Securing the cloud: Message-level encryption in Office 365

Egress | 1st Jun 2016

If current trends continue, in the not too distant future all organisations will use hosted mailboxes. The huge uptake and success of Office 365 for mail services indicates that the days of on-premise mailboxes are numbered.

Organisations are moving to Office 365 because they understand that the reduced cost, reduced infrastructure requirements, and practically limitless scalability and storage means that they can be more flexible, powerful and productive than ever.

This reduction in infrastructure complexity means organisations can be more agile, able to respond to changes more efficiently, and the lower costs mean resources can be reallocated elsewhere.

In short, Office 365 makes sense.

At the same time, organisations moving to Office 365 do not want to expose employees and customers to insecurities that can arise from not taking the correct care when working in the cloud. When work is stored elsewhere, shared everywhere more easily and collaborated upon, it can be hard to maintain control and keep track of sensitive data.

Enter: Egress Protect.

With Protect deployed, organisations can be sure that their sensitive data is protected as it is shared, edited and created within hosted environments and mailboxes. By the end of this post, you’ll have a greater understanding of how Protect can bring additional value to a hosted, Office 365 environment.

Cloud security considerations

Despite the benefits Office 365 provides, there remain some barriers to its adoption, especially in the enterprise space. It is a difficult task to maintain information security compliance while benefiting from the flexibility and connectivity that cloud infrastructure provides, and there are some important issues that organisations need to address before migrating to Office 365:

  • How will we secure our emails and file attachments, to protect sensitive data?
  • Where is our data being stored? How can we ensure uptime?
  • How can we make sure our staff send emails securely when sending sensitive information?
  • How can we keep track of the flow of sensitive data in and out of our organisation?

By providing secure, user friendly solutions to these issues, Protect can encourage enterprise adoption of Office 365.

Trustworthy, simple message encryption

By integrating seamlessly into Outlook, Protect enables users to send secure emails and attachments, with no file size restrictions. Recipients can reply for free, using their own email address, and don’t need to download any software to access secure content that they have received. Better still, the Outlook add-in lets recipients of secure emails encrypt these messages at rest.

Senders always remain in control, even after their sensitive data has left their own network. Being able to revoke access to emails at any time, and reject access requests from any unwanted recipients means that you never have to give up control of your data.

Lack of auditing functionality is a critical barrier to adoption of Office 365 in the enterprise space. Being able to audit the sensitive data flowing in and out of the organisation is crucial for compliance and control. Being kept in the dark, not being able to see who is sending sensitive data unprotected, leaves businesses especially vulnerable to data breaches. Only with Protect can you be sure that all sensitive data can be tracked and protected as it flows in and out of the network.

User adoption is essential

At the most basic level though, the key to secure messaging when using Office 365 is not a technical feature option; it's the user. For a secure messaging solution to be effective at protecting sensitive data, it needs user buy-in. People need to adopt it and make it part of their usual workflow. Overly complicated, inflexible solutions encourage the worst-case scenario; complacency. They encourage the assumption that data is secured, even when their unwieldy nature causes low user uptake.

Protect has been designed from the ground up as a way to avoid this danger, and represents the most user-friendly, streamlined and integrated Office 365 email encryption available. It sits perfectly within existing working practices, requires minimal user training, and presents no barriers to entry for recipients to access and reply to secure content.

Why we do what we do

Protect can aide adoption of Office 365. It can encourage enterprise organisations to move to a hosted mail service because they have the reassurance that data security and compliance is still maintained, they maintain control of their sensitive data, and they can be confident of secure messaging uptake since Protect integrates perfectly into their existing working habits. Even when communicating with people outside the organisation, data exchange is kept secure and simple, thanks to the recipient’s ability to sign up and reply for free, using their existing email address, without even having to download any software.

With more organisations moving to Office 365, the need for easy-to-use encryption has never been greater.