Friday, March 15, 2024

M365 Planning Diagram: Mail Encryption Flow

If you follow my blog, you know that I like to use Visio to draw pretty pictures to use when planning out Messaging Environments, like this one here.

We're currently migrating our mail encryption from Proofpoint to M365 Purview. Like most organizations, we have steering committees filled with business leaders/stakeholders who need stuff in plain language and diagrams always help.

So, I created this encryption "flow" diagram to show what happens when one of our users encrypts an outbound message to when the recipient opens it - start to finish. This way the higher-ups can visualize how exactly mail encryption works.

M365 Mail Encryption Flow Overview

In my example below we have a user sending a message using the [secure] subjectline tag or encrypt button, which is an option that can be set in OME (Purview Message Encryption), or attaches some sensitive data containing PII/PHI (Personally Identifiable Information/Protected Health Information).

The message then flows through Purview where it detects the tag or encrypt button usage or sensitive data using DLP filters, then to the Encryption Portal where it's stored for the recipient.

A notification is sent to the recipient saying they have an encrypted message waiting.

The recipient clicks the link, which takes them to the Purview Portal to view the message.

A notification is sent to the sender that the recipient opened the message.

If the recipient replies, the message is sent back through Purview Encryption then on to the original sender.

M365 Encryption Flow

Feel free to grab the Visio file from my Google Drive Mail Encryption Flow.vsdx to use for your environment!

No comments:

Post a Comment