Transparent file-based encryption is typically enforced for all applications. That means, that files are being decrypted and passed-on in plain when being read by an application. Therefore files that are encrypted on the disk end up in plain when being attached to an e-mail in Outlook.
This can be prevented by having Outlook excluded from the transparent encryption. In that case, files being attached to an e-mail retain their encryption state and thus encrypted files remain encrypted in the mail too.
This only works using the | Insert | Attach File | option in Outlook (no drag & drop).
First seen in
SafeGuard File Encryption 7.0
SafeGuard File Encryption 6.10.0
SafeGuard File Encryption 6.0
What To Do
We recommend using a policy to have the application excluded (in this case Outlook.exe):
General Settings Policy | Ignored Applications:
- Microsoft Office Outlook 2007: <Program Files>\Microsoft Office\Office12\OUTLOOK.exe
- Microsoft Office Outlook 2010: <Program Files>\Microsoft Office\Office14\OUTLOOK.exe
- Microsoft Office Outlook 2013: <Program Files>\Microsoft Office\Office15\OUTLOOK.exe
Note: Using the <program files> placeholder ensures that the proper path(s) information is added regardless whether the policy is applied on a 32-bit or a 64-bit system.
Note 2: With SGN 6.10 the application name field in the General Settings Policy (Ignored Applications) is case sensitive. This limitation was resolved with SGN 7.