How to Improve Email Security in Microsoft Outlook 2007

Page content

With a gazillion messages flowing through the Internet, they run into hackers and peeping Toms who want to intercept your emails. You can take steps to cut the risks of prying eyes viewing your messages, catching viruses from scripts, and biting a phishing email.

Digital Signatures

You might consider using a digital signature, which relies on code to prove the message comes from a valid associated e-mail account and computer. To get a digital ID, you make the request with a certification authority to send messages with a digital signature. Those on an Exchange Server should be able to get a digital ID from the system administrator or tech support.

If you’re not on Exchange or a server, request a digital ID using the following steps:

  • Click Trust Center from the Tools menu.
  • Select E-mail Security.
  • Click Get a Digital ID. This takes you to a Microsoft Web page with a list of available digital IDs. Some authorities charge a fee for the service, but most offer either a free trial period or a free digital ID.

Once you have a digital signature, sign all outgoing messages with a digital signature using the following steps:

  1. Select Trust Center from the Tools menu.
  2. Select E-mail Security from the Trust Center Navigation Pane.
  3. Check the box next to Add digital signature to outgoing messages.
  4. Check the box next to Send clear text signed message when sending signed messages, and click OK.

Note: Secure Multipurpose Internet Mail Extensions (S/MIME) is a public key encryption standard for digitally signing and authenticating e-mail messages.

When you want to digitally sign an e-mail message, select the Digital Signature icon in the Options group on the Message tab. However, it may not appear the first time you try to use the feature or if you don’t yet have a Digital ID. Instead, click the square icon next to Options to open the Message Options window.

Do the following in the Message Options window to send the current message with a digital signature:

  1. Click Security Settings.
  2. Click the checkbox next to Add digital signature to this message, and click OK.
  3. Close the Message Options window.

Encryption provides another option for securing e-mail, but reading it requires the recipient’s email application have a private key matching the public key that the sender used to encrypt the message. Encryption scrambles the text of an email message and then unscrambles it if the recipient has a corresponding public key. The encryption process involves exchanging CER files with others and the follow lists some ways to do this:

  • Share certificates (.cer files) with the recipient and import the recipient’s certificate into Contacts.
  • Send an e-mail message with the CER file attached for the recipient to import into the contact card for you.
  • Create and send a contact card with the CER file.

Once you’ve set up certificate sharing, you can encrypt an e-mail message by selecting the Encrypt Message Contents and Attachments button on the Options group in the Message tab within an email. Complete the email and send it. The encryption icon, like the Digital Signature icon, won’t appear unless you have an encryption certificate. However, it may not appear the first time you try to use the feature or if you don’t yet have a Digital ID. To fix this, do the following steps:

  1. Click the square icon next to Options to open the Message Options window.
  2. Click Security Settings.
  3. Click the checkbox next to Encrypt message contents and attachments.
  4. Close the Message Options window.

Note: If you send an encrypted message to a recipient with an email application that doesn’t support encryption, Outlook lets you know and offers the option of sending the e-mail message without encryption.

Information Rights Management (IRM)

Microsoft Office 2007 comes with Information Rights Management (IRM) capabilities, which lets you restrict who can view, forward, copy and print a file. Unfortunately, people find ways around the restrictions by using applications like those that capture what appears on the screen. Some print the IRM-protected e-mail and share it or type its contents into a new email message, for example.

Note: If you attach a message that isn’t rights managed to a rights managed e-mail message, the attached file isn’t rights managed because IRM doesn’t work with MSG files.

To use IRM requires access to an IRM server. If you’re on an Exchange Server, contact your system administrator about IRM. Microsoft provides an IRM server and provides a free trial of the service.

Text Emails

A simple thing to do that boosts your email security is to receive email messages in plain text. Viruses and bad ware don’t just spread through opening attached files. They can spread through the code behind the HTML. This means no color, no bold, no large and small font sizes, no images appearing in the body of the message. Sounds dull, but it protects you and your computer.

An added bonus: Your email messages will load faster. Change your options for receiving incoming email messages as plain text by following these steps:

  1. Open the Trust Center from the Tools menu.
  2. Select E-mail Security from the left pane.
  3. Check the box next to “Read all standard mail in plain text” under the “Read as Plain Text” section.
  4. Click OK and your e-mail messages going forward will appear in plain text.

Be sure to check out the other Microsoft Outlook tips and tricks found only here at Bright Hub.