Secure email and sending/receiving sensitive information

Our church is in need of a secure method of sending and receiving information from our members. For example, mission trip application forms that are printed out, filled in, and then scanned/attached to an email. The application form has name, address, phone, birthdate, potentially passport ID, etc. Another example, a staff member sends an excel spreadsheet to a travel agent to arrange for international air travel. That spreadsheet has passport ID and birth date information. I’m looking for what others have put into place to secure this type of information. Fax and USPS mail options have been discussed and considered already, but aren’t always workable due to time constraints and deadlines. Your collective input is appreciated. Thank you.

Most of our clients are using Office 365 and we have them setup with the built-in Message Encryption functionality for situations like this.

As Travis mentioned, O365 Message Encryption is part of the solution here, but you should also implement AIP so that all files are tagged and then access can be revoked even if they have been downloaded or otherwise transferred beyond your O365 tenant. AIP comes with your EMS donations from Microsoft.

I have to implement o365 encryption. I spent about 5 seconds on the task and was successfully able to send an encrypted email. The idea is that o365 will encrypt any email containing a keyword that I made up. It worked! HOWEVER people outside our organization get a permissions error when they try to open the email – even if the use a one-time code. According to a quick google search there is a fix for that but I don’t understand it. So, o365 encryption is an option if you can get past the permission error for external users. I’m going to work on that today or Monday. If I learn anything, I’ll post. If anyone has battled the permission error for external users and won, perhaps they can add a reply.

We also use O365 encryption. Works very well!

For most applications the other party has a service. Docusign being the most popular. For stuff within the church, our ChMS has a secure member portal that allows for messaging and upload and download of encrypted documents.

@Isaac Thank you for the feedback. Can you clarify the acronym “EMS”? AIP is Azure Information Protection, correct? Sorry for the newbie questions.

“Enterprise Mobility and Security,” Microsoft donates 50 EMS E3 licenses as part of the Azure donation. EMS is kind of a bundle that has Azure Information Protection (AIP), Azure AD P1, Intune, and Advanced Threat Analytics (ATA). Loads of value in using it, especially if you are looking to do MDM or data-loss prevention.