a day ago
Microsoft Confirms Security Pause For Outlook Email Encryption
Two-click encrypted email adds security pause for Outlook users.
There are lots of ways that email platforms can come under attack. Your passwords can be compromised, whether you are using Outlook or Gmail. Two-factor authentication code session cookies can be stolen by hackers enable easy account access. And you can, in effect, compromise your own email by not taking privacy considerations seriously enough. This can even be, maybe even especially be, the case when encrypted email is concerned. Which is why Microsoft is introducing a security pause for users of New Outlook for Windows. Here's what you need to know about the new 2-click encryption view.
As regular readers of the cybersecurity section here at Forbes will know, I'm a great advocate for security being simple if it is to be effective. Anything that gets in the way of a smooth user experience will likely be ignored or disabled, and thus quickly becomes counterproductive from the perspective of attack mitigation. You might be surprised to learn, therefore, that I'm all in when it comes to the latest Microsoft announcement that Outlook is introducing a security pause to the encrypted email viewing process.
'New Outlook for Windows will now support a two-click view for encrypted emails,' Microsoft said. 'This feature enables admins to require user confirmation before allowing access to encrypted emails.'
Sounds like an extra security hurdle to me, for sure, but in this case, it is a desired one. Why so? Because we are talking about preventing users from opening an encrypted email without giving any thought at all. What if the user is in an inappropriate environment? What if there are people around who should not be able to view the contents? Poor privacy controls are the doorway to compromise, especially when sensitive data is concerned, and let's face it, why would you encrypt email if it were not meant to kept private?
Admins with control over New Outlook for Windows, as well as Outlook for the web, iOS and Android, will be able to implant the security pause from the TwoClickMailPreviewEnabled setting in the Microsoft Azure directory, and Microsoft said they can also set this up using a Microsoft PowerShell command in Microsoft Exchange Online PowerShell.
The feature will start rolling out in early April and be complete by the end of that month, although Android and iOS implementations will come a little later, with the end of June being the target completion date, according to Microsoft.
