Office 365/Outlook 2016 Email Encryption Option Suggestions - 5 User/Small Business

Hello. I'm wondering if anyone has suggestions for case by case email encryption options. It's for a small financial institution that will only require 5 seats. I've looked at the OME option however we find many firewalls block the Microsoft service and others require 25 seats. Virtru was one option we did fine but to customize the software it becomes pretty pricey. Any thoughts would be greatly appreciated. THX

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

paul78

I'm curious under what circumstances, the Microsoft web site is being blocked by firewalls? I was thinking about trying out OME as well.

jksecurity

I don't have the exact details as the client decided he wanted to move away from the 365 option so I didn't dive in too deep but I know many of the emails were being marked as SPAM or completely blocked. In the past they've had no issues outside of just the encrypted messages. I know having the recipient Whitelist the domain is an option however not convenient. I did more research after posting and found https://www.deliveryslip.com which seems pretty slick so far. Take a look, I'm curious to hear your opinion.

paul78

Oh - I thought you were using O365 since you posted in the Microsoft forum. You may want to ask a mod to move this to the Off-topic forum since it would likely get wider response.

I've never heard of deliverslip. I usually would suggest to my clients who are FIs to use Ironport (or whatever Cisco calls it these days) or Voltage SecureMail.

But since you only need 5 seats - that's probably overkill.

OME would have been a good solution. I was just playing around with it and I like it. The emails marked as spam is probably from the links in the email - I don't think you can do much about people using aggressive spam detection.

jksecurity

Sorry about that I wasn't clear. They are staying with 365/2016 however want to move away from the internal OME option. I think they've decided on Virtru as it has a feature that scans the email content and attachments for possible 16 digit number schemes (credit cards), socials, etc, in the case someone forgets to encrypt a sensative message and it will notify them to encrypt before they actually send. A fail safe so to speak that covers them.

paul78

jksecurity wrote: »

I think they've decided on Virtru as it has a feature that scans the email content and attachments for possible 16 digit number schemes (credit cards), socials, etc, in the case someone forgets to encrypt a sensative message and it will notify them to encrypt before they actually send. A fail safe so to speak that covers them.

Is there a reason why you don't want to use the Microsoft O365 DLP feature for that use-case? That's what we use today and it works for our use-case. Since your client is only 5 end-users, it may be more cost-effective to try the solutions that they already get as part of their O365 subscription.

https://docs.microsoft.com/en-us/office365/securitycompliance/data-loss-prevention-policies