News from IT that isn't just for geeks

Email Encryption in Office 365

Posted on: August 10th, 2017 by IT Security

Email EncryptionThe UM Office of Information Technology is now providing an email encryption service. This is available to everyone with an email address.

Email, even when encrypted, is not an appropriate medium for transmitting many types of data. Any data protected by FERPA (student identification, grades, etc.), HIPPA (personally identifiable medical information), GLBA (credit and banking information), or US government classification (confidential, secret, etc.) should NEVER be emailed to or by anyone regardless of encryption. This kind of information is very valuable, and should be treated as though very smart and sophisticated attackers are attempting to steal it from our organization at all times. If you have any doubts as to whether a particular type of information falls under one of these regulatory regimes, contact us for clarification.

That said, there are other kinds of information that University faculty and staff members may wish to transmit with a little extra protection. Email encryption in Office 365 adds a layer of protection for this kind of information while also preserving most of the convenience of email communication. Examples may include: sharing research ideas or results with collaborators; submitting reviews for a professional journal; transmitting one’s own protected IP to an authorized party; and more. These data types fall outside of regulatory frameworks, and the balance between security and convenience in handling them is left to the individual user. Encrypted email is one tool available to University employees as they attempt to find the security/convenience balance that works for their specific purposes.

Please visit the website below for additional details and instructions.

As a reminder, the UM IT Appropriate Use Policy specifies that you may NOT use personal email accounts to conduct official UM business. Office 365 is the main email platform for UM employees, and the user is responsible for any content that is sent through email. Please see the policy section of the IT Security website for additional details. Thank you for your cooperation and assistance in launching this new service.

Tags: ,