Outlook protection: What it is and how it works

Learn what is Out look protection and how it works.

✍️Learn how to activate and deactivate Outlook protection here.

In this article, you will learn more about:

 

Introduction

Safetica protects emails sent from desktop email clients but not from webmails. To extend email protection even more, you can use Outlook protection. It offers:

  • For devices protected by Safetica (with installed Safetica Client), it extends email protection to Outlook on the web.
  • For devices not protected by Safetica (without Safetica Client), it offers:
    • Active protection and remediation: Audit and block emails that violate company policies before they are sent via both web and desktop Outlook. You can also use the Block (with override) feature to allow selected users to override applied restrictions.
    • User notifications: Notify users about potential policy violations before sending emails.
    • Attachment control: Prevent sensitive attachments from leaving your company via Outlook. 

✍️Outlook protection is implemented via an add-in for web and desktop Outlook.

Learn how to activate Outlook protection and deploy the add-in here.

 

 

Supported Outlook versions

Outlook protection works for:

  • Outlook on the web
  • Outlook for Windows (desktop version 2206 (Build 15330.20196) and newer)
  • Outlook for Mac (desktop version 16.65.827.0 and newer)

❗Mobile Outlook is not supported because technology APIs are not available for integration.

This means that active protection (i.e. blocking outgoing emails) is not supported.

For passive protection (i.e., auditing outgoing emails), activate Exchange protection.

 

 

How Outlook protection works

Microsoft Outlook protection provides active email protection and remediation.

  1. Activate Outlook protection and deploy the Outlook add-in to the users you want to protect.
  2. Policies configured for Email will start applying to emails sent via web and desktop Outlook.

✍️The processing of sent emails should not take longer than 5 seconds.

  3.  Policies are enforced either by Outlook protection or by Safetica Client, depending on whether the email was sent from a protected or unprotected device.

Outlook protection on company-managed devices

Emails sent via Outlook from a device with installed Safetica Client:

  • Safetica Client evaluates the email and applies appropriate policies.
  • Data classification works as usual and to its full extent. All email attachments, body, and subject are analyzed for sensitive content. Recipients are evaluated (if they belong to safe destinations or not).

Outlook protection on BYOD devices

Emails sent via Outlook from a device without Safetica Client:

  • Outlook protection analyzes the email attachment for sensitive data and applies appropriate policies.
  • General protection: Policies without a specified data classification (i.e. All data policies) work as usual. You can also use Data destinations to specify which domains are safe or untrusted.
  • Specific protection: Outlook protection relies only on Existing classification. No other data classifications are supported.

Example: If a file was previously classified by a tool that added classification identifiers into it (e.g. Microsoft MIP, Boldon James, or Tukan GREENmod), these identifiers will persist even when the file is transferred into the cloud, changed in the cloud, or has never been on a device with Safetica Client. Outlook protection can work with such classifications.

Learn how to check that Outlook protection works correctly and where the Outlook add-in is deployed here.

 

 


Known limitations

🍏 macOS limitations

  • User notifications for Desktop Outlook are in Beta mode. You may experience issues since Microsoft does not officially support the necessary API yet.
  • Relies only on Existing classification.

 

Other known issues

1. Outlook add-in is unavailable

Appears relatively rarely and is probably connected to:

  • using the add-in for the first time in a browser
  • using the add-in for the first time after a browser update

Solution: Click Send anyway.

The email will only be recorded if you have Exchange protection activated.

For emails that should be blocked there is no Send anyway button 

 

2. Email protection for Safetica finished processing

May rarely appear when processing takes longer than 5 seconds. Usually connected to sending larger attachments or temporary issue in the network.

Solution: Click Send.

The email may not be recorded.

For emails that should be blocked, there is no Send button.

 

Read next

Microsoft Outlook protection: Understanding Block (with override)

Activating and deactivating Microsoft Exchange protection

Activating and deactivating Microsoft SharePoint protection

Microsoft SharePoint protection: Protecting file sharing

How to add your Microsoft 365 tenant