certain Office 365 subscriptions.Compare Email encryption & Rights Management templates.Configure Email encryption for Office 365 (this post).Activate Azure Information Protection for Office 365.The Azure RMS service is a powerful tool that we can use to prevent data leakage and share information securely with users inside & outside of the organization.
This is a four-part post on Azure Information Protection (formerly Rights Management) for Office 365.
0 kommentar(er)
