Transparent file-based encryption is typically enforced for all applications. That means, that files are being decrypted and passed-on in plain when being read by an application. Therefore files that are encrypted on the disk end up in plain when being attached to an e-mail in Outlook.
This can be prevented by having Outlook excluded from the transparent encryption. In that case, files being attached to an e-mail retain their encryption state and thus encrypted files remain encrypted in the mail too.
First seen in
SafeGuard File Encryption 7.0
SafeGuard File Encryption 6.10.0
SafeGuard File Encryption 6.0
What To Do
We recommend using a policy to have the application excluded (in this case Outlook.exe):
General Settings Policy | Ignored Applications:
- Microsoft Office Outlook 2007: <Program Files>\Microsoft Office\Office12\OUTLOOK.exe
- Microsoft Office Outlook 2010: <Program Files>\Microsoft Office\Office14\OUTLOOK.exe
- Microsoft Office Outlook 2013: <Program Files>\Microsoft Office\Office15\OUTLOOK.exe
Note: Using the <program files> placeholder ensures that the proper path(s) information is added regardless whether the policy is applied on a 32-bit or a 64-bit system.
Note 2: With SGN 6.10 the application name field in the General Settings Policy (Ignored Applications) is case sensitive. This limitation was resolved with SGN 7.