Send and receive encrypted email messages

Ensure that only intended recipients can view message content

Office 365 Message Encryption (OME) is a service built into Microsoft 365 email at Harvard. It enables you to send level 4 data and below to internal and external recipients through an email message. Both the body of the email and any attachments are encrypted.

Office 365 Message Encryption (OME):

  • Is easy to use, integrated into Microsoft 365 Outlook web and desktop applications.
  • Enables secure email and attachments for level 4 data and lower.
  • Allows Microsoft 365 recipients to read and respond to protected messages from Outlook for Windows and Mac, Outlook on the web, and Outlook Mobile (Android and iOS). If the recipient is not a Microsoft 365 user, they can read and reply to encrypted messages in a web browser.
  • Does not require that the recipient have a Harvard or Microsoft account to access the message. They can authenticate with a Gmail account, Microsoft account, or a one-time passcode.
  • Can be configured for use with departmental email accounts.


Available to all Harvard University Faculty, Staff, and Students eligible for a Harvard Microsoft 365 account. OME is included in your existing Microsoft 365 Subscription

Encryption options

  • Encrypt Only – The email is encrypted, and recipients must be authenticated, either by HarvardKey, their mail service provider, or a one-time passcode code sent to the original address. The recipient can copy from the email, print it, and forward it.
  • Do Not Forward – The email is encrypted, and recipients must be authenticated either by HarvardKey or a one-time passcode sent to a non-Harvard email address. The recipients cannot forward it, print it, or copy it. For example, in the Outlook client, the Forward button is not available, the Save As and Print menu options are not available, and you cannot add or change recipients in the ToCc, or Bcc boxes. Microsoft Office documents (Word, Excel, and so on) will have Do Not Forward information rights management protections applied. Only the document can only remove these restrictions.

How to send an encrypted email

Sending an encrypted email in Outlook is quick and easy. You don’t need to download any new software; it’s already integrated with the Outlook desktop and web apps that you use every day.

  1. Create a new email
  2. In the top navigation ribbon, select Options
  3. Select the Encrypt lock icon
  4. Write and send your email as usual.

Your message and its attachments are now encrypted. 

Learn more

Office Message Encryption

Harvard Secure File Transfer by Accellion 

Microsoft 365 email, client or web-based

Web-based with Outlook add-in (optional)

Sending sensitive (up to level 4) content in the email body

Sending sensitive (up to level 4) attachments (email body not encrypted)

Attachments under 150 MB (subject to recipient’s email size limits)

Large Attachments (up to 50GB); most file types accepted

Restricting further use of Office documents using Do Not Forward.

No ability to restrict the recipient’s further use of files such as Do Not Forward and Print

Messages and attachments have no expiration for the recipient

For the recipient, access to the attachment expires in 14 days