Important Notice

The content in this space is currently being migrated to the cloud. Any content edits must be made by a Knowledge Base admin until migration is complete.
To request content edits, please submit a request to the Strategic Operations Training Team and include the page URL and details on required edits.
A member of the Strategic Operations Training Team will reach out for clarity if needed.

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Sending Encrypted Emails from Outlook with Office 365

PURPOSE

To allow users to securely send email messages and attachments to external users without installing PGP Client Software.

SCOPE

All NYSERDA Users

RESPONSIBILITIES

  1. IT Operations Systems Administration is responsible for User Account and Mailbox Administration
  2. All users are responsible for knowing the Data Classification for any information and/or files being shared both within and outside of NYSERDA and assuring this information is properly secured in accordance with that classification.


*Contact Data Governance for more details on Data Classification

PROCEDURES


  1. Sending Secure, Encrypted Email from Outlook has been made very easy for NYSERDA users now on the Office 365 email platform. To send an encrypted email to an external user you simply need to add the appropriate wording to the Subject of the message.
    1. Create new message in Microsoft Outlook and add the recipients like usual.
    2. Enter the following to the beginning of your "Subject" #encrypt

Then enter the rest of the subject as you would like it to be seen


        2. Attachments must be converted to an Adobe password protected file or converted to a Microsoft Excel (.xlsx) password protected file for Confidential-Private data before you send an encrypted email. This ensures the information stays secure. The password must be changed every 90 days and contain 8 characters of upper/lower case letters, numbers and special characters).

In addition, the password for the file should be provided to the recipient over the phone or sent in a separate encrypted email.

       3. Once you are done creating your message and adding password protected attachments.Click SEND

  • Be sure you have #encrypt in your subject as that is key!
      1. NOTE: You can also do this same process from the Outlook Web Client at {+}https://outlook.office365.com/owa+ when logged in with your nyserda.ny.gov or greenbank.ny.gov user id!

DATA LOSS PROTECTION (DLP)

Data Loss Protection (DLP) to prevent unprotected sensitive information in outgoing email.  NYSERDA’s Data Governance Council have agreed to enforce the least disruptive action known as the DLP encryption template.  This encryption template is effective immediately.

The DLP encryption template effects emails and attachments that contain:

  • Social Security Number
  • US Taxpayer ID
  • Passport Number
  • Credit Card Number
  • Bank Account Number (personal and business)

Since NYSERDA users the centralized Office 365 system, our emails are already encrypted therefore this automatic encryption will not affect the following communication:

  • Emails to @nyserda.ny.gov
  • Emails to other NYS entities that are O365 tenants at ITS.  Note that being listed in the global address list (GAL) does not guarantee a state entity is participating in the ITS O365 tenant.

Receiving the email works the same as utilizing #encrypt referenced above.

  • No labels