<ul data-eligibleForWebStory="true"><li>Experts warn that emails with sensitive data are being delivered unencrypted without notification in Microsoft 365 and Google Workspace.</li><li>Microsoft 365 sends emails in plain text when encryption fails without alerting users, while Google Workspace uses insecure TLS versions without warning senders or rejecting messages.</li><li>Default email behaviors in these platforms undermine encryption, posing serious compliance risks, especially for healthcare organizations sending Protected Health Information.</li><li>Despite warnings against outdated TLS protocols, both platforms continue to expose data, risking compliance violations and potential data breaches.</li></ul>

Microsoft 365 and Google Workspace could put sensitive data at risk because of a blind spot in default email behavior

Discover more