Encryption software is used to protect private information from hackers and other unauthorized individuals. The University of Texas at Dallas employs several methods to protect information through encryption such as computer encryption solutions and Email encryption solutions (EOP and Digital Certificate Encryption). The Email solutions are employed by typing [encrypt] in the subject line of an email to external recipients, automatically when sensitive information is detected in emails to external addresses, or through either a digital certificate between @utdallas.edu email addresses. All UTD Student, Faculty and Staff outgoing email is scanned and will be automatically encrypted if sensitive data is detected. Email Encryption is not available for bulk e-mail and e-mail through bulk delivery systems such as Sympa.

Choose an option below to get started.


Send an encrypted message

There are two primary ways to send encrypted messages. By default if you write an email to an external recipient(s), that contains sensitive data, it will be detected by EOP’s rules and be encrypted when sent.

You can send an encrypted message to an external email address by typing [encrypt] in the Subject line of the email.

Desktop/Browser

You can also send an encrypted message to an external email address by selecting the Protect button in Outlook webmail.

Alternatively:

  • Outlook 2013 or 2016 (Windows)
    1. Create a New Email
    2. Select Options > Permissions
    3. Select the protection option you need
  • Outlook 2019 (Windows)
    1. Create a New Email
    2. Select the Options tab, then More Options, then Security Settings
    3. Select the protection option you need
  • Outlook 2016 (Mac)
    1. Create a New Email
    2. Select Options > Encrypt
    3. An SSO window will popup, sign in with your NetID and password
    4. Select the Encrypt dropdown menu and choose the protection you need

Mobile App

You can send an encrypted message to an external email address, by typing [encrypt] in the Subject line of the email.

Back to Top


Reading a Protected message with Office 365

A message that is encrypted by Office 365 Message Encryption is delivered to a recipient’s inbox just like any other email message. If the recipient has Outlook 2013 or 2016 and an Office 365 email account, they’ll see an alert about the item’s restricted permissions in the Reading pane. After opening the message, the recipient can view the message just like any other.

If the recipient is using another email client or email account, such as Gmail or Yahoo, they’ll see a link that lets them either sign in to read the email message or request a one-time passcode to view the message in a web browser.

Desktop/Browser

Using your UTD email account in Outlook or Outlook webmail, the message will contain a link to view the encrypted message online.

  1. Select the Read the message button
  2. A webpage will load, login with your UTD email account and password
  3. You will be presented with a panel that requests confirmation for Microsoft to access your UTD account. Select Accept, you will then see the content of the encrypted email.

Mobile App

If you have an Office 365 account and you’re using the Outlook mobile app, the encrypted email is from an external address, the message will contain a link to view the encrypted message online.

  1. Tap the Read the message button
  2. A webpage will load, login with your UTD email account and password
  3. You will be presented with a panel that requests confirmation for Microsoft to access your UTD account. Tap Accept, you will then see the content of the encrypted email.

Back to Top


Reading a Protected message with Gmail

Desktop/Browser

  1. Select Click here to read your message.
  2. Select Sign in with Google.
  3. You’ll be redirected to the Gmail sign-in page. Once you sign in, select Allow.
  4. Your protected message will display in a new browser tab. You won’t be able to view the protected message in the Gmail window.

Mobile App

  1. Tap Click here to read your message.
  2. Tap Sign in with… and sign in to your email account.
  3. If you get a request for permissions, tap Yes or Allow to view the message.

Back to Top


Reading a Protected message with a single-use code

Some email clients and services can’t automatically open protected messages. If you have an email account with an on-prem Exchange account or another email provider, you’ll need to obtain a single-use code to read the message.

If you’re not using Outlook with Office 365, your encrypted message will contain a link in the message body.

  1. Select Read the message.
  2. Select how you’d like to sign in to read the message. If your email provider is Google, Yahoo, or Microsoft, you can select Sign in with Google, Yahoo, or Microsoft respectively. Otherwise, select sign in with a one-time passcode.
  3. Once you receive the passcode in an email message, make a note of the passcode, then return to the web page where you requested the passcode and enter the passcode, and select Continue.

Tip: Each passcode expires after 15 minutes. If that happens, or if you can’t open the message for any reason, start over by opening the attachment again and following the steps.

Desktop/Browser

  1. Select Read the message.
  2. You’ll be redirected to a page where you can sign in and receive a single-use code.
  3. Check your email for the single-use code. Enter the code in the browser window, then select Continue to read your message.

Mobile App

  1. Tap Click here to read your message > Sign in with a single-use code.
  2. You’ll be redirected to a page where you can sign in and receive a single-use code.
  3. Check your email for the single-use code and copy it.
  4. Enter the code in your browser, then select Continue to read your message.

Back to Top


Replying to a Protected message

To reply to an encrypted message:

  1. Choose Reply or Reply All.
  2. On the page that appears, type a reply and choose Send. An encrypted copy of your reply message is sent to you.

View and reply to an encrypted message without Office 365 using Outlook for PC

Tip: Each passcode expires after 15 minutes. If that happens, or if you can’t open the message for any reason, start over by opening the attachment again and following the steps.

Back to Top


Encrypting with a Digital Certificate

Before you start this procedure, you must first have added a certificate to the keychain on your computer.

Outlook 2019

  1. Select File, then Options, then Trust Center, then Trust Center Settings.
  2. Select Email Security, then Import/Export.
  3. In the Window that pops up select browse and locate the Digital Certificate you saved from your email.
  4. The Certificate can now be used to encrypt and sign messages.

Back to Top


Enroll for a Digital Certificate

  • In a new tab, open the website https://www.utdallas.edu/infosecurity/certs/
  • Click Enroll for New Digital Certificate
  • Enter your NetID and password. Click on Submit.
  • Next, click Enroll. An email will be sent to your UTD email address. This message may take a while for delivery, so please be patient.
  • Open the email and click on the link provided to proceed in enrolling for your certificate.
  • Create a PIN. This number will be used when you import or export your certificate. Once you have typed your PIN twice, click on Submit.
  • On the final screen, click Download. If you were not asked where to save the certificate, it is most likely in your “Downloads” folder.

Back to Top


Install Digital Certificate in Outlook for Windows

Install the Certificate to your Computer

  • Open the file directory in which you saved your certificate file.
  • Open the certificate file by double clicking on it. This should launch the certificate import wizard.
  • Click Next on the screen until prompted to enter your PIN.
    • Enter the PIN you set when you requested your certificate.
    • Check the Mark this key as exportable
    • Check the Include all extended properties
    • Click Next
  • Click Next
  • Click Finish

Setup the Certificate in Outlook

  • Open Outlook and click the File tab.
  • Click Options and click on Trust Center
  • Select Trust Center Settings near the bottom right.
  • Click Email Security from the left navigation pane.
  • Click Settings
  • For the Signing Certificate, click Choose and select the certificate with the latest expiration date, then click OK
  • For the Encryption Certificate, click Choose and select the certificate with the latest expiration date, then click OK
  • Click OK and close the windows.
  • Next, you will need to Publish Digital Certificate to the GAL

Back to Top


Install Digital Certificate in Outlook for Mac

  • Open Outlook
  • Click Tools
  • Select Accounts
  • Click the Advanced button
  • Click the Security tab
  • Select your certificate from the drop down list under Digital Signing
  • Change Signing Algorithm to SHA-1
  • Select your certificate from the drop down list under Encryption
  • Change the Encryption Algorithm to 3DES
  • Next, you will need to Publish Digital Certificate to the GAL

Back to Top


Publish Digital Certificate to the GAL

  • In a new tab, open the website https://www.utdallas.edu/infosecurity/certs/publish/publish.php
  • Enter your NetID and password. Click on Submit.
  • Click the Browse button and navigate to where your certificate file is saved
  • Select your InCommon certificate file
  • Enter the PIN you created when you downloaded your digital certificate
  • Click the Publish button
  • You should see a success message when your certificate is successfully published to the GAL

Back to Top


Install

Step 1

Get your digital certificate onto your phone.

  • From your desktop pc, send an email to yourself with the digital certificate as an attachment.
  • On your phone, open the email and tap the attached digital certificate.

Step 2

  • Tap Install.
  • Tap Install Now.

Step 3

  • Input phone passcode.

Step 4

  • Tap Install.
  • Tap Install again.

Step 5

  • Enter your certificate password.
  • Tap Next.
  • Tap Done.

Step 6

  • Please delete the email containing your certificate file, and delete it from the folder Deleted Items, as you no longer need it.

Back to Top


Enable – Incoming and Outgoing

Allows you to read incoming encrypted messages and send encrypted messages on your phone.

Step 1

  • Open Settings.

Step 2

  • Tap Mail, Contacts, and Calendars.

Step 3

  • Select your UTD Exchange account.

Step 4

  • Tap Account.

Step 5

  • Tap Advanced Settings.

Step 6

  • Set the S/MIME toggle to ON.

Step 7

  • Tap Sign.
  • Set the toggle to ON.
  • Select your certificate profile.

Step 8

  • Tap Encrypt.
  • Set the toggle to ON.
  • Select your certificate profile.

Back to Top


Uninstall

Step 1

  • Open Settings.
  • Tap General.
  • Tap Profile.

Step 2

  • Select the profile.

Step 3

  • Tap Delete Profile.

Back to Top


Digitally Sign a PDF

  • Install the digital certificate.
  • Open the PDF form you want to sign in Adobe Reader.
  • Click on the space for signature on the form. The Sign Document window will come up. If you receive a form that has no active signature fields:

    • Click on the Tools menu
    • Click on the Certificates icon
    • Click on Digitally Sign.
    • Using your mouse, click and drag to draw the area where you would like the signature to appear. Once you finish dragging out the desired area, you will be taken to the next step of the signing process.
  • Click Sign.
  • The Save As window will come up. Save the form in the location of your choice.

Back to Top