Editor’s note 6/21/2016:
Post was updated to reflect the upcoming IRM support for Office apps for Android.
Shobhit Sahay is a technical product manager on the Office 365 team.
Recently, we released Office for Android as we continue to help people get more done, on any device. Security is a core value for us, and as we evolve Office 365 to empower productivity across different platforms, we are committed to ensuring secure experiences across devices and platforms. Encryption is one of the key ways on how we protect your information. We use encryption in two ways: One is by implementing it in the service and the second is by offering you it as a customer control. In the service, we make use of encryption in the platform, where it works by default and you don’t have to configure anything, and we continue to evolve it based on your needs. As a customer control, we provide you three primary encryption options so you can protect sensitive data and meet specific requirements.
The three primary encryption controls available in Office 365 today are:
- Office 365 Message Encryption
- Information Rights Management (IRM)
Watch this video to learn more about these different Office 365 encryption controls available and how you can get started with them today.
Recent encryption controls updates
We have been working hard to make your encryption experiences easier to use and more secure. Here are some recently updated features that you can start using today:
Office 365 Message Encryption apps for iOS and Android
Secure and sync with Information Rights Management on OneDrive for Business
With Information Rights Management (IRM) capabilities, you can secure your information by encrypting it and applying an intelligent policy so that only specified internal and/or external people can “act” on your information. You can now safely sync your IRM protected documents on OneDrive for Business. The IRM protection stays in place whether you open a file on Office Online or on a local folder and continues to apply the settings even if you make edits to the file in both locations.
Departmental templates for IRM
While IRM provides some default templates, you can extend them by creating your own templates. You may choose to create policy templates specific to the needs of departments or divisions. Departmental templates allows you to define the scope of these templates. In other words, you can define the list of groups or individual users who can apply a particular template. Only those people can view and use the templates to protect documents. Currently this capability is available in the Rights Management Service (RMS) Sharing app. Support for Office applications will be made available soon. To learn more about this and other new Azure RMS capabilities, read The RMS Team Blog
Upcoming encryption controls features
Encryption continues to be a big focus for us as we invest in rich and secure Office experiences. Here are some exiting new things you can expect in the service in upcoming releases:
Cross platform support for IRM
We currently provide IRM capabilities in email experiences on all platforms. The newly released Outlook for Mac also supports IRM so you can protect and safely collaborate with your emails on your Mac devices.
Going forward, we are bringing the same rich IRM experience to Office applications across different platforms.
- Office apps for iPhone and iPad will start supporting IRM in summer of 2015.
- Office for Mac will support IRM in its first release in second half of CY2015.
- Office apps for Android will support IRM in second half of 2016.
- IRM will be enabled out of the box in Universal Office apps and Outlook for Windows 10.
- We are also working hard to enable IRM in the newly released Outlook app for iOS and Android and more details will follow soon.
With these expanded cross platform IRM experiences, users will be able to safely work with their Office documents whichever devices they are using and organizations can create and enforce policies for sensitive content to meet their compliance requirement.
More Office 365 Message Encryption enhancements
Starting with second quarter of 2015, we will release more enhancements to Office 365 Message Encryption, including:
- Message expiration—Senders of the message or admins can choose to expire the encrypted message after certain duration of time.
- Message revocation—Senders of the message or admins will be able to revoke access from certain recipients once the encrypted message is viewed
- User trigged encryption—Senders of the message will be able to trigger an encrypted message by clicking a button in Outlook Web Access (OWA).
With these new Office 365 Message Encryption features, you can now have better control of your encrypted messages while working with external recipients and you can better manage the policies for external communication.
All of these features can be tracked through the Office 365 Roadmap as they become closer to availability. We believe that providing you with such encryption controls will help you protect your data, wherever you may be using Office applications, whatever business requirement you are trying to solve. We hope you will like some of these new enhancements and we look forward to releasing more new capabilities so you can get the best from the world of encryption. As always, keep that feedback coming.