Home Blog
17 MARCH 2019 | Security

12 Mistakes to Avoid When Encrypting Email in Outlook

12 Mistakes to Avoid When Encrypting Email in Outlook

Using the wrong Outlook plugin to encrypt your secure messages could frustrate your clients, waste your time, and even leave sensitive data saved in insecure locations. The following pitfalls are easy to avoid if you select the correct email encryption option for Microsoft Outlook.

Do You Need to Install an Extra Add-in to Encrypt Email in Outlook?

Indeed, Outlook can encrypt your email without any additional plugin installation - the only gotcha is that both you and your recipients need to install special certificates and share the public key from that certificate. This can work well in enterprise environments where both the senders and receivers have IT staff setting up their email servers and required certificates.

But if you do not want to install certificates yourself or at least do not expect your clients/recipients to install certificates, then the native Outlook encryption is not really an option. This is especially true if some or all of your recipients use free web-mail accounts such as Gmail, Yahoo! Mail, Hotmail and the like. That’s when it becomes necessary to use a quality Outlook add-in that will make the encryption process seamless.

Which Outlook Encryption Add-in Should You Choose?

There are several options, some of which come as part of a file sharing solution, or a client portal package, while others are just stand-alone Outlook add-ins. Make sure the add-in you choose does not suffer from the following flaws or mistakes:

Mistake # 12: Leaves sensitive data stored in your sent mail or other folders

While most encryption add-ins will encrypt the outgoing message, some may leave a copy of the message without any encryption in your sent-mail folder, or for received messages in your inbox or the deleted items folder. These email folders tend to get synchronized with your email server and all the devices where you access email, including your mobile devices. Protecting email data is not simply about encrypting the message in transit but also its stored copies.

The Encyro Outlook Addin is designed to prevent saving sensitive data to your email folders. Neither sent messages nor received messages are saved without encryption to your email folders (unless you explicitly save a draft of an email composed with sensitive data but not yet protected with Encyro). Received messages are decrypted on demand when you read them but not stored without protection to your inbox. Secure files attached to secure messages are not automatically downloaded. Rather you must explicitly choose to download and save them to a location of your choice.

Mistake # 11: Difficult for your recipients to read your secure messages

A lock is only useful if it is used. Likewise, if encrypted email is so hard to use that your clients simply fall-back to plain text emails and attachments, then you are back at risk. Many Outlook add-ins force your recipient to sign up for an account or jump through other hoops to get to your secure message.

The Encyro Outlook Addin makes it easy for your recipient to view your secure message with a single click. To keep it secure, the message expires after a configurable delay. Of course the message and attachments are always sent encrypted, and stored encrypted. And your clients are offered the option to create a free account if they so desire.

Mistake # 10: Secure messages are not accessible outside the add-in

For some Outlook encryption add-ins your encryption credentials are tied to the add-in installation. So there is no way to access your encrypted email outside of the add-in. You may happen to be away from your PC with Outlook and the add-in installed, and need to check or respond to an urgent secure message, say, from your mobile device or your spouse’s computer.

With the Encyro Outlook Addin, you can access your secure messages and respond to them from any Internet connected device, through the Encyro website. The website is mobile friendly and can be used from a smartphone or tablet as well.

Mistake # 9: Makes you learn new ways to insert secure files or message content

Many Outlook encryption add-ins require inserting each secure file or even the message content as a link. You are required to first click a special button to type your message or insert your attachment in a new window and then generate that link in the Outlook email message. Sometimes, you may even have to upload the files to be attached to a special folder or server first. In some add-ins you have to click two buttons to send a secure message - a first button to encrypt and then a second button to send.

The Encyro Outlook Addin lets you compose your email and add attachments just like you normally do in Outlook. Then, you simply click the Secure-Send button to send the email as an encrypted message. Options are also available for Reply, Reply-all, and Forward.

Get the Encyro Outlook Addin for free
Type your message and add attachments as usual. Then click Secure Send.

Not having to learn new buttons and procedures, as well as automated detection of received secure messages helps you stay secure and avoid accidentally including secure message content from the previous email in an insecure email.

Mistake # 8: Converts inline images to attachments

This is a big issue with many email encryption plugins. Your email may have used an image such as your logo in your email signature or other formatting element. Most email encryption add-ins will convert that image to a secure attachment. For your recipient, it not only makes your message look ugly, but also means they end up downloading an extra attachment just to find out it was not an intentionally attached file, resulting in poor user experience.

The Encyro Outlook Addin preserves images that are part of your email message, such as an image you inserted into the message (e.g., whiteboard notes, a data chart or graph) or a logo or decorative image in your email signature. These images are of course transmitted and stored encrypted with your email content and attachments, but when presented to the receiver they appear just as you placed them.

Mistake # 7: Forces file download even when you just want to forward

Sometimes you receive a secure message from a client that you know you only need to forward to a colleague or other recipient, without downloading the attached secure files yourself. Many Outlook encryption add-ins will force you to first download any attached files and then re-attach them, because the previously attached secure attachments will not be accessible to the new recipients. You not only have to do extra work but also end up storing needless copies of sensitive data.

The Encyro Outlook Addin automatically converts attachments as needed for the new recipient when forwarding (or even replying). You are presented with the list of attachments with check-boxes to select which files you wish to include in your forwarded message or reply. For a forwarded message, the check-boxes are automatically checked and you can un-check the files not to be forwarded, while for replies the previous attachments are not automatically included unless you check the boxes next to the desired files.

Mistake # 6: The plugin is unstable

Some encryption add-ins slow down Outlook or make it slower to start. Also, if you use email often and leave Outlook running almost always, then it is important to ensure that the encryption add-in will not make Outlook unstable with extended usage.

The Encyro Outlook Addin is designed to be very lightweight and stable. It does not perform any background activity when Outlook is starting up. Rather it only works when you send a secure message, or when decrypting a received secure message. And it shows you a progress bar when it is working on something.

Mistake # 5: Does not support multiple email accounts in Outlook

Some Outlook encryption add-ins do not work correctly if you have multiple email accounts added to Outlook. They may incorrectly use the email address associated with the encryption provider whenever you send a secure message even when you started composing the message with a different account. Or, they may log you out of the first account for encryption if you use another account to send a secure message. They may require you to sign up for encryption with each one of your email accounts detected in Outlook.

The Encyro Outlook Addin correctly supports multiple email accounts in Outlook, including accounts hosted on different email providers. You are only asked to sign up with Encyro with an email address if and when you actually use that email address to send or receive a secure message. You can stay logged in to Encyro from multiple email accounts in Outlook, and secure messages are sent from the correct address.

Mistake # 4: Requires you to install special certificates, gateways or distribute keys to your recipients

Some Outlook encryption add-ins are really just extensions for their email gateways or email servers. You must install the corresponding gateway, server or firewall as well.

The Encyro Outlook Addin works with most email services that you use from Outlook, including Gmail, Office 365, Microsoft Exchange, or other free or paid email services. It does not require installing any additional email gateway or server.

Mistake # 3: Requires a minimum number of licenses to be purchased

Some Outlook encryption add-ins only work with a team subscription with 3 or more users. So you are forced to buy multiple licenses, driving up your costs. Some even limit the number of clients you can communicate with or charge extra for added clients.

Encyro grows with your needs. You can just purchase a single license or add additional staff or partners. And clients are free. With the time you save using Encyro, maybe you can serve more clients and grow your business.

Mistake # 2: Does not backup data at a remote location

Encryption is only one aspect of keeping data secure. Most data privacy and security regulations also require you to ensure the integrity of the data and protect it from accidental or malicious loss or modification. For example, HIPAA HITECH requirements explicitly state that you must protect information from improper alteration or destruction:

“Implement policies and procedures to protect electronic protected health information from improper alteration or destruction.” - Security Rule, at § 164.304

Many Outlook encryption add-ins only provide encryption and no data backup.

The Encyro Outlook Addin comes packaged with a state of the art secure cloud service that stores your data at two different data centers hundreds of miles apart, with standards compliant encryption. You can control access and check audit trails of account activity as both to meet regulatory requirements and ensure strong data protection.

Mistake # 1: Messages to multiple recipients require extra steps

Some Outlook encryption add-ins do not handle multiple recipients well. They send a common secure link to each recipient and when the recipient attempts to access the message, they are asked to first choose their email address or other identity from a list.

The Encyro Outlook Addin correctly handles multiple-recipients. Each recipient receives a customized link. Even though you send a single message, the add-in internally generates separate emails from you to each recipient. The secure message of course lets the recipient see all parties on the communication. This gives you two advantages:

  • Your recipients do not have to go through extra steps to read their secure message. Just one click as usual works.
  • You do not have to separate out recipients with a secure account or new ones. The Encyro Outlook Addin internally handles that for you, generating the required links for different types of recipients.


With the multiple mistakes that different Outlook encryption add-ins make, there is only one mistake that you might make: not trying Encyro first. Download the free Encyro Outlook Addin now and give it a try. You can then decide if it meets all your needs or even compare with any other alternatives.

The Encyro Outlook Addin works with most email services including G-Suite, Office 365, Exchange, Gmail, business email providers, IMAP/POP accounts, and any email account that you can add to Outlook.