In Microsoft Outlook 2010, what is the difference between these two e-mail encryption methods?

A work desktop has Windows 7 Enterprise operating system and Microsoft Outlook 2010 e-mail client. The employer uses Microsoft Exchange for the e-mail server.

Desktop keyboards feature a slot for inserting a PIV card. An employee inserts his PIV card to log-on, and once logged on, he opens Microsoft Outlook 2010. He composes an e-mail containing information that requires encryption. In order to encrypt, he has two available methods, indicated by the two following images:

Method 1:

Method 2:

What are the differences between the two types of encryption methods offered in the aforementioned images?

user76275

Posted 2017-02-05T01:23:36.220

Reputation:

Answers

The previous response is not correct. Encrypt Only, as the name indicates, DOES encrypt the email. The only difference between using Encrypt and Encrypt Only is that, by default, Encrypt applies Encryption with a Do Not Forward policy (meaning the intended recipients can view and reply to the email, but not forward or copy). Encrypt Only also encrypts the email and grants rights to the intended recipients, but it does not apply tight restrictions on what the recipients can do: its recipients can forward, copy and print the email, for instance. Other than that, they behave very similarly and they use the same encryption, access controls and restrictions technology (RMS, part of Azure Information Protection). Hope this helps.

Herbys

Posted 2017-02-05T01:23:36.220

Reputation: 11

To my knowledge, the Permission tab only lets the sender grant/restrict what the receiver can do with the message. Most important, the "Encrypt Only" permission does not encrypt the message.

There are very few sources on this. The Microsoft article Send an e-mail message with restricted permission by using IRM says :

Information Rights Management (IRM), available in Microsoft Office Outlook 2007, allows individuals to specify access permissions to e-mail messages.

Custom permissions are those created by your e-mail administrator and based on company policies.

For example, here is what the article says for the "Do Not Forward" permission :

The following InfoBar of the new message displays Do Not Forward, indicating that the message is rights managed. This means that recipients cannot forward, print, or copy the message content. Only the person initiating the message, known as the conversation owner, has no restrictions.

My conclusion is that the "Encrypt Only" permission is just about useless. These permissions would only have effect under very restricted conditions and only in an all-Microsoft environment. In any case, it does not do any encryption, so that leaves you with only one encryption method.

harrymc

Posted 2017-02-05T01:23:36.220

Reputation: 306 093