When sending emails that contain sensitive information (such as social security numbers, banking information, etc.), you should always encrypt your emails using message encryption for additional security. This provides enhanced protection against certain types of attacks that are able to get around the security used by most modern email providers. Below are instructions for both creating and opening encrypted emails using Microsoft 365. The file attached to this article can be sent to outside users to instruct them on how to open and reply to encrypted emails.


Creating an Encrypted Email


Sending an encrypted email is useful for not only sending confidential data through email, but it can also be helpful for receiving sensitive information. If a user outside of the City of Flagstaff organization needs to send confidential information to a City employee, the City employee can first send an encrypted email to the outside user. The outside user can then reply to the encrypted email and all of the contents of that email chain remain encrypted, regardless of the security of the outside user's email provider. 


There are two methods you can use to create and send an encrypted email.


Method 1: Type [ENC] in the subject line


  1. Create a new email.
  2. In the subject line of the email, first type [ENC] then followed by the rest of what you want to subject line to contain.
  3. Send the email.


Method 2: Use the "Encrypt" button


  1. Create a new email
  2. Click "Options" on the ribbon.
  3. Select one of the following options: (**Note that the last two options are only available if using the desktop version of Outlook**)
    1. Encrypt-Only – The message is encrypted in transit and at rest in the recipient’s mailbox, including any attachments. Recipients cannot remove the encryption, so forwards and replies to the message remain encrypted.
    2. Do Not Forward – The message is encrypted in transit and at rest in the recipient’s mailbox, including any attachments. Recipients can read this message but cannot forward, print, or copy content. The conversation owner retains full access to their messages and all replies.
    3. City of Flagstaff – Confidential – The message is encrypted in transit and at rest in the recipient’s mailbox, including any attachments. This content is proprietary information intended for internal (City of Flagstaff) recipients only. External recipients will not be able to open the message.
    4. City of Flagstaff – Confidential View Only – The message is encrypted in transit and at rest in the recipient’s mailbox, including any attachments. This content is proprietary information intended for internal (City of Flagstaff) recipients only. External recipients will not be able to open the message. Additionally, this content cannot be modified, copied, or printed.
  4. Send the email.



Opening an Encrypted Email


If an encrypted email is sent internally - from one City of Flagstaff employee to another - it will open like a regular email. However, if using the desktop version of Outlook, you might be required to double click on the message before it will open. This is due to how the desktop version of Outlook works with sending credentials back to the email server for verification.


For all outside users, they will be shown an email like the one below.






 Once the user clicks "Read the message", they are then redirected away from their email provider to Microsoft (outlook.office365.com) in order to verify their identity. Depending on the email provider, the user can choose to either validate their identity using Single Sign On (SSO) [option "A"] or a one-time passcode [option "B"].



 If the user goes with option "B" (or if that is the only option available), they will receive a separate email with a code that they will need to type in.




Once the user has been validated, they are then able to view and reply to the email. This all still occurs within the outlook.office365.com domain which is necessary in order to ensure email encryption is maintained by Microsoft. 




If the user chooses to reply to the email, their real email address is added to the CC field. This is because they are not replying directly from their email provider, but from a temporary account that Microsoft uses in order to maintain encryption over the email chain. When the user replies to the encrypted email, they will be sent another encrypted email from Microsoft containing their reply that they can be accessed by authenticating using the same steps. Please note that the outside user's reply to an encrypted email might end up in their spam folder.