In the past when sending emails containing personal data or sensitive information to recipients both inside and outside of the University from your staff or generic email account (@chi.ac.uk), there were no controls regarding where this email could go. It could be forwarded and the contents could be modified, or printed, for further dissemination. This could be an issue when emails contain personal data or sensitive personal data about individuals.
The security issues highlighted above can be avoided using message permission rules on an email sent from Microsoft Outlook 2016. When message permission rules are applied to an email, they can only be opened securely by the recipient using Microsoft Outlook 2016.
How to use message permissions
To apply permission rules to an email, follow these steps:
- When you are composing an email, click ‘Options’ in the top ribbon, followed by the ‘Permissions’ drop down arrow.
- The first time you use this service you will need to first select ‘Connect to Rights Management Servers and get templates’
- When you have completed step 2 (either now or previously) and click on Options > Permissions, you will have the choice of four rules to apply to your email
a. Unrestricted access – this is a regular email, and it will be sent as normal
b. Do not forward – this prevents the recipient(s) from being able to forward, print, copy or screenshot the email. This is the most secure message permission.
c. Confidential – this prevents the recipient from copying or printing the email.
d. Confidential view only – this prevents the recipient from modifying the email.
For the example used here, we will use ‘do not forward’.
- Continue writing the email and attach files as normal. Send the email when you are ready
- When the email is received, the recipient will receive a blank email with the original message shown in an attachment
- The recipient must open the attachment to view the email, it will appear like a normal email including attachments (if applicable). Where this email is different is the exception of it being highly restricted (e.g. no forward button)
- The email can subsequently be organised into folders as normal.
Sending protected emails from a shared University email address
If you would like to be able to send protected or encrypted emails from a shared University email address, a technical change needs to be made to that email account first. Please request this via Support Me or SIZ.
You may also be interested in how to send personal data securely using encrypted emails from your University accounts