Email Encryption

Data loss prevention

ECU has implemented Microsoft’s Exchange Online Protection (EOP) that includes a Data Loss Prevention (DLP) component. DLP scans outgoing email for certain “markers.” For example, DLP may flag numbers formatted like a social security number: xxx-xx-xxxx. Since DLP cannot read the message but only filters for certain formatting, you must make the final decision for encryption. Visit the DLP page to learn how this works.


Encrypt an email

To ensure the security of sensitive email sent to recipients outside the ECU network, you are required to encrypt these messages by setting the confidentiality flag or using the [sendsecure] tag.

Encryption scrambles the message’s text and prevents a hacker from intercepting and reading the message during transit. Messages sent between ECU users on the ECU network are not encrypted.

Caution: Encryption can only be set through the email system – information emailed through a copier is NOT encrypted. Therefore, first send the copied information to your email inbox, then send to the recipient using one of the methods from the encryption tutorial.

Sensitive email examples

  1. Patient billing information sent to Vidant Medical Center
  2. Research data containing SSNs emailed to a research partner outside ECU
  3. Student records emailed to another university

Read an encrypted email

To read an encrypted email, click Read the Message, then sign in with a Microsoft account* or use a one-use passcode emailed to you. Note that there is an expiration date for the secure email as well. If you reply or forward the message, each recipient is required to be signed in to Microsoft.

*The email account associated with the Microsoft account must be the same email holding the encrypted message.

  1. Open the email and click Read the message. A browser window opens.
    ""
     
  2. From the browser window, choose to Sign in with Microsoft or sign in with a one-time passcode. You can also sign in with a Google account or a Yahoo ID.
    ""
     
  3. Choose your option:
    • Option 1. Sign in through either your ECU Office 365 account or a personal Microsoft account. A personal Microsoft account is often set up when you purchase a Windows device. 
    • Option 2. Sign in using a one-time passcode. An email containing the code is sent to your email inbox. Enter the code into the passcode text box to open the encrypted email.
      "" ""

Details

Article ID: 67353
Created
Thu 10/10/19 12:07 PM
Modified
Wed 4/22/20 8:24 AM