Skip to content

Microsoft’s “New” Office Message Encryption (OME)

OME Error

Microsoft’s “New” Office Message Encryption (OME)

Having a Problem with Email Message Encryption?

Have you had any issues with email encryption lately? All of a sudden, are you getting a “Something went wrong” error when you attempt to open an encrypted email? You may have received a Message Center email notification regarding changes in Office 365 message encryption (OME). We know it’s difficult to keep on top of all those Message Center email notifications. This issue was brought to our attention by one of our clients that relies heavily on email encryption.

Office 365 Message Encryption (OME) Option

Microsoft 365 offers multiple encryption options to satisfy your specific business requirements for email security. For the purpose of this blog, I am going to focus on Office 365 Message Encryption (OME).
OME is a service built on Azure Rights Management (Azure RMS) that allows users to send encrypted emails to people inside or outside their organization. Your admin can set up rules that define the conditions for encryption. When a user sends an email that satisfies a rule, encryption is automatically applied to the email. To view encrypted emails, a recipient can either access it with a one-time passcode, sign in with a Microsoft account, or sign in with a work or school account associated with Office 365. Recipients also have the ability to send encrypted replies. Recipients are not required to have a Microsoft 365 subscription to view encrypted messages or to send encrypted replies.

Previous Version of Office Message Encryption is now Deprecated

After doing some research, we realized that our client’s “Something went wrong” error was a result of their version of OME being deprecated. 

The new OME capabilities leverage the security features in Azure Rights Management Services (RMS)  RMS uses the Azure Information Protection technology to protect emails and documents via encryption and access rules. You will need to verify that your subscription plan includes Azure Information Protection (which includes Azure RMS functionality). And, you need to be sure that RMS is activated in your organization’s tenant.

How to Set Up the New Office Message Encryption

Exchange admin center

To set up the new OME, go to the “mail flow” area of your Exchange admin center. Add a new Encryption rule or update your existing Encryption rule. Verify that the “Apply this rule” options at the top are set to reflect the business requirements. Then, modify the “Do the following…” selection to be “Apply Office 365 Message Encryption and rights protection”. (Our client previously had the “Apply the previous version of OME” selected.) Save your selections.

I know there are many different factors that come into play with  managing your Microsoft Office 365 experience. But, hopefully the explanation and the links in this blog shed some light on any email encryption problems you may be experiencing.


No comment yet, add your voice below!

Add a Comment

Your email address will not be published. Required fields are marked *