Great video! They are all so helpful. I do have a Business Premium license, but the encryption lock does not show up in my New/Old Outlook or OWA. Any ideas?
@bearded365guy3 ай бұрын
Ah, you will need to run a powershell script to enable it…. I will try and make a short video.
@JimSmith422 ай бұрын
@@bearded365guy this would be super helpful! Exactly what I also need!
@rainson1216 күн бұрын
If i click on "encrypt" a message box pops up saying that an encrypted message couldnt be created. If i do it in the web outlook online i get the error that the S/MIME extension isn't installed. How to solve this?
@andrewenglish381013 күн бұрын
@Jonathan Edwards how does it work in Outlook, you showed how it works in OWA. Also I guess attachments appear in the outlook portal when the external user logs into it to view the encrypted email?
@Mr1964hotrod3 ай бұрын
Thank you for your thorough explanation of encryption. If an email is initially encrypted does the threaded back and fourth communication remain encrypted?
@roelofdirkx162313 күн бұрын
With the encryption and do not forward option activated, the recipient can still click reply and add someone in to the message, or delete to whom he is replying and input someone else, to whom he would like to forward this?
@umairazeem4889Ай бұрын
I wanted to know if the attachments can also be encrypted with this option and a way for the recipient to decrypt it?
@HandZ_gamingАй бұрын
Cheers Jonathan, been working in IT for just under a year, and your videos are so helpful for understanding what's possible and even potentially some troubleshooting steps inside the various policies that have been created. thanks again
@bearded365guyАй бұрын
@@HandZ_gaming Great to hear!
@MickT9903 ай бұрын
HI Jonathan, thank you for you great videos. i am currently a personal user, but after watching some of your videos, i was thinking having a business premium licence would be a good idea to increase security, is that something you would recommend?
@bearded365guy3 ай бұрын
Yes, I would. For £18.10 per license/per month for Business Premium (in your own currency), you get so many features and apps.
@ehabgalal91813 ай бұрын
Why you just create encrypt under do the following in the exchange rule instead the sensitivity policy
@bearded365guy3 ай бұрын
The label dictates the behaviour and settings.
@dongelhouse3 ай бұрын
Thanks for this video. Your gmail address is visible so I do not know if you want to block that.
@bearded365guy3 ай бұрын
Yes, realised that afterwards. Nevermind.
@titahaver629020 күн бұрын
Your videos are just amazing. Short, precise, at point and funny too. Really helpful 😊
@tri.taminh3 ай бұрын
Your explanations are clear and easy to understand. Thanks to your videos, I've learned a lot and successfully applied that knowledge to my work. Wishing you continued health and success!
@bearded365guy3 ай бұрын
Love to hear that!
@adventuresofa9jaguy3223 ай бұрын
really nice video. can you make one on the double key encryption feature for encryption in transport rules. would be nice to see an extra level of encyption deployment video. thanks!
@bearded365guy3 ай бұрын
I’ll add it to the list
@adventuresofa9jaguy3223 ай бұрын
@@bearded365guy thanks! 🥳
@obee-oneАй бұрын
You have to have Microsoft 365 E3 license for this to work right?
@bearded365guyАй бұрын
@@obee-one No, Business Premium
@HarryQ-g7t2 ай бұрын
Hello Jonathan, thank you for the great and helpful video! I'm bit confused when you created a label policy. There are two features for sensitivity label: "Label Policies" and "Auto - Labeling", could you please let me know the difference between these two policy features and how should we decide which to use? Based on my understanding, "Label Policies" allows you to apply labels manually, while "Auto - Labeling" will just apply labels to files and emails automatically. Please correct me if I was wrong and thank you!
@gregoryigbinoba47783 ай бұрын
@Jonathan Edwards. Thanks for the knowledge. On which M365 service do we test/validate the 'Disable persistent browser session' after setting up the Conditional Access Policy?
@GHNTube3 ай бұрын
What a great video, thank you I really enjoyed it. But..... please mind your attachments when using Encryption this way, especially when you automate the encryption. If you need more info, let me know. Kind regards.
@jojolization3 ай бұрын
how about an encrypted email sending from one company using M365 outlook to another company using M365 outlook as well? the recipient in Outlook will show the encrypted header? ( i tested it from 1 tenant to another tanant, it shows nothing about email encryption, why? )
@bearded365guy3 ай бұрын
That process is seamless, just like sending an internal email. You’ll still see the padlock next to the email and a header saying “This email is encrypted”
@fredito4ever2 ай бұрын
It would be nice if M365 would offer signing of email. Or even BIMI.
@jaybigboy343 ай бұрын
You are the bearded man!
@adventuresofa9jaguy3223 ай бұрын
did it like in the video but still didnt work. maybe ill have to leave it till tomorrow for it to kick in or something
@bearded365guy3 ай бұрын
The label can take 24 hours…
@adventuresofa9jaguy3223 ай бұрын
@@bearded365guy yeah figured. Thanks!
@edubpro2 ай бұрын
For some reason I don't have the "lock"/encryption option.
@hernansanchezm3 ай бұрын
It works when I use the browser, but when I use the app it lets me print and forward
@Joshawa3 ай бұрын
Thank you as always. Always appreciate how you take things Microsoft makes more complex than necessary and break it down.
@ACrispiels2 ай бұрын
Thank you Jonathan for this good explanatory video. Encryption is one thing. But how to sign (digitally) also via Microsoft 365 ?
@bearded365guy2 ай бұрын
Stay tuned…
@tuxmc3 ай бұрын
Unfortunately, that encrypted email looks like a phishing email. Tech companies should come out with a solution together
@bearded365guy3 ай бұрын
Do you think? I think if more time is spent on the customisation and text, then it wouldn’t look like a phishing email.
@tuxmc3 ай бұрын
@bearded365guy A supplier got compromised their M365 user account, that account sent out Sharepoint Shared documents to several companies. People did not suspect the threat because they used to be in communication with the affected person. All of them ended up given away their session cookies to the attacker. Imagine how easy will he using a "fake" encrypted email. Hey! That is a good topic to cover in your channel "cookie sessions" to bypass MFA.
@thesimpsoid3 ай бұрын
@@bearded365guyTo be honest, I had the same thought as @tuxmc. I think it would be crucial to ensure the branding is top-notch but also communicate beforehand with likely recipients that future emails may/will be encrypted and show what they will look like, what the recipients can and should do to validate authenticity and who they can contact if they have any concerns.
@LimitedWard3 ай бұрын
I agree. Unless I had been explicitly told to expect such an email, alarm bells would be going off in my head.
@MrSam_Derp_Man3 ай бұрын
@@bearded365guy I agree with @tuxmc We learn ours customers to not click on links in emails, and especially not login with your credentials if you did click on it. Now, in Gmail or in de classic outlook you get this message. Since we have used this we received a callback from everyone that received this encrypted message to verify if it was actually us or people telling us that we are being spoofed on! Now with the new outlook, that is perfect but 80% of our customers do not use that version so this would be a disaster.
@TateSpirit3 ай бұрын
I am hooked to your videos, I mean I learn more from your videos rather than attending hours-long meetings with vendors telling us how much they need to be paid to implement best practices. Waiting for your full M365 course, is it still on track for this summer?
@bearded365guy3 ай бұрын
Hi mate, thanks….. yes, it’s on track……. I just need to bury myself in the studio and film the videos instead of watching Euros 24 ⚽️
@adventuresofa9jaguy3223 ай бұрын
@@bearded365guy i know you will be recording pretty soon then. Not like England have a chance. :D
@bearded365guy3 ай бұрын
@@adventuresofa9jaguy322 You’re right about that!!!
@adventuresofa9jaguy3223 ай бұрын
@@bearded365guy 😂 😂
@TateSpirit3 ай бұрын
@@bearded365guy great, yeah indeed It is a hard decision to make here.
@tri.taminh3 ай бұрын
About the encrypted email send to external email (Gmail), i saw that to read the message that external must re-authenticate after click on "Read the message" button. I wonder if the receiver forward that email to other people, can he/she be able to read that message? if yes, then what is the point of encrypting the email?
@bearded365guy3 ай бұрын
No, they wouldn’t be able to do that. To read the message, the gmail user has to sign into gmail with their credentials. In the demo, my account was already signed in. Hope that clarifies!
@obaidshaukat34123 ай бұрын
i sent this to my boss because i dont want to get fired.
@peterstalworth3 ай бұрын
Would this avoid the need for client portal when sending documents securely?
@bearded365guy3 ай бұрын
Hi Peter, yes it would.
@robertneal19733 ай бұрын
Is there a way to incorporate this with DLP in Purview? I'm in the states and have a DLP policy for GLBA. From what I can tell in Purview, my options are limited. I can notify the user and an admin they've sent sensitive data, but then the only other option I really have is to block the content. Basically, I don't want to encrypt ALL emails, but I would like to automatically encrypt emails that trigger the DLP policy.
@robertneal19733 ай бұрын
Think I found it, it's in the auto-label section, I can auto-label based on GLBA data classifications. They're not bundled up nicely into a single "GLBA" grouping, but I can add them individually to mimic what's available in DLP.
@bearded365guy3 ай бұрын
@@robertneal1973 Yes you can….. but you know that now!
@menzy12343 ай бұрын
Fantastic guide as always! I share your videos with my team regularly, straight to the point & easy to follow.
@bearded365guy3 ай бұрын
Thank you.
@amgadatiata3 ай бұрын
Help for microsoft
@Joshawa3 ай бұрын
In attempting to do the branding portion, I get an error when trying to use the New-OME command. My PS states I only have access to Get-OMEConfiguration and Set-OMEConfiguration, not New-OMEConfiguration. Am I missing something?
@Joshawa3 ай бұрын
For anyone else running into this - just using the Set command lets me do everything but I just have to modify the default OME Confiugration, which is fine since I don't currently understand a reason to have two. Please correct me if I'm missing something
@bearded365guy3 ай бұрын
Are you running PowerShell as admin?
@Joshawa3 ай бұрын
@@bearded365guy I am. I also didn't have any of the azure information protection options available to me until I activated it through azure. I was able to completely modify the default ome to customize for my org, I just can't make a new one, and I'm using my GA account. I couldn't even make the email label until enabling it
@davidmatveyev42103 ай бұрын
Didn't work for me either. I did run PowerShell as administrator. Gives me this error: New-OMEConfiguration : The term 'New-OMEConfiguration' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. At line:1 char:1 + New-OMEConfiguration -Identity "B365 branding templete" + ~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (New-OMEConfiguration:String) [], CommandNotFoundException + FullyQualifiedErrorId : CommandNotFoundException
@Joshawa3 ай бұрын
@@davidmatveyev4210 you should be able to use the Set command instead of the new command and just change the default ome config
@ifeanyi3673 ай бұрын
Awesome
@kabookeo3 ай бұрын
Yer gmail address is still shown in the browser tab. 😳 Don’t worry. I won’t tell.
@bearded365guy3 ай бұрын
Yeah, I know!
@azeemhaider45353 ай бұрын
Thank you, another amazing video, one question i am using Business Premium license but i do not see padlock sign in option, do i have to enable anything else on my admin portal ?
@azeemhaider45353 ай бұрын
It seems something missing, is there any prerequisite for this?