ITS Helpdesk

Phone: 810.762.3123 opt. 1 - Email: ITSHelpdesk@umflint.edu

What is Email Encryption?

Last Updated: Jun 05, 2018 01:49PM EDT

What is Email Encryption?

Email encryption is a secure way to send emails that contain private personal data about yourself, coworkers and students. In order to send or open a digitally signed (encrypted) email, you will need to get an S/MIME certificate, also known as a digital certificate or "Digital ID"

Intended Audience:

This Quicknote is intended for current faculty, staff, and students who would like to know more about sending encrypted emails with their university email account to other @umflint.edu users.

Requirements:

To follow this Quicknote you will need to have a current affiliation with the university and have access to your LAN account. You will also need access to either a computer with Microsoft Outlook 2010, 2011, 2013 or 2016 installed or the Outlook Web Application.

What Services Can Be Encrypted?

Internal messaging between users with @umflint.edu email addresses (using Outlook or the Outlook Web Application) as well as external messaging from an @umflint.edu user to a non-@umflint.edu user can be encrypted. To send encrypted emails to a non-@umflint.edu email address see the Quicknote Sending Encrypted Emails to Non-University Machines.

How Do I Get an Encryption Certificate (Mac/Windows)?

Contact the ITS Helpdesk and place a work ticket to have Security Services assist you with creating and using email encryption. Please include the following information: Contact Number, Office Location, Operating System, Type of Encryption needed and Purpose for Encryption. After placing a ticket it could take up to 3 business days to receive your certificate and be ready to send and receive encrypted emails.

Table of Contents

Importing the Digital ID into Windows or Mac [Back]

You will receive your S/MIME certificate, also known as a digital certificate or "Digital ID", from the UM-Flint ITS Security Team shortly after the request has been processed. It will be encrypted in the PKCS 12 format (.p12 or .pfx) using a strong passphrase ("PIN") created at the time it is generated. You will need this passphrase to install the certificate. This PIN will be sent to you when the digital certificate is delivered.

Importing a Digital ID into Windows without PGP Encryption:

  1. Download the Digital ID and Password that was sent to you on your computer
  2. Locate your Digital ID, right-click the file, and click Install PFX
  3. Click Next on the next two prompts
  4. Enter in the S/MIME Password sent to you and select Mark this key as exportable.
  5. Click Next
  6. Click Next
  7. Click Finish

Importing a Digital ID into Windows with PGP Encryption:

  1. Download the Digital ID and Password that was sent to you on your computer
  2. Locate your Digital ID, right-click the file, and click Open
  3. Select As new PGP key(s) and click Next >
  4. Enter in the S/MIME Password sent to you and click Next >
  5. Click Finish


Importing a Digital ID into Keychain (Mac):

  1. Download the Digital ID and Password that was sent to you on your computer
  2. Locate your Digital ID on your local computer
  3. Double click the Digital ID
  4. In the Add Certificates window choose login next to Keychain:
  5. Click Add
  6. Enter the PIN that was sent to you with the Digital ID
  7. Click OK
  8. The Digital ID will now be added to the Keychain

Setting up Outlook for Email Encryption [Back]

Outlook 2010, 2013, 2016 (Windows):

  1. Open up the Outlook Desktop Application
  2. Click File in the top left
  3. Click Options in the left-hand column
  4. In the new window select Trust Center and then Trust Center Settings...
  5. Select the Email Security tab and then click Settings... under the Encrypted e-mail heading
  6. In the Change Security Settings window:
    1. For Signing Certificate, click Choose...
       
    2. Select the Certificate that will include your full name or uniqname, then click Ok
    3. For Encryption Certificate, click Choose...
    4. Select the Certificate that will include your full name or uniqname, then click Ok
    5. Click Ok to close the Change Security Settings window
  7. In the Trust Center, click Publish to GAL... under the Digital IDs (Certificates) section
  8. Click Ok on the next two prompts

Outlook 2011 (Mac):

  1. Open up your Outlook 2011 Application
  2. Click on Tools in the top left corner of the screen
  3. Click on Accounts
  4. Select your UM-Flint account and click Advanced
  5. In the new window select the Security tab
  6. Under Digital Signing and Encryption select the option that will include your full name or uniqname
  7. Click Ok

Outlook 2016 (Mac):

  1. Open up your Outlook 2016 Application
  2. Click on Outlook in the top left of the screen
  3. Click on Preferences...
  4. In the new window click Accounts
  5. Select your UM-Flint account and click Advanced
  6. In the new window select the Security tab
  7. Under each of the following: Digital Signing, Encryption and Certificate Authentication select the option that will include your full name or uniqname
  8. Click Ok
  9. Keychain may prompt you to use your private key, select Always Allow

Sending an Encrypted Email [Back]

Outlook 2010 (Windows):

  1. Type the message as you normally would
  2. Click on the Options tab at the top of your message
  3. Click the Arrow Box in the bottom right of the More Options Section
  4. Click Security Settings
  5. Click Encrypt Message Contents and Attachments
  6. Click OK
  7. Click Close
  8. Click Send

Outlook 2013 (Windows):

  1. Type the message as you normally would
  2. Click Pop Out in the top left corner of the email
  3. Click on the Options tab at the top of your message
  4. Click the Arrow Box in the bottom right of the More Options Section
  5. Click Security Settings
  6. Click Encrypt Message Contents and Attachments
  7. Click OK
  8. Click Close
  9. Click Send

Outlook 2016 (Windows):

  1. Type the message as you normally would
  2. Click File
  3. Click Properties
  4. Click Security Settings
  5. Click the Encrypt Message Contents and Attachments check box
  6. Click OK
  7. Click Close
  8. Click Send

Outlook 2011 and 2016 (Mac):

  1. Open the email you would like to send encrypted
  2. Click the Options tab
  3. Click Security
  4. Click Encrypt Message
  5. Send the email to your desired recipient

External Encryption [Back]

Please view the Quicknote located here.

Troubleshooting

If you have any questions or issues with using the email encryption services outlined within this Quicknote, please visit or contact the ITS Helpdesk for assistance.

Locations: 206 Murchie Science Building or 3174 William S. White Building
Phone#: (810)-762-3123 (option 1)
Email: its-helpdesk@umflint.edu

0438193a176e19372b65cb7b8916ea64@umflint-its.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete