Page tree
Skip to end of metadata
Go to start of metadata

Overview

Microsoft encrypts all data in transit and at rest, but also offers item-level encryption that users can opt into per message.

OME is based on Azure Rights Management Service (RMS) and provides additional options for users to secure their messages and makes these options more accessible. There are four templates currently available with OME:

  • Encrypt-only
  • Do Not Forward
  • Confidential
  • Confidential view-only

Encrypted message recipients that are not using Microsoft 365 (e.g. gmail, outlook.com, yahoo, etc.) will receive a link to the OME portal. They can login with their email address or have a one-time passcode (OTP) sent to them to authenticate.

Microsoft 365 recipients will see a native inline experience and will not need to go through the OME portal.

Encrypt-only

External users receive an email with a link to the OME portal with their email. They can login with their email address or have a one-time passcode (OTP) sent to them to authenticate (see below). They will be able to download any attachments once logged in.

Back to top


Do not forward

External users will receive an email with a link to the OME portal*. They can login with their email address or use a OTP to authenticate and view the message.

*Microsoft 365 recipients will see a native inline experience with a banner at the top of the message notifying them that the message is encrypted, and recipients cannot forward it (see below).

One caveat about users who receive an email with a link to the OME portal WILL be able to forward the encrypted message to other users, but only the initial recipients will be able to authenticate and view the message.

Back to top


Confidential

Confidential messages are only meant for internal use. External users will receive an email with a link to the OME portal but will be met with an error message (see below) when they try to access it. These messages can be forwarded and viewed internally, but can not be copied/printed.


Back to top

Confidential view only

These messages can only be viewed by the original internal recipients and cannot be forwarded. External users will receive an email with a link to the OME portal but will be met with the same error message as above when they try to access it.


A Note about Forwarding Rules

While “do not forward” and “confidential view only” messages cannot be manually forwarded, this can be bypassed if a client has a forwarding rule in place that forwards the message automatically. However, only the initial recipients should be able to view the message.

Back to top

If you are unable to solve your issue with this knowledge article you can contact the IT Service Desk by calling (813) 974-HELP (4357) or emailing help@usf.edu. 

If you find any errors or omissions on any knowledge base page, please send an email to the 'DocTeam' at ITDocTeam@usf.edu.